From: Eby, Robert (re2429) Date: Fri, 1 Feb 2019 18:24:11 +0000 (-0500) Subject: Moving dev branch code to master branch X-Git-Tag: 1.0.0~46 X-Git-Url: https://gerrit.akraino.org/r/gitweb?a=commitdiff_plain;h=8e1d108f64f06572790ee4db71bc1d9dd32e82da;p=yaml_builds.git Moving dev branch code to master branch Change-Id: I656c5a55ef6e420e2b9cb0393a7ac8abdb261540 Signed-off-by: Eby, Robert (re2429) --- diff --git a/dellgen10.yaml b/dellgen10.yaml index d5f0415..0bdf528 100644 --- a/dellgen10.yaml +++ b/dellgen10.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -15,40 +15,47 @@ # limitations under the License. # ############################################################################## -site_name: dell_akraino -ipmi_admin_password: calvin +site_name: dellgen10 +ipmi_admin: + username: root + password: calvin networks: bonded: yes primary: bond0 slaves: - - name: enp135s0f0 - - name: enp135s0f1 + - name: enp94s0f0 + - name: enp94s0f1 oob: vlan: 40 - interface: + interface: cidr: 192.168.41.0/24 routes: gateway: 192.168.41.1 ranges: reserved: start: 192.168.41.2 - end: 192.168.41.4 + end: 192.168.41.12 static: - start: 192.168.41.5 + start: 192.168.41.13 end: 192.168.41.254 host: - vlan: 41 + vlan: 41 interface: bond0.41 cidr: 192.168.2.0/24 + subnet: 192.168.2.0 + netmask: 255.255.255.0 routes: - gateway: 192.168.2.85 + gateway: 192.168.2.200 ranges: reserved: start: 192.168.2.84 end: 192.168.2.86 static: - start: 192.168.2.1 - end: 192.168.2.83 + start: 192.168.2.40 + end: 192.168.2.45 + dns: + domain: lab.akraino.org + servers: '192.168.2.85 8.8.8.8 8.8.4.4' storage: vlan: 42 interface: bond0.42 @@ -65,6 +72,8 @@ networks: interface: eno3 cidr: 172.30.2.0/24 gateway: 172.30.2.1 + routes: + gateway: 172.30.2.40 ranges: reserved: start: 172.30.2.2 @@ -75,6 +84,10 @@ networks: dhcp: start: 172.30.2.201 end: 172.30.2.254 + dns: + domain: lab.akraino.org + servers: '192.168.2.85 8.8.8.8 8.8.4.4' + inf: net4 ksn: vlan: 44 interface: bond0.44 @@ -103,153 +116,158 @@ networks: static: start: 10.0.102.11 end: 10.0.102.254 +dns: + upstream_servers: + - 192.168.2.85 + - 8.8.8.8 + - 8.8.8.8 + upstream_servers_joined: '192.168.2.85,8.8.8.8' + ingress_domain: dellgen10.akraino.org sriovnets: - physical: sriovnet1 - interface: enp135s0f - vlan_start: 100 - vlan_end: 4000 + interface: enp135s0f0 + vlan_start: 2001 + vlan_end: 3000 whitelists: - "0000:87:02.0": "enp135s2" - "0000:87:02.1": "enp135s2f1" - "0000:87:03.2": "enp135s3f2" - "0000:87:03.3": "enp135s3f3" - "0000:87:03.4": "enp135s3f4" - "0000:87:03.5": "enp135s3f5" - "0000:87:03.6": "enp135s3f6" - "0000:87:03.7": "enp135s3f7" - "0000:87:04.0": "enp135s4" - "0000:87:04.1": "enp135s4f1" - "0000:87:04.2": "enp135s4f2" - "0000:87:04.3": "enp135s4f3" - "0000:87:02.2": "enp135s2f2" - "0000:87:04.4": "enp135s4f4" - "0000:87:04.5": "enp135s4f5" - "0000:87:04.6": "enp135s4f6" - "0000:87:04.7": "enp135s4f7" - "0000:87:05.0": "enp135s5" - "0000:87:05.1": "enp135s5f1" - "0000:87:05.2": "enp135s5f2" - "0000:87:05.3": "enp135s5f3" - "0000:87:05.4": "enp135s5f4" - "0000:87:05.5": "enp135s5f5" - "0000:87:02.3": "enp135s2f3" - "0000:87:05.6": "enp135s5f6" - "0000:87:05.7": "enp135s5f7" - "0000:87:02.4": "enp135s2f4" - "0000:87:02.5": "enp135s2f5" - "0000:87:02.6": "enp135s2f6" - "0000:87:02.7": "enp135s2f7" - "0000:87:03.0": "enp135s3" - "0000:87:03.1": "enp135s3f1" - + - "address": "0000:87:02.0" + - "address": "0000:87:02.1" + - "address": "0000:87:03.2" + - "address": "0000:87:03.3" + - "address": "0000:87:03.4" + - "address": "0000:87:03.5" + - "address": "0000:87:03.6" + - "address": "0000:87:03.7" + - "address": "0000:87:04.0" + - "address": "0000:87:04.1" + - "address": "0000:87:04.2" + - "address": "0000:87:04.3" + - "address": "0000:87:02.2" + - "address": "0000:87:04.4" + - "address": "0000:87:04.5" + - "address": "0000:87:04.6" + - "address": "0000:87:04.7" + - "address": "0000:87:05.0" + - "address": "0000:87:05.1" + - "address": "0000:87:05.2" + - "address": "0000:87:05.3" + - "address": "0000:87:05.4" + - "address": "0000:87:05.5" + - "address": "0000:87:02.3" + - "address": "0000:87:05.6" + - "address": "0000:87:05.7" + - "address": "0000:87:02.4" + - "address": "0000:87:02.5" + - "address": "0000:87:02.6" + - "address": "0000:87:02.7" + - "address": "0000:87:03.0" + - "address": "0000:87:03.1" - physical: sriovnet2 interface: enp135s0f1 - vlan_start: 100 - vlan_end: 4000 + vlan_start: 2001 + vlan_end: 3000 whitelists: - "0000:87:0a.0": "enp135s10i" - "0000:87:0a.1": "enp135s10f1" - "0000:87:0b.2": "enp135s11f2" - "0000:87:0b.3": "enp135s11f3" - "0000:87:0b.4": "enp135s11f4" - "0000:87:0b.5": "enp135s11f5" - "0000:87:0b.6": "enp135s11f6" - "0000:87:0b.7": "enp135s11f7" - "0000:87:0c.0": "enp135s12" - "0000:87:0c.1": "enp135s12f1" - "0000:87:0c.2": "enp135s12f2" - "0000:87:0c.3": "enp135s12f3" - "0000:87:0a.2": "enp135s10f2" - "0000:87:0c.4": "enp135s12f4" - "0000:87:0c.5": "enp135s12f5" - "0000:87:0c.6": "enp135s12f6" - "0000:87:0c.7": "enp135s12f7" - "0000:87:0d.0": "enp135s13" - "0000:87:0d.1": "enp135s13f1" - "0000:87:0d.2": "enp135s13f2" - "0000:87:0d.3": "enp135s13f3" - "0000:87:0d.4": "enp135s13f4" - "0000:87:0d.5": "enp135s13f5" - "0000:87:0a.3": "enp135s10f3" - "0000:87:0d.6": "enp135s13f6" - "0000:87:0d.7": "enp135s13f7" - "0000:87:0a.4": "enp135s10f4" - "0000:87:0a.5": "enp135s10f5" - "0000:87:0a.6": "enp135s10f6" - "0000:87:0a.7": "enp135s10f7" - "0000:87:0b.0": "enp135s11" - "0000:87:0b.1": "enp135s11f1" + - "address": "0000:87:0a.0" + - "address": "0000:87:0a.1" + - "address": "0000:87:0b.2" + - "address": "0000:87:0b.3" + - "address": "0000:87:0b.4" + - "address": "0000:87:0b.5" + - "address": "0000:87:0b.6" + - "address": "0000:87:0b.7" + - "address": "0000:87:0c.0" + - "address": "0000:87:0c.1" + - "address": "0000:87:0c.2" + - "address": "0000:87:0c.3" + - "address": "0000:87:0a.2" + - "address": "0000:87:0c.4" + - "address": "0000:87:0c.5" + - "address": "0000:87:0c.6" + - "address": "0000:87:0c.7" + - "address": "0000:87:0d.0" + - "address": "0000:87:0d.1" + - "address": "0000:87:0d.2" + - "address": "0000:87:0d.3" + - "address": "0000:87:0d.4" + - "address": "0000:87:0d.5" + - "address": "0000:87:0a.3" + - "address": "0000:87:0d.6" + - "address": "0000:87:0d.7" + - "address": "0000:87:0a.4" + - "address": "0000:87:0a.5" + - "address": "0000:87:0a.6" + - "address": "0000:87:0a.7" + - "address": "0000:87:0b.0" + - "address": "0000:87:0b.1" storage: osds: + - data: /dev/sda + journal: /var/lib/ceph/journal/journal-sda - data: /dev/sdb - journal: /var/lib/openstack-helm/ceph/journal0/osd/journal-sdb + journal: /var/lib/ceph/journal/journal-sdb - data: /dev/sdc - journal: /var/lib/openstack-helm/ceph/journal1/osd/journal-sdc + journal: /var/lib/ceph/journal/journal-sdc - data: /dev/sdd - journal: /var/lib/openstack-helm/ceph/journal0/osd/journal-sdd + journal: /var/lib/ceph/journal/journal-sdd - data: /dev/sde - journal: /var/lib/openstack-helm/ceph/journal1/osd/journal-sde + journal: /var/lib/ceph/journal/journal-sde - data: /dev/sdf - journal: /var/lib/openstack-helm/ceph/journal0/osd/journal-sdf - - data: /dev/sdg - journal: /var/lib/openstack-helm/ceph/journal1/osd/journal-sdg - - data: /dev/sdg - journal: /var/lib/openstack-helm/ceph/journal0/osd/journal-sdh - - data: /dev/sdi - journal: /var/lib/openstack-helm/ceph/journal1/osd/journal-sdi - - data: /dev/sdk - journal: /var/lib/openstack-helm/ceph/journal0/osd/journal-sdk - osd_count: 9 + journal: /var/lib/ceph/journal/journal-sdf + osd_count: 6 + total_osd_count: 18 genesis: - name: csonjrsv40 + name: aknode40 oob: 192.168.41.40 host: 192.168.2.40 storage: 172.31.2.40 pxe: 172.30.2.40 ksn: 172.29.1.40 neutron: 10.0.102.40 + root_password: akraino,d + oem: Dell + bios_template: dell_r740_g14_uefi_base.xml.template + boot_template: dell_r740_g14_uefi_httpboot.xml.template + http_boot_device: NIC.Slot.2-1-1 masters: - - name : csonjrsv41 - - name : csonjrsv42 -workers: - - name : csonjrsv43 - - name : csonjrsv44 -servers: - - name : csonjrsv41 + - name : aknode41 oob: 192.168.41.41 host: 192.168.2.41 storage: 172.31.2.41 pxe: 172.30.2.41 ksn: 172.29.1.41 neutron: 10.0.102.41 - - name : csonjrsv42 + oob_user: root + oob_password: calvin + - name : aknode42 oob: 192.168.41.42 host: 192.168.2.42 storage: 172.31.2.42 pxe: 172.30.2.42 ksn: 172.29.1.42 neutron: 10.0.102.42 - - name : csonjrsv43 - oob: 192.168.41.43 - host: 192.168.2.43 - storage: 172.31.2.43 - pxe: 172.30.2.43 - ksn: 172.29.1.43 - neutron: 10.0.102.43 - - name : csonjrsv44 - oob: 192.168.41.44 - host: 192.168.2.44 - storage: 172.31.2.44 - pxe: 172.30.2.44 - ksn: 172.29.1.44 - neutron: 10.0.102.44 + oob_user: root + oob_password: calvin +#workers: +# - name : aknode43 +# oob: 192.168.41.43 +# host: 192.168.2.43 +# storage: 172.31.2.43 +# pxe: 172.30.2.43 +# ksn: 172.29.1.43 +# neutron: 10.0.102.43 +# - name : aknode44 +# oob: 192.168.41.44 +# host: 192.168.2.44 +# storage: 172.31.2.44 +# pxe: 172.30.2.44 +# ksn: 172.29.1.44 +# neutron: 10.0.102.44 hardware: vendor: DELL generation: '10' hw_version: '3' bios_version: '2.8' disks: - - name : sdj + - name : sdg labels: bootdrive: 'true' partitions: @@ -262,16 +280,30 @@ disks: - name: var size: 100g mountpoint: /var - - name : sdb + - name : sdh partitions: - - name: cephj0 - size: 100g - mountpoint: /var/lib/openstack-helm/ceph/journal0 - - name : sdc + - name: ceph + size: 300g + mountpoint: /var/lib/ceph/journal +disks_compute: + - name : sdg + labels: + bootdrive: 'true' partitions: - - name: cephj1 - size: 100g - mountpoint: /var/lib/openstack-helm/ceph/journal1 + - name: root + size: 20g + mountpoint: / + - name: boot + size: 1g + mountpoint: /boot + - name: var + size: '>300g' + mountpoint: /var + - name : sdh + partitions: + - name: nova + size: '99%' + mountpoint: /var/lib/nova genesis_ssh_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/n4mNLAj3XKG2fcm+8eVe0NUlNH0g8DA8KJ53rSLKccm8gm4UgLmGOJyBfUloQZMuOpU6a+hexN4ECCliqI7+KUmgJgsvLkJ3OUMNTEVu9tDX5mdXeffsufaqFkAdmbJ/9PMPiPQ3/UqbbtyEcqoZAwUWf4ggAWSp00SGE1Okg+skPSbDzPVHb4810eXZT1yoIg29HAenJNNrsVxvnMT2kw2OYmLfxgEUh1Ev4c5LnUog4GXBDHQtHAwaIoTu9s/q8VIvGav62RJVFn3U1D0jkiwDLSIFn8ezORQ4YkSidwdSrtqsqa2TJ0E5w/n5h5IVGO9neY8YlXrgynLd4Y+7 root@pocnjrsv132" kubernetes: api_service_ip: 10.96.0.1 diff --git a/hpgen10.yaml b/hpgen10.yaml new file mode 100644 index 0000000..a2aff22 --- /dev/null +++ b/hpgen10.yaml @@ -0,0 +1,316 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +site_name: hpgen10 +ipmi_admin: + username: Administrator + password: Admin123 +networks: + bonded: yes + primary: bond0 + slaves: + - name: ens3f0 + - name: ens3f1 + oob: + vlan: 40 + interface: + cidr: 192.168.41.0/24 + routes: + gateway: 192.168.41.1 + ranges: + reserved: + start: 192.168.41.2 + end: 192.168.41.4 + static: + start: 192.168.41.5 + end: 192.168.41.254 + host: + vlan: 41 + interface: bond0.41 + cidr: 192.168.2.0/24 + subnet: 192.168.2.0 + netmask: 255.255.255.0 + routes: + gateway: 192.168.2.200 + ranges: + reserved: + start: 192.168.2.84 + end: 192.168.2.86 + static: + start: 192.168.2.1 + end: 192.168.2.83 + dns: + domain: lab.akraino.org + servers: '192.168.2.85 8.8.8.8 8.8.4.4' + storage: + vlan: 42 + interface: bond0.42 + cidr: 172.31.1.0/24 + ranges: + static: + start: 172.31.1.2 + end: 172.31.1.254 + pxe: + vlan: + interface: eno1 + cidr: 172.30.1.0/24 + gateway: 172.30.1.1 + routes: + gateway: 172.30.1.30 + ranges: + reserved: + start: 172.30.1.1 + end: 172.30.1.10 + static: + start: 172.30.1.11 + end: 172.30.1.200 + dhcp: + start: 172.30.1.201 + end: 172.30.1.254 + dns: + domain: lab.akraino.org + servers: '192.168.2.85 8.8.8.8 8.8.4.4' + inf: net4 + ksn: + vlan: 44 + interface: bond0.44 + cidr: 172.29.1.0/24 + local_asnumber: 65531 + ranges: + static: + start: 172.29.1.5 + end: 172.29.1.254 + additional_cidrs: + - 172.29.1.136/29 + ingress_cidr: 172.29.1.137/32 + peers: + - ip: 172.29.1.1 + scope: global + asnumber: 65001 + vrrp_ip: 172.29.1.1 # keep peers ip address in case of only peer. + neutron: + vlan: 45 + interface: bond0.45 + cidr: 10.0.101.0/24 + ranges: + static: + start: 10.0.101.2 + end: 10.0.101.254 +dns: + upstream_servers: + - 192.168.2.85 + - 8.8.8.8 + - 8.8.8.8 + upstream_servers_joined: '192.168.2.85,8.8.8.8' + ingress_domain: hpgen10.akraino.org +sriovnets: +- physical: sriovnet1 + interface: ens6f0 + vlan_start: 2001 + vlan_end: 3000 + whitelists: + - "address": "0000:af:02.0" + - "address": "0000:af:02.1" + - "address": "0000:af:02.2" + - "address": "0000:af:02.3" + - "address": "0000:af:02.4" + - "address": "0000:af:02.5" + - "address": "0000:af:02.6" + - "address": "0000:af:02.7" + - "address": "0000:af:03.0" + - "address": "0000:af:03.1" + - "address": "0000:af:03.2" + - "address": "0000:af:03.3" + - "address": "0000:af:03.4" + - "address": "0000:af:03.5" + - "address": "0000:af:03.6" + - "address": "0000:af:03.7" + - "address": "0000:af:04.0" + - "address": "0000:af:04.1" + - "address": "0000:af:04.2" + - "address": "0000:af:04.3" + - "address": "0000:af:04.4" + - "address": "0000:af:04.5" + - "address": "0000:af:04.6" + - "address": "0000:af:04.7" + - "address": "0000:af:05.0" + - "address": "0000:af:05.1" + - "address": "0000:af:05.2" + - "address": "0000:af:05.3" + - "address": "0000:af:05.4" + - "address": "0000:af:05.5" + - "address": "0000:af:05.6" + - "address": "0000:af:05.7" +- physical: sriovnet2 + interface: ens6f1 + vlan_start: 2001 + vlan_end: 3000 + whitelists: + - "address": "0000:af:0a.0" + - "address": "0000:af:0a.1" + - "address": "0000:af:0a.2" + - "address": "0000:af:0a.3" + - "address": "0000:af:0a.4" + - "address": "0000:af:0a.5" + - "address": "0000:af:0a.6" + - "address": "0000:af:0a.7" + - "address": "0000:af:0b.0" + - "address": "0000:af:0b.1" + - "address": "0000:af:0b.2" + - "address": "0000:af:0b.3" + - "address": "0000:af:0b.4" + - "address": "0000:af:0b.5" + - "address": "0000:af:0b.6" + - "address": "0000:af:0b.7" + - "address": "0000:af:0c.0" + - "address": "0000:af:0c.1" + - "address": "0000:af:0c.2" + - "address": "0000:af:0c.3" + - "address": "0000:af:0c.4" + - "address": "0000:af:0c.5" + - "address": "0000:af:0c.6" + - "address": "0000:af:0c.7" + - "address": "0000:af:0d.0" + - "address": "0000:af:0d.1" + - "address": "0000:af:0d.2" + - "address": "0000:af:0d.3" + - "address": "0000:af:0d.4" + - "address": "0000:af:0d.5" + - "address": "0000:af:0d.6" + - "address": "0000:af:0d.7" +storage: + osds: + - data: /dev/sdb + journal: /var/lib/ceph/journal/journal-sdb + - data: /dev/sdc + journal: /var/lib/ceph/journal/journal-sdc + - data: /dev/sdd + journal: /var/lib/ceph/journal/journal-sdd + - data: /dev/sde + journal: /var/lib/ceph/journal/journal-sde + - data: /dev/sdf + journal: /var/lib/ceph/journal/journal-sdf + - data: /dev/sdg + journal: /var/lib/ceph/journal/journal-sdg + - data: /dev/sdh + journal: /var/lib/ceph/journal/journal-sdh + - data: /dev/sdi + journal: /var/lib/ceph/journal/journal-sdi + osd_count: 8 + total_osd_count: 24 +genesis: + name: aknode30 + oob: 192.168.41.130 + host: 192.168.2.30 + storage: 172.31.1.30 + pxe: 172.30.1.30 + ksn: 172.29.1.30 + neutron: 10.0.101.30 + root_password: akraino,d + oem: HPE + mac_address: 3c:fd:fe:aa:90:b0 + bios_template: hpe_dl380_g10_uefi_base.json.template + boot_template: hpe_dl380_g10_uefi_httpboot.json.template + http_boot_device: NIC.Slot.3-1-1 +masters: + - name : aknode31 + oob: 192.168.41.131 + host: 192.168.2.31 + storage: 172.31.1.31 + pxe: 172.30.1.31 + ksn: 172.29.1.31 + neutron: 10.0.101.31 + oob_user: Administrator + oob_password: Admin123 + - name : aknode32 + oob: 192.168.41.132 + host: 192.168.2.32 + storage: 172.31.1.32 + pxe: 172.30.1.32 + ksn: 172.29.1.32 + neutron: 10.0.101.32 + oob_user: Administrator + oob_password: Admin123 +#workers: +# - name : aknode33 +# oob: 192.168.41.133 +# host: 192.168.2.33 +# storage: 172.31.1.33 +# pxe: 172.30.1.33 +# ksn: 172.29.1.33 +# neutron: 10.0.101.33 +# oob_user: Administrator +# oob_password: Admin123 +# - name : aknode34 +# oob: 192.168.41.134 +# host: 192.168.2.34 +# storage: 172.31.1.34 +# pxe: 172.30.1.34 +# ksn: 172.29.1.34 +# neutron: 10.0.101.34 +hardware: + vendor: HP + generation: '10' + hw_version: '3' + bios_version: '2.8' +disks: + - name : sdj + labels: + bootdrive: 'true' + partitions: + - name: root + size: 20g + mountpoint: / + - name: boot + size: 1g + mountpoint: /boot + - name: var + size: '>300g' + mountpoint: /var + - name : sdk + partitions: + - name: cephj + size: 300g + mountpoint: /var/lib/ceph/journal +disks_compute: + - name : sdj + labels: + bootdrive: 'true' + partitions: + - name: root + size: 20g + mountpoint: / + - name: boot + size: 1g + mountpoint: /boot + - name: var + size: '>300g' + mountpoint: /var + - name : sdk + partitions: + - name: nova + size: '99%' + mountpoint: /var/lib/nova +genesis_ssh_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/n4mNLAj3XKG2fcm+8eVe0NUlNH0g8DA8KJ53rSLKccm8gm4UgLmGOJyBfUloQZMuOpU6a+hexN4ECCliqI7+KUmgJgsvLkJ3OUMNTEVu9tDX5mdXeffsufaqFkAdmbJ/9PMPiPQ3/UqbbtyEcqoZAwUWf4ggAWSp00SGE1Okg+skPSbDzPVHb4810eXZT1yoIg29HAenJNNrsVxvnMT2kw2OYmLfxgEUh1Ev4c5LnUog4GXBDHQtHAwaIoTu9s/q8VIvGav62RJVFn3U1D0jkiwDLSIFn8ezORQ4YkSidwdSrtqsqa2TJ0E5w/n5h5IVGO9neY8YlXrgynLd4Y+7 root@pocnjrsv132" +kubernetes: + api_service_ip: 10.96.0.1 + etcd_service_ip: 10.96.0.2 + pod_cidr: 10.99.0.0/16 + service_cidr: 10.96.0.0/14 +regional_server: + ip: 135.16.101.85 +... diff --git a/scripts/jcopy.py b/scripts/jcopy.py index fb3f21e..ac89508 100755 --- a/scripts/jcopy.py +++ b/scripts/jcopy.py @@ -1,6 +1,6 @@ #!/usr/bin/python ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -55,22 +55,21 @@ def expand_files(target_dir, dir_name, files): print '{0} -> {1}'.format(source_path, target_path) total += 1 -def expand_file(target_dir, file): +def expand_file(target_file, file): global total - if not os.path.exists(target_dir): - os.makedirs(target_dir) + if not os.path.exists(os.path.dirname(target_file)): + os.makedirs(os.path.dirname(target_file)) env = jinja2.Environment() env.trim_blocks = True env.lstrip_blocks = True with open(file) as fd: template = env.from_string(fd.read()) data = template.render(yaml=yaml) - target_path = target_dir + '/' + os.path.basename(file) - fd2 = open(target_path,'w') + fd2 = open(target_file,'w') fd2.write(data) fd2.write("\n") fd2.close() - print '{0} -> {1}'.format(file, target_path) + print '{0} -> {1}'.format(file, target_file) total += 1 if len(sys.argv) != 4: diff --git a/scripts/update_bios_settings.py b/scripts/update_bios_settings.py new file mode 100644 index 0000000..f15c07b --- /dev/null +++ b/scripts/update_bios_settings.py @@ -0,0 +1,99 @@ +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +import os +import sys +import yaml +import jinja2 +import subprocess + +with open(sys.argv[1]) as f: + yaml = yaml.safe_load(f) + +def create_rc_genesis(source, target_suffix): + env = jinja2.Environment() + env.trim_blocks = True + env.lstrip_blocks = True + + with open(source) as fd: + template = env.from_string(fd.read()) + data = template.render(yaml=yaml) + target_file = yaml['genesis']['name']+target_suffix + fd2 = open(target_file,'w') + fd2.write(data) + fd2.write("\n") + fd2.close() + print '{0} -> {1}'.format(source, target_file) + +def create_rc_masters(source, target_suffix): + env = jinja2.Environment() + env.trim_blocks = True + env.lstrip_blocks = True + + for master in yaml['masters']: + with open(source) as fd: + template = env.from_string(fd.read()) + data = template.render(yaml=master) + target_file = "server-config/"+master['name']+target_suffix + print target_file + if os.path.exists(target_file): + print 'rc file exists maynot be new node' + continue + if not os.path.exists(os.path.dirname(target_file)): + os.makedirs(os.path.dirname(target_file)) + fd2 = open(target_file,'w') + fd2.write(data) + fd2.write("\n") + fd2.close() + print '{0} -> {1}'.format(source, target_file) + command = '/opt/akraino/tools/apply_dellxml.sh --rc {0} --template dell_r740_g14_uefi_base.xml.template --no-confirm'.format(target_file) + print 'command: {0}'.format(command) + os.system(command) + +def create_rc_workers(source, target_suffix): + env = jinja2.Environment() + env.trim_blocks = True + env.lstrip_blocks = True + + if 'workers' in yaml: + for master in yaml['workers']: + with open(source) as fd: + template = env.from_string(fd.read()) + data = template.render(yaml=master) + target_file = "server-config/"+master['name']+target_suffix + print target_file + if os.path.exists(target_file): + print 'rc file exists maynot be new node' + continue + if not os.path.exists(os.path.dirname(target_file)): + os.makedirs(os.path.dirname(target_file)) + fd2 = open(target_file,'w') + fd2.write(data) + fd2.write("\n") + fd2.close() + print '{0} -> {1}'.format(source, target_file) + command = '/opt/akraino/tools/apply_dellxml.sh --rc {0} --template dell_r740_g14_uefi_base.xml.template --no-confirm'.format(target_file) + print 'command: {0}'.format(command) + os.system(command) + +if len(sys.argv) != 2: + print 'usage: update_bios_settings.py ' + sys.exit(1) + +#create_rc_genesis("tools/j2/serverrc.j2", "rc") +create_rc_masters("tools/j2/serverrc_raid.j2", "rc.raid") +create_rc_workers("tools/j2/serverrc_raid.j2", "rc.raid") + diff --git a/site/site30/deployment/deployment-configuration.yaml b/site/common/deployment/deployment-configuration.yaml similarity index 94% rename from site/site30/deployment/deployment-configuration.yaml rename to site/common/deployment/deployment-configuration.yaml index 41c4162..22fae54 100644 --- a/site/site30/deployment/deployment-configuration.yaml +++ b/site/common/deployment/deployment-configuration.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/profiles/genesis.yaml b/site/common/profiles/genesis.yaml similarity index 89% rename from site/site30/profiles/genesis.yaml rename to site/common/profiles/genesis.yaml index 66a411b..408374e 100644 --- a/site/site30/profiles/genesis.yaml +++ b/site/common/profiles/genesis.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -50,8 +50,9 @@ data: - ucp-control-plane=enabled - maas-control-plane=enabled - ceph-osd-bootstrap=enabled -# - openstack-libvirt=kernel -# - openvswitch=enabled -# - openstack-control-plane=enabled -# - openstack-nova-compute=enabled + - openstack-libvirt=kernel + - openvswitch=enabled + - openstack-control-plane=enabled + - openstack-nova-compute=enabled + - sriov=enabled ... diff --git a/site/common/secrets/certificates/ingress.yaml b/site/common/secrets/certificates/ingress.yaml new file mode 100644 index 0000000..6c111e8 --- /dev/null +++ b/site/common/secrets/certificates/ingress.yaml @@ -0,0 +1,144 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +# self-signed certifacte generated based on +# https://libvirt.org/remote.html#Remote_certificates +metadata: + layeringDefinition: + abstract: false + layer: site + name: ingress-crt + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +data: | + -----BEGIN CERTIFICATE----- + MIIFKzCCA5OgAwIBAgIMW2h6FCcFdKeaw3vnMA0GCSqGSIb3DQEBCwUAMBIxEDAO + BgNVBAMTB0FpcnNoaXAwHhcNMTgwODA2MTY0MDUyWhcNMTkwODA2MTY0MDUyWjBJ + MTUwMwYDVQQDEyxpbmdyZXNzLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3Vu + ZHJ5LmNvbTEQMA4GA1UEChMHQWlyc2hpcDCCAaIwDQYJKoZIhvcNAQEBBQADggGP + ADCCAYoCggGBALvNHm/G/ylh6aPcvrhOcb4qz1BjcNtnxH8bzZng/rMeX3W2AzjC + r2JloJcDvOLBp/TkLOZPImnFW2/GCwktxPgXZuBTPzFV50g77KsPFw0fn3Si7+bs + F22tLhdOGk6MQj/WW4pKGHqdw1/VbPwOHBT+I4/scR1L2SZxYtSFIKGenHJH+PMV + bCdwnNOR80F8KRzK5iZs/r6S/QqVheieARSWWnk2+TtkM1BloGOhLSd+ZkWh9VO1 + eOnZowkaDAJwD/G6zoSr5n+beaXzDnEcoVXFSwd4FLoV+om77o92XmZ4rVw0vTMO + k6jVwmkdT+dM2K2hLUG/TXWoV2/Qms70gzDOs85RtAkTPe4Ohtdpr51Q0hd35TKG + YLKzX/OPblD68iYJYSBvMPpAVTbFYVPW1AQx8wWfannYbMoeL8XTEOKfkqm90YP9 + EhIdtmw4D7GZxlzG5FXXutmT9sqLfqlRu/RynAhBP8NQvw74WumhOe8r7GhCwgzC + gaPLGjeekoS6LQIDAQABo4IBSDCCAUQwDAYDVR0TAQH/BAIwADCBzQYDVR0RBIHF + MIHCgixpbmdyZXNzLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3VuZHJ5LmNv + bYIta2V5c3RvbmUuYWlyc2hpcC1zZWF3b3J0aHkuYXRsYW50YWZvdW5kcnkuY29t + gilub3ZhLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3VuZHJ5LmNvbYIsaG9y + aXpvbi5haXJzaGlwLXNlYXdvcnRoeS5hdGxhbnRhZm91bmRyeS5jb22HBAoXFQuH + BAoXFgswEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0PAQH/BAUDAwegADAdBgNV + HQ4EFgQUfTAjNgn/1U1Uh1MJDYT2m4dzhsYwHwYDVR0jBBgwFoAUJFuXPZo6RzfE + BlJjnnk5jhcP4wIwDQYJKoZIhvcNAQELBQADggGBAE2ISWmrxqrledJI3aLaS9Yw + WsZc8O8CnIyLoxrE85vUubFjuI9ixC/6dJxl2iB1n0H8JgmFREox32Q4+kDJI8V/ + X9x0PFpRzL7QEPrLZhW94Yis3sOphLW0rf0t06ZepdHHeodYJu1pVMDmLq6bKXdX + vo+/WwKnZBXC1qPbXJByv/CN9MtViXOnBGORFRTJPb6U8379LNWclJ/LW12yTwNk + JGIbZU61Vxu+2nLIabmmRoODH2jomgMOMMzLgjT3Hvw3whe8GrUoxDiPYQVTDGNm + ly6m+5B1Nx06fkZazonozeaOhSQ7RblUSbo+w8TJmLRzD9ft7p4vpjBGxRADMcuF + DOjATgdZeisBUHTGEO0P6wJOBQuCFMX9AVl+u8ZpcuRaRaN+pBE6/BqcHBB6qV/N + w2DdNtP8BrJ3kJVNEDIo5oTbH5SToxgA4hWBV42M1rB+5vIMDKN3rwVDdNKWYhYc + VZpU3V9V6JzSW1O2w4Wu9PdbWJD9oSvC0qJgnjOXzg== + -----END CERTIFICATE----- +... +--- +metadata: + layeringDefinition: + abstract: false + layer: site + name: ingress-ca + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateAuthority/v1 +data: | + -----BEGIN CERTIFICATE----- + MIID7TCCAlWgAwIBAgIMW2h3tgSwie0Ypx8eMA0GCSqGSIb3DQEBCwUAMBIxEDAO + BgNVBAMTB0FpcnNoaXAwHhcNMTgwODA2MTYzMDQ2WhcNMTkwODA2MTYzMDQ2WjAS + MRAwDgYDVQQDEwdBaXJzaGlwMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKC + AYEAny0Nqu9U2tXdCCTNzD2T62htMmBLg3CmzWajfbfFl7ALqzo3HgbbY3PxTHDE + OJ/lwdm0HkEaGfEDXhJd06WZsa8+fKGqhKXvZXwXx5mJ8LCGxz6xiaxwo9lnKe6V + o3YX7bJ5YIVxQ2jhvZo+dY8Z/buloi2Tp2HbqTejKULH9+qdiQTDXAnyR0NLqzJ0 + YQ4v4yU3zix3nBi8z29lQekGO9quNEka3nw2n0Gxmq5z1bNALGCF5F759mVkB0uT + fPGF+zm9eqlqAgduYg7R+JYUumVHvIoRY454GtAdZHTJHJZP0gQSGJsLff8ROFpI + GVYsOZhJXU9Ihc5VBC5PMErbmCn0YkuxAWNOYBstZ8l+uY6YiPoFV5Ulc/8M0If+ + T6jbqzWoFC+4ysgY95RKOw53S4o/T6AFwiIKIw0xp3UfHCf6kr5Y0+XdDn5CXpJB + d1KK3PoUWzPSsxcUMXvgKWT4x1vsCId21dn1SmVSOEBhM08VZfjd5bvL9Xjt/E0j + mUqDAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcEADAd + BgNVHQ4EFgQUJFuXPZo6RzfEBlJjnnk5jhcP4wIwDQYJKoZIhvcNAQELBQADggGB + AJaoEtnDoWUUs4nSSqIGcoCfpIO0oqVp8DvkBOcxz5Rz8vMVJSC24/UnuCD2Wknx + 2V/E3edXIeRo7duhPtNCT7c8OKY/pJsZQTgOczn4rphoD1pmAIPZmpG6ssPadPiM + EP8xWJHZt8NXG7D5kJX2COvBvgNeWXL6MF7Tv8+t5xzt59Vitdb/7lm9Z6jjpvN+ + zoG0pKx3XYESsnLAVAf00F+kWwds/3x3gQywUAQUDER0jliYUE5id+sojp357Cl9 + XtY+8zSnTduuP8CfMhwv5p6j9xbqacfT7AzpQ6cy4xcQ7MA6JBQcxbaq4NtvIf6+ + d/5N9d8LGnfXdCd9iwNy9Qk23Ea0SNhnk9F/NqGBPakU4TbHh4iTYMC/+hDGInpO + TIRelTidNBFNaIBg3Z0vsh0lDwbt/xhpXip+ZVBqKMTtktEceiVGru9cYUQA2tKI + XNoc5s0uQGMpdFzgED4lXZf+n7yGVMKohvi7Yn96HqujGIrVH6qThsI6m7pUSz40 + +g== + -----END CERTIFICATE----- +... +--- +metadata: + layeringDefinition: + abstract: false + layer: site + name: ingress-key + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIG4wIBAAKCAYEAu80eb8b/KWHpo9y+uE5xvirPUGNw22fEfxvNmeD+sx5fdbYD + OMKvYmWglwO84sGn9OQs5k8iacVbb8YLCS3E+Bdm4FM/MVXnSDvsqw8XDR+fdKLv + 5uwXba0uF04aToxCP9ZbikoYep3DX9Vs/A4cFP4jj+xxHUvZJnFi1IUgoZ6cckf4 + 8xVsJ3Cc05HzQXwpHMrmJmz+vpL9CpWF6J4BFJZaeTb5O2QzUGWgY6EtJ35mRaH1 + U7V46dmjCRoMAnAP8brOhKvmf5t5pfMOcRyhVcVLB3gUuhX6ibvuj3ZeZnitXDS9 + Mw6TqNXCaR1P50zYraEtQb9NdahXb9CazvSDMM6zzlG0CRM97g6G12mvnVDSF3fl + MoZgsrNf849uUPryJglhIG8w+kBVNsVhU9bUBDHzBZ9qedhsyh4vxdMQ4p+Sqb3R + g/0SEh22bDgPsZnGXMbkVde62ZP2yot+qVG79HKcCEE/w1C/Dvha6aE57yvsaELC + DMKBo8saN56ShLotAgMBAAECggGAYzZDhA1+sx/0zApL/xYB5NK83t0Ju/8fwX6w + qUBBjeLXz1mubgf7m2HQ6ragzLI9xpPcXHcl2PbYDT50ig7R5baHNK8FzUxyeKif + qOa56Mbx+C4zyqyi2+AHX2x1XVWfkhXuGip2sCA0HKalgqr5juWLZ/ci8rUlLLft + 3BPQX1FpmL4I+HIyxsspLmQGPGwZVAqkd1xRX+BLKZJAQdlm/LdJaIvwMr4Glcx6 + ZOe68QhHgzXCYsyV6gR9qstF2OvVuLa2mUc7EzYInFIFhXUdAAwmDqkuuLRdRQhf + Ur8nqQW33T0cG0GBUzgBI5YmSPJvTSzcPmeSyNVx2/Yb0pkuXtCw67oDcAsN4nW8 + uls49E2RaiLJYsy5vPsX5aJNcAxw/CWLdadQ3ukviD/MDJbpTl4F52GOVYL6K4XH + g5TJjj7xzjmK3ldR/Kscg7HpCitQLGUYdgIsAFdspXf4aSIa68IjDrc5NsJZuMzc + PbVHrw7QYNfHY7VNdUlOVqH5lS3BAoHBANRqKrQXtnJmM006TCEJXdcN/5M685jz + +L4Ox0Rhrq8ROgcN5q/hjKb6kP/MccQ9voGQOl9TKEyinGNdTtyc/fuH7RNlQwpS + HT+vEzVEcrSe8UFs8c6oJnHFO72ylFcibFf56LvbI3L8BZXp7gPSPQkp5f1NWEZk + X5bUL4UNiOm0diltba/ofxywF0M9WGD00eqi0Q29JRlvun+355j06CENxRoonNZC + wk1evIxhhckP9zLjI2Ykb1hV6yzwPWtmyQKBwQDiVgru/B396KhzDhLl5AL+pBWA + GsfiCbmPLh6W6V5VzldB4+GlMRrJ4zSjZQ3/nvX5KepqjMn1N6LQpZQUI/YShCKE + mW0XMiAfbp2d23MRMjLD8L/bIoBHQOPkCaMjbmyDOlCagWakEvHJO/TieVgTmYk6 + mtEYVjJFWI9OCNMAHdl8ovWr3p+8YbVZ8LLv5ZO/V1cIjczoNQ6p8LG/pPMTDLXM + ScN9a8z3f8LQLBHBlu0155xvt95PQLAon/x21kUCgcAvPVk36hoiQQZhw3hQ1JNx + E2TmanLobkHAiurYE11VA+DC1t2Z+fBc5la+/MnEWfL3P4srzgOlX3imRIcYWzXE + 7crUyG1ray2kDxyXeRyFfN+srDzut8is/q81lfSVmEs+GY8f0DGHDfN0Dq1nXidC + 1XWXqs7aANKdaZ0T2xm61+57ciG1wGAckjDqPEdecLQKmaEijBEnIgj5BH5WLwk8 + 6KIQGj4fDIPHzyzhj4LAX3ObdpZVzf6RR7JgsSEHtLkCgcBROW2dDC87MqZY++D+ + TVBhz8LDgVjgHntQDc3+fGtVQcKAq+YLYU7qyrXWOWrHpGVDcK5mZHYJoVi1peY5 + QBqL1I2KpoDGxT9P6GN6BgoKTsh3FsvTOVNtvrTJ3keEbJlWkrPgbrXGBeJtRC4C + pGdeSUg9FtgY8r4BsuFisLoAHbYyC008y5zpfusVBtNAUlQuY4qhUDoLzxafF/jB + /NEasgH/+SzFss0QuPHRwS7yGVaxdJfoY8TNDjrpqVhx0T0CgcEAvKG4UoWvT8gJ + pIeeAxxnv9yrMxgpntu4RXPDHgfX5tva6EaM3r3nLXjd9FVtlQ4cNBMhp9HNhS3a + dK+oEDcBysVxxfltlS2Bx0+gQf3WxgBCJwayKe3i/XCDza92EENgxTPmqB1LHiq5 + 2b5aOl2Y5fP0eX6UryxRc443c/ejMHw4lGwnno0qpRk9M9Ucqv5J96QCfAlBSQQS + gOG9cypL0kBWzCejn9W4av8HkM8Noqd7Tqul1onv/46OBaX51kt3 + -----END RSA PRIVATE KEY----- +... diff --git a/site/site30/secrets/passphrases/ceph_fsid.yaml b/site/common/secrets/passphrases/ceph_fsid.yaml similarity index 94% rename from site/site30/secrets/passphrases/ceph_fsid.yaml rename to site/common/secrets/passphrases/ceph_fsid.yaml index 3b8385b..08c4388 100644 --- a/site/site30/secrets/passphrases/ceph_fsid.yaml +++ b/site/common/secrets/passphrases/ceph_fsid.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/ceph_swift_keystone_password.yaml b/site/common/secrets/passphrases/ceph_swift_keystone_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/ceph_swift_keystone_password.yaml rename to site/common/secrets/passphrases/ceph_swift_keystone_password.yaml index 564669e..043a560 100644 --- a/site/site30/secrets/passphrases/ceph_swift_keystone_password.yaml +++ b/site/common/secrets/passphrases/ceph_swift_keystone_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/maas_region_secret.yaml b/site/common/secrets/passphrases/maas_region_secret.yaml similarity index 94% rename from site/site30/secrets/passphrases/maas_region_secret.yaml rename to site/common/secrets/passphrases/maas_region_secret.yaml index c2dc167..f1a59f4 100644 --- a/site/site30/secrets/passphrases/maas_region_secret.yaml +++ b/site/common/secrets/passphrases/maas_region_secret.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_barbican_oslo_db_password.yaml b/site/common/secrets/passphrases/osh_barbican_oslo_db_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_barbican_oslo_db_password.yaml rename to site/common/secrets/passphrases/osh_barbican_oslo_db_password.yaml index d677a51..469ff36 100644 --- a/site/site30/secrets/passphrases/osh_barbican_oslo_db_password.yaml +++ b/site/common/secrets/passphrases/osh_barbican_oslo_db_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_barbican_oslo_messaging_admin_password.yaml b/site/common/secrets/passphrases/osh_barbican_oslo_messaging_admin_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_barbican_oslo_messaging_admin_password.yaml rename to site/common/secrets/passphrases/osh_barbican_oslo_messaging_admin_password.yaml index 754d504..237f6ac 100644 --- a/site/site30/secrets/passphrases/osh_barbican_oslo_messaging_admin_password.yaml +++ b/site/common/secrets/passphrases/osh_barbican_oslo_messaging_admin_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_barbican_oslo_messaging_password.yaml b/site/common/secrets/passphrases/osh_barbican_oslo_messaging_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_barbican_oslo_messaging_password.yaml rename to site/common/secrets/passphrases/osh_barbican_oslo_messaging_password.yaml index 7a19639..b0b1203 100644 --- a/site/site30/secrets/passphrases/osh_barbican_oslo_messaging_password.yaml +++ b/site/common/secrets/passphrases/osh_barbican_oslo_messaging_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_barbican_password.yaml b/site/common/secrets/passphrases/osh_barbican_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_barbican_password.yaml rename to site/common/secrets/passphrases/osh_barbican_password.yaml index 06f27f4..b6b898e 100644 --- a/site/site30/secrets/passphrases/osh_barbican_password.yaml +++ b/site/common/secrets/passphrases/osh_barbican_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_barbican_rabbitmq_erlang_cookie.yaml b/site/common/secrets/passphrases/osh_barbican_rabbitmq_erlang_cookie.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_barbican_rabbitmq_erlang_cookie.yaml rename to site/common/secrets/passphrases/osh_barbican_rabbitmq_erlang_cookie.yaml index 5cff226..8d4896e 100644 --- a/site/site30/secrets/passphrases/osh_barbican_rabbitmq_erlang_cookie.yaml +++ b/site/common/secrets/passphrases/osh_barbican_rabbitmq_erlang_cookie.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_cinder_oslo_db_password.yaml b/site/common/secrets/passphrases/osh_cinder_oslo_db_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_cinder_oslo_db_password.yaml rename to site/common/secrets/passphrases/osh_cinder_oslo_db_password.yaml index 50ea246..f746a53 100644 --- a/site/site30/secrets/passphrases/osh_cinder_oslo_db_password.yaml +++ b/site/common/secrets/passphrases/osh_cinder_oslo_db_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_cinder_oslo_messaging_admin_password.yaml b/site/common/secrets/passphrases/osh_cinder_oslo_messaging_admin_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_cinder_oslo_messaging_admin_password.yaml rename to site/common/secrets/passphrases/osh_cinder_oslo_messaging_admin_password.yaml index 350c8b1..7c44dad 100644 --- a/site/site30/secrets/passphrases/osh_cinder_oslo_messaging_admin_password.yaml +++ b/site/common/secrets/passphrases/osh_cinder_oslo_messaging_admin_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_cinder_oslo_messaging_password.yaml b/site/common/secrets/passphrases/osh_cinder_oslo_messaging_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_cinder_oslo_messaging_password.yaml rename to site/common/secrets/passphrases/osh_cinder_oslo_messaging_password.yaml index 912fe40..ef35609 100644 --- a/site/site30/secrets/passphrases/osh_cinder_oslo_messaging_password.yaml +++ b/site/common/secrets/passphrases/osh_cinder_oslo_messaging_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_cinder_password.yaml b/site/common/secrets/passphrases/osh_cinder_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_cinder_password.yaml rename to site/common/secrets/passphrases/osh_cinder_password.yaml index ba71bda..6c862e9 100644 --- a/site/site30/secrets/passphrases/osh_cinder_password.yaml +++ b/site/common/secrets/passphrases/osh_cinder_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_cinder_rabbitmq_erlang_cookie.yaml b/site/common/secrets/passphrases/osh_cinder_rabbitmq_erlang_cookie.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_cinder_rabbitmq_erlang_cookie.yaml rename to site/common/secrets/passphrases/osh_cinder_rabbitmq_erlang_cookie.yaml index ffe275c..6b40e2e 100644 --- a/site/site30/secrets/passphrases/osh_cinder_rabbitmq_erlang_cookie.yaml +++ b/site/common/secrets/passphrases/osh_cinder_rabbitmq_erlang_cookie.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_glance_oslo_db_password.yaml b/site/common/secrets/passphrases/osh_glance_oslo_db_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_glance_oslo_db_password.yaml rename to site/common/secrets/passphrases/osh_glance_oslo_db_password.yaml index 03eb509..d1b477f 100644 --- a/site/site30/secrets/passphrases/osh_glance_oslo_db_password.yaml +++ b/site/common/secrets/passphrases/osh_glance_oslo_db_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_glance_oslo_messaging_admin_password.yaml b/site/common/secrets/passphrases/osh_glance_oslo_messaging_admin_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_glance_oslo_messaging_admin_password.yaml rename to site/common/secrets/passphrases/osh_glance_oslo_messaging_admin_password.yaml index 524118f..3794583 100644 --- a/site/site30/secrets/passphrases/osh_glance_oslo_messaging_admin_password.yaml +++ b/site/common/secrets/passphrases/osh_glance_oslo_messaging_admin_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_glance_oslo_messaging_password.yaml b/site/common/secrets/passphrases/osh_glance_oslo_messaging_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_glance_oslo_messaging_password.yaml rename to site/common/secrets/passphrases/osh_glance_oslo_messaging_password.yaml index 9fcc71c..536f9e1 100644 --- a/site/site30/secrets/passphrases/osh_glance_oslo_messaging_password.yaml +++ b/site/common/secrets/passphrases/osh_glance_oslo_messaging_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_glance_password.yaml b/site/common/secrets/passphrases/osh_glance_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_glance_password.yaml rename to site/common/secrets/passphrases/osh_glance_password.yaml index a1dfe1d..7e13ed4 100644 --- a/site/site30/secrets/passphrases/osh_glance_password.yaml +++ b/site/common/secrets/passphrases/osh_glance_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_glance_rabbitmq_erlang_cookie.yaml b/site/common/secrets/passphrases/osh_glance_rabbitmq_erlang_cookie.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_glance_rabbitmq_erlang_cookie.yaml rename to site/common/secrets/passphrases/osh_glance_rabbitmq_erlang_cookie.yaml index 191a4f1..4f71b69 100644 --- a/site/site30/secrets/passphrases/osh_glance_rabbitmq_erlang_cookie.yaml +++ b/site/common/secrets/passphrases/osh_glance_rabbitmq_erlang_cookie.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_heat_oslo_db_password.yaml b/site/common/secrets/passphrases/osh_heat_oslo_db_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_heat_oslo_db_password.yaml rename to site/common/secrets/passphrases/osh_heat_oslo_db_password.yaml index 627e20b..9145d8b 100644 --- a/site/site30/secrets/passphrases/osh_heat_oslo_db_password.yaml +++ b/site/common/secrets/passphrases/osh_heat_oslo_db_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_heat_oslo_messaging_admin_password.yaml b/site/common/secrets/passphrases/osh_heat_oslo_messaging_admin_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_heat_oslo_messaging_admin_password.yaml rename to site/common/secrets/passphrases/osh_heat_oslo_messaging_admin_password.yaml index 927af8b..8165c99 100644 --- a/site/site30/secrets/passphrases/osh_heat_oslo_messaging_admin_password.yaml +++ b/site/common/secrets/passphrases/osh_heat_oslo_messaging_admin_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_heat_oslo_messaging_password.yaml b/site/common/secrets/passphrases/osh_heat_oslo_messaging_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_heat_oslo_messaging_password.yaml rename to site/common/secrets/passphrases/osh_heat_oslo_messaging_password.yaml index 4f929fe..f588658 100644 --- a/site/site30/secrets/passphrases/osh_heat_oslo_messaging_password.yaml +++ b/site/common/secrets/passphrases/osh_heat_oslo_messaging_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_heat_password.yaml b/site/common/secrets/passphrases/osh_heat_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_heat_password.yaml rename to site/common/secrets/passphrases/osh_heat_password.yaml index 29567f3..3f718ff 100644 --- a/site/site30/secrets/passphrases/osh_heat_password.yaml +++ b/site/common/secrets/passphrases/osh_heat_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_heat_rabbitmq_erlang_cookie.yaml b/site/common/secrets/passphrases/osh_heat_rabbitmq_erlang_cookie.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_heat_rabbitmq_erlang_cookie.yaml rename to site/common/secrets/passphrases/osh_heat_rabbitmq_erlang_cookie.yaml index ca06200..a708f8b 100644 --- a/site/site30/secrets/passphrases/osh_heat_rabbitmq_erlang_cookie.yaml +++ b/site/common/secrets/passphrases/osh_heat_rabbitmq_erlang_cookie.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_heat_stack_user_password.yaml b/site/common/secrets/passphrases/osh_heat_stack_user_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_heat_stack_user_password.yaml rename to site/common/secrets/passphrases/osh_heat_stack_user_password.yaml index dcf61bb..66ce0ca 100644 --- a/site/site30/secrets/passphrases/osh_heat_stack_user_password.yaml +++ b/site/common/secrets/passphrases/osh_heat_stack_user_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_heat_trustee_password.yaml b/site/common/secrets/passphrases/osh_heat_trustee_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_heat_trustee_password.yaml rename to site/common/secrets/passphrases/osh_heat_trustee_password.yaml index c40c42e..4ff7f30 100644 --- a/site/site30/secrets/passphrases/osh_heat_trustee_password.yaml +++ b/site/common/secrets/passphrases/osh_heat_trustee_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_horizon_oslo_db_password.yaml b/site/common/secrets/passphrases/osh_horizon_oslo_db_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_horizon_oslo_db_password.yaml rename to site/common/secrets/passphrases/osh_horizon_oslo_db_password.yaml index 96e95a0..51b950a 100644 --- a/site/site30/secrets/passphrases/osh_horizon_oslo_db_password.yaml +++ b/site/common/secrets/passphrases/osh_horizon_oslo_db_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_infra_addons_jenkins_password.yaml b/site/common/secrets/passphrases/osh_infra_addons_jenkins_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_infra_addons_jenkins_password.yaml rename to site/common/secrets/passphrases/osh_infra_addons_jenkins_password.yaml index 721cb7d..00610fb 100644 --- a/site/site30/secrets/passphrases/osh_infra_addons_jenkins_password.yaml +++ b/site/common/secrets/passphrases/osh_infra_addons_jenkins_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_infra_elasticsearch_admin_password.yaml b/site/common/secrets/passphrases/osh_infra_elasticsearch_admin_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_infra_elasticsearch_admin_password.yaml rename to site/common/secrets/passphrases/osh_infra_elasticsearch_admin_password.yaml index 45f8daa..b103a8e 100644 --- a/site/site30/secrets/passphrases/osh_infra_elasticsearch_admin_password.yaml +++ b/site/common/secrets/passphrases/osh_infra_elasticsearch_admin_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_infra_grafana_admin_password.yaml b/site/common/secrets/passphrases/osh_infra_grafana_admin_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_infra_grafana_admin_password.yaml rename to site/common/secrets/passphrases/osh_infra_grafana_admin_password.yaml index ef9132a..e58ee87 100644 --- a/site/site30/secrets/passphrases/osh_infra_grafana_admin_password.yaml +++ b/site/common/secrets/passphrases/osh_infra_grafana_admin_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_infra_grafana_oslo_db_password.yaml b/site/common/secrets/passphrases/osh_infra_grafana_oslo_db_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_infra_grafana_oslo_db_password.yaml rename to site/common/secrets/passphrases/osh_infra_grafana_oslo_db_password.yaml index e5e2af1..764bd20 100644 --- a/site/site30/secrets/passphrases/osh_infra_grafana_oslo_db_password.yaml +++ b/site/common/secrets/passphrases/osh_infra_grafana_oslo_db_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_infra_grafana_oslo_db_session_password.yaml b/site/common/secrets/passphrases/osh_infra_grafana_oslo_db_session_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_infra_grafana_oslo_db_session_password.yaml rename to site/common/secrets/passphrases/osh_infra_grafana_oslo_db_session_password.yaml index 0e5fe5a..f5c107c 100644 --- a/site/site30/secrets/passphrases/osh_infra_grafana_oslo_db_session_password.yaml +++ b/site/common/secrets/passphrases/osh_infra_grafana_oslo_db_session_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_infra_kibana_admin_password.yaml b/site/common/secrets/passphrases/osh_infra_kibana_admin_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_infra_kibana_admin_password.yaml rename to site/common/secrets/passphrases/osh_infra_kibana_admin_password.yaml index 6912479..99615fe 100644 --- a/site/site30/secrets/passphrases/osh_infra_kibana_admin_password.yaml +++ b/site/common/secrets/passphrases/osh_infra_kibana_admin_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_infra_nagios_admin_password.yaml b/site/common/secrets/passphrases/osh_infra_nagios_admin_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_infra_nagios_admin_password.yaml rename to site/common/secrets/passphrases/osh_infra_nagios_admin_password.yaml index df53e52..90aadfc 100644 --- a/site/site30/secrets/passphrases/osh_infra_nagios_admin_password.yaml +++ b/site/common/secrets/passphrases/osh_infra_nagios_admin_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_infra_openstack_exporter_password.yaml b/site/common/secrets/passphrases/osh_infra_openstack_exporter_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_infra_openstack_exporter_password.yaml rename to site/common/secrets/passphrases/osh_infra_openstack_exporter_password.yaml index 9eccf74..5df7971 100644 --- a/site/site30/secrets/passphrases/osh_infra_openstack_exporter_password.yaml +++ b/site/common/secrets/passphrases/osh_infra_openstack_exporter_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_infra_oslo_db_admin_password.yaml b/site/common/secrets/passphrases/osh_infra_oslo_db_admin_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_infra_oslo_db_admin_password.yaml rename to site/common/secrets/passphrases/osh_infra_oslo_db_admin_password.yaml index 9416e61..ed26a19 100644 --- a/site/site30/secrets/passphrases/osh_infra_oslo_db_admin_password.yaml +++ b/site/common/secrets/passphrases/osh_infra_oslo_db_admin_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_keystone_admin_password.yaml b/site/common/secrets/passphrases/osh_keystone_admin_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_keystone_admin_password.yaml rename to site/common/secrets/passphrases/osh_keystone_admin_password.yaml index 04411e5..47f8457 100644 --- a/site/site30/secrets/passphrases/osh_keystone_admin_password.yaml +++ b/site/common/secrets/passphrases/osh_keystone_admin_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_keystone_ldap_mechid_password.yaml b/site/common/secrets/passphrases/osh_keystone_ldap_mechid_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_keystone_ldap_mechid_password.yaml rename to site/common/secrets/passphrases/osh_keystone_ldap_mechid_password.yaml index bd0bdc2..04bd863 100644 --- a/site/site30/secrets/passphrases/osh_keystone_ldap_mechid_password.yaml +++ b/site/common/secrets/passphrases/osh_keystone_ldap_mechid_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/common/secrets/passphrases/osh_keystone_ldap_password.yaml b/site/common/secrets/passphrases/osh_keystone_ldap_password.yaml new file mode 100644 index 0000000..b253174 --- /dev/null +++ b/site/common/secrets/passphrases/osh_keystone_ldap_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_keystone_ldap_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 5aacc198d8a1edeff4a8 +... diff --git a/site/site30/secrets/passphrases/osh_keystone_oslo_db_password.yaml b/site/common/secrets/passphrases/osh_keystone_oslo_db_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_keystone_oslo_db_password.yaml rename to site/common/secrets/passphrases/osh_keystone_oslo_db_password.yaml index cd0b501..ef96f98 100644 --- a/site/site30/secrets/passphrases/osh_keystone_oslo_db_password.yaml +++ b/site/common/secrets/passphrases/osh_keystone_oslo_db_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_keystone_oslo_messaging_admin_password.yaml b/site/common/secrets/passphrases/osh_keystone_oslo_messaging_admin_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_keystone_oslo_messaging_admin_password.yaml rename to site/common/secrets/passphrases/osh_keystone_oslo_messaging_admin_password.yaml index f954528..0f9734e 100644 --- a/site/site30/secrets/passphrases/osh_keystone_oslo_messaging_admin_password.yaml +++ b/site/common/secrets/passphrases/osh_keystone_oslo_messaging_admin_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_keystone_oslo_messaging_password.yaml b/site/common/secrets/passphrases/osh_keystone_oslo_messaging_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_keystone_oslo_messaging_password.yaml rename to site/common/secrets/passphrases/osh_keystone_oslo_messaging_password.yaml index 78dda18..44e39c1 100644 --- a/site/site30/secrets/passphrases/osh_keystone_oslo_messaging_password.yaml +++ b/site/common/secrets/passphrases/osh_keystone_oslo_messaging_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_keystone_rabbitmq_erlang_cookie.yaml b/site/common/secrets/passphrases/osh_keystone_rabbitmq_erlang_cookie.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_keystone_rabbitmq_erlang_cookie.yaml rename to site/common/secrets/passphrases/osh_keystone_rabbitmq_erlang_cookie.yaml index f67a3a2..28e43a8 100644 --- a/site/site30/secrets/passphrases/osh_keystone_rabbitmq_erlang_cookie.yaml +++ b/site/common/secrets/passphrases/osh_keystone_rabbitmq_erlang_cookie.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_neutron_oslo_db_password.yaml b/site/common/secrets/passphrases/osh_neutron_oslo_db_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_neutron_oslo_db_password.yaml rename to site/common/secrets/passphrases/osh_neutron_oslo_db_password.yaml index 67d5a82..1548270 100644 --- a/site/site30/secrets/passphrases/osh_neutron_oslo_db_password.yaml +++ b/site/common/secrets/passphrases/osh_neutron_oslo_db_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_neutron_oslo_messaging_admin_password.yaml b/site/common/secrets/passphrases/osh_neutron_oslo_messaging_admin_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_neutron_oslo_messaging_admin_password.yaml rename to site/common/secrets/passphrases/osh_neutron_oslo_messaging_admin_password.yaml index 5014942..c471565 100644 --- a/site/site30/secrets/passphrases/osh_neutron_oslo_messaging_admin_password.yaml +++ b/site/common/secrets/passphrases/osh_neutron_oslo_messaging_admin_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_neutron_oslo_messaging_password.yaml b/site/common/secrets/passphrases/osh_neutron_oslo_messaging_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_neutron_oslo_messaging_password.yaml rename to site/common/secrets/passphrases/osh_neutron_oslo_messaging_password.yaml index 63f94c0..133bd8f 100644 --- a/site/site30/secrets/passphrases/osh_neutron_oslo_messaging_password.yaml +++ b/site/common/secrets/passphrases/osh_neutron_oslo_messaging_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_neutron_password.yaml b/site/common/secrets/passphrases/osh_neutron_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_neutron_password.yaml rename to site/common/secrets/passphrases/osh_neutron_password.yaml index 39dd49e..487d7af 100644 --- a/site/site30/secrets/passphrases/osh_neutron_password.yaml +++ b/site/common/secrets/passphrases/osh_neutron_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_neutron_rabbitmq_erlang_cookie.yaml b/site/common/secrets/passphrases/osh_neutron_rabbitmq_erlang_cookie.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_neutron_rabbitmq_erlang_cookie.yaml rename to site/common/secrets/passphrases/osh_neutron_rabbitmq_erlang_cookie.yaml index bef5290..d03ecd4 100644 --- a/site/site30/secrets/passphrases/osh_neutron_rabbitmq_erlang_cookie.yaml +++ b/site/common/secrets/passphrases/osh_neutron_rabbitmq_erlang_cookie.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_nova_oslo_db_password.yaml b/site/common/secrets/passphrases/osh_nova_oslo_db_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_nova_oslo_db_password.yaml rename to site/common/secrets/passphrases/osh_nova_oslo_db_password.yaml index 3333f6a..71a158f 100644 --- a/site/site30/secrets/passphrases/osh_nova_oslo_db_password.yaml +++ b/site/common/secrets/passphrases/osh_nova_oslo_db_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_nova_oslo_messaging_admin_password.yaml b/site/common/secrets/passphrases/osh_nova_oslo_messaging_admin_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_nova_oslo_messaging_admin_password.yaml rename to site/common/secrets/passphrases/osh_nova_oslo_messaging_admin_password.yaml index 446fa35..497262c 100644 --- a/site/site30/secrets/passphrases/osh_nova_oslo_messaging_admin_password.yaml +++ b/site/common/secrets/passphrases/osh_nova_oslo_messaging_admin_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_nova_oslo_messaging_password.yaml b/site/common/secrets/passphrases/osh_nova_oslo_messaging_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_nova_oslo_messaging_password.yaml rename to site/common/secrets/passphrases/osh_nova_oslo_messaging_password.yaml index 5b62c33..55ef5e6 100644 --- a/site/site30/secrets/passphrases/osh_nova_oslo_messaging_password.yaml +++ b/site/common/secrets/passphrases/osh_nova_oslo_messaging_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_nova_password.yaml b/site/common/secrets/passphrases/osh_nova_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_nova_password.yaml rename to site/common/secrets/passphrases/osh_nova_password.yaml index b4436d2..36213b4 100644 --- a/site/site30/secrets/passphrases/osh_nova_password.yaml +++ b/site/common/secrets/passphrases/osh_nova_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_nova_rabbitmq_erlang_cookie.yaml b/site/common/secrets/passphrases/osh_nova_rabbitmq_erlang_cookie.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_nova_rabbitmq_erlang_cookie.yaml rename to site/common/secrets/passphrases/osh_nova_rabbitmq_erlang_cookie.yaml index 79904d7..627de35 100644 --- a/site/site30/secrets/passphrases/osh_nova_rabbitmq_erlang_cookie.yaml +++ b/site/common/secrets/passphrases/osh_nova_rabbitmq_erlang_cookie.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_oslo_cache_secret_key.yaml b/site/common/secrets/passphrases/osh_oslo_cache_secret_key.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_oslo_cache_secret_key.yaml rename to site/common/secrets/passphrases/osh_oslo_cache_secret_key.yaml index 3c8d88b..d2f3350 100644 --- a/site/site30/secrets/passphrases/osh_oslo_cache_secret_key.yaml +++ b/site/common/secrets/passphrases/osh_oslo_cache_secret_key.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_oslo_db_admin_password.yaml b/site/common/secrets/passphrases/osh_oslo_db_admin_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_oslo_db_admin_password.yaml rename to site/common/secrets/passphrases/osh_oslo_db_admin_password.yaml index 6577f16..7663900 100644 --- a/site/site30/secrets/passphrases/osh_oslo_db_admin_password.yaml +++ b/site/common/secrets/passphrases/osh_oslo_db_admin_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/osh_placement_password.yaml b/site/common/secrets/passphrases/osh_placement_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/osh_placement_password.yaml rename to site/common/secrets/passphrases/osh_placement_password.yaml index daa03d4..d67e1a4 100644 --- a/site/site30/secrets/passphrases/osh_placement_password.yaml +++ b/site/common/secrets/passphrases/osh_placement_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/ucp_airflow_postgres_password.yaml b/site/common/secrets/passphrases/ucp_airflow_postgres_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/ucp_airflow_postgres_password.yaml rename to site/common/secrets/passphrases/ucp_airflow_postgres_password.yaml index 1858213..e17c30f 100644 --- a/site/site30/secrets/passphrases/ucp_airflow_postgres_password.yaml +++ b/site/common/secrets/passphrases/ucp_airflow_postgres_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/ucp_armada_keystone_password.yaml b/site/common/secrets/passphrases/ucp_armada_keystone_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/ucp_armada_keystone_password.yaml rename to site/common/secrets/passphrases/ucp_armada_keystone_password.yaml index 9b2ea15..0c1d1f6 100644 --- a/site/site30/secrets/passphrases/ucp_armada_keystone_password.yaml +++ b/site/common/secrets/passphrases/ucp_armada_keystone_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/ucp_barbican_keystone_password.yaml b/site/common/secrets/passphrases/ucp_barbican_keystone_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/ucp_barbican_keystone_password.yaml rename to site/common/secrets/passphrases/ucp_barbican_keystone_password.yaml index 4d0d894..94c9807 100644 --- a/site/site30/secrets/passphrases/ucp_barbican_keystone_password.yaml +++ b/site/common/secrets/passphrases/ucp_barbican_keystone_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/ucp_barbican_oslo_db_password.yaml b/site/common/secrets/passphrases/ucp_barbican_oslo_db_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/ucp_barbican_oslo_db_password.yaml rename to site/common/secrets/passphrases/ucp_barbican_oslo_db_password.yaml index deea869..c0212fe 100644 --- a/site/site30/secrets/passphrases/ucp_barbican_oslo_db_password.yaml +++ b/site/common/secrets/passphrases/ucp_barbican_oslo_db_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/ucp_deckhand_keystone_password.yaml b/site/common/secrets/passphrases/ucp_deckhand_keystone_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/ucp_deckhand_keystone_password.yaml rename to site/common/secrets/passphrases/ucp_deckhand_keystone_password.yaml index 0538d36..8d44a79 100644 --- a/site/site30/secrets/passphrases/ucp_deckhand_keystone_password.yaml +++ b/site/common/secrets/passphrases/ucp_deckhand_keystone_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/ucp_deckhand_postgres_password.yaml b/site/common/secrets/passphrases/ucp_deckhand_postgres_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/ucp_deckhand_postgres_password.yaml rename to site/common/secrets/passphrases/ucp_deckhand_postgres_password.yaml index 5e32f60..661c72b 100644 --- a/site/site30/secrets/passphrases/ucp_deckhand_postgres_password.yaml +++ b/site/common/secrets/passphrases/ucp_deckhand_postgres_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/ucp_drydock_keystone_password.yaml b/site/common/secrets/passphrases/ucp_drydock_keystone_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/ucp_drydock_keystone_password.yaml rename to site/common/secrets/passphrases/ucp_drydock_keystone_password.yaml index bb36b23..1592a56 100644 --- a/site/site30/secrets/passphrases/ucp_drydock_keystone_password.yaml +++ b/site/common/secrets/passphrases/ucp_drydock_keystone_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/ucp_drydock_postgres_password.yaml b/site/common/secrets/passphrases/ucp_drydock_postgres_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/ucp_drydock_postgres_password.yaml rename to site/common/secrets/passphrases/ucp_drydock_postgres_password.yaml index ca5bca8..2d9e071 100644 --- a/site/site30/secrets/passphrases/ucp_drydock_postgres_password.yaml +++ b/site/common/secrets/passphrases/ucp_drydock_postgres_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/ucp_keystone_admin_password.yaml b/site/common/secrets/passphrases/ucp_keystone_admin_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/ucp_keystone_admin_password.yaml rename to site/common/secrets/passphrases/ucp_keystone_admin_password.yaml index 94a6ff1..066880c 100644 --- a/site/site30/secrets/passphrases/ucp_keystone_admin_password.yaml +++ b/site/common/secrets/passphrases/ucp_keystone_admin_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/ucp_keystone_oslo_db_password.yaml b/site/common/secrets/passphrases/ucp_keystone_oslo_db_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/ucp_keystone_oslo_db_password.yaml rename to site/common/secrets/passphrases/ucp_keystone_oslo_db_password.yaml index a444522..b584f02 100644 --- a/site/site30/secrets/passphrases/ucp_keystone_oslo_db_password.yaml +++ b/site/common/secrets/passphrases/ucp_keystone_oslo_db_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/ucp_maas_admin_password.yaml b/site/common/secrets/passphrases/ucp_maas_admin_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/ucp_maas_admin_password.yaml rename to site/common/secrets/passphrases/ucp_maas_admin_password.yaml index 9182cfe..1506e83 100644 --- a/site/site30/secrets/passphrases/ucp_maas_admin_password.yaml +++ b/site/common/secrets/passphrases/ucp_maas_admin_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/ucp_maas_postgres_password.yaml b/site/common/secrets/passphrases/ucp_maas_postgres_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/ucp_maas_postgres_password.yaml rename to site/common/secrets/passphrases/ucp_maas_postgres_password.yaml index 9ee7798..569d372 100644 --- a/site/site30/secrets/passphrases/ucp_maas_postgres_password.yaml +++ b/site/common/secrets/passphrases/ucp_maas_postgres_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/ucp_oslo_db_admin_password.yaml b/site/common/secrets/passphrases/ucp_oslo_db_admin_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/ucp_oslo_db_admin_password.yaml rename to site/common/secrets/passphrases/ucp_oslo_db_admin_password.yaml index 853f052..41d2a62 100644 --- a/site/site30/secrets/passphrases/ucp_oslo_db_admin_password.yaml +++ b/site/common/secrets/passphrases/ucp_oslo_db_admin_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/ucp_oslo_messaging_password.yaml b/site/common/secrets/passphrases/ucp_oslo_messaging_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/ucp_oslo_messaging_password.yaml rename to site/common/secrets/passphrases/ucp_oslo_messaging_password.yaml index 88376bc..8f781ec 100644 --- a/site/site30/secrets/passphrases/ucp_oslo_messaging_password.yaml +++ b/site/common/secrets/passphrases/ucp_oslo_messaging_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/ucp_postgres_admin_password.yaml b/site/common/secrets/passphrases/ucp_postgres_admin_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/ucp_postgres_admin_password.yaml rename to site/common/secrets/passphrases/ucp_postgres_admin_password.yaml index 8070539..02edeaf 100644 --- a/site/site30/secrets/passphrases/ucp_postgres_admin_password.yaml +++ b/site/common/secrets/passphrases/ucp_postgres_admin_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/ucp_promenade_keystone_password.yaml b/site/common/secrets/passphrases/ucp_promenade_keystone_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/ucp_promenade_keystone_password.yaml rename to site/common/secrets/passphrases/ucp_promenade_keystone_password.yaml index d6d89f9..308e44f 100644 --- a/site/site30/secrets/passphrases/ucp_promenade_keystone_password.yaml +++ b/site/common/secrets/passphrases/ucp_promenade_keystone_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml b/site/common/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml similarity index 94% rename from site/site30/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml rename to site/common/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml index 747f616..c61043c 100644 --- a/site/site30/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml +++ b/site/common/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/ucp_shipyard_keystone_password.yaml b/site/common/secrets/passphrases/ucp_shipyard_keystone_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/ucp_shipyard_keystone_password.yaml rename to site/common/secrets/passphrases/ucp_shipyard_keystone_password.yaml index d2ad2b4..f7231fa 100644 --- a/site/site30/secrets/passphrases/ucp_shipyard_keystone_password.yaml +++ b/site/common/secrets/passphrases/ucp_shipyard_keystone_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/secrets/passphrases/ucp_shipyard_postgres_password.yaml b/site/common/secrets/passphrases/ucp_shipyard_postgres_password.yaml similarity index 94% rename from site/site30/secrets/passphrases/ucp_shipyard_postgres_password.yaml rename to site/common/secrets/passphrases/ucp_shipyard_postgres_password.yaml index 58ac856..5f2da82 100644 --- a/site/site30/secrets/passphrases/ucp_shipyard_postgres_password.yaml +++ b/site/common/secrets/passphrases/ucp_shipyard_postgres_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/software/charts/kubernetes/dns/coredns.yaml b/site/common/software/charts/kubernetes/dns/coredns.yaml similarity index 97% rename from site/site30/software/charts/kubernetes/dns/coredns.yaml rename to site/common/software/charts/kubernetes/dns/coredns.yaml index 7f87116..01d7d57 100644 --- a/site/site30/software/charts/kubernetes/dns/coredns.yaml +++ b/site/common/software/charts/kubernetes/dns/coredns.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/common/software/charts/osh-infra/osh-infra-logging/elasticsearch.yaml b/site/common/software/charts/osh-infra/osh-infra-logging/elasticsearch.yaml new file mode 100644 index 0000000..f838322 --- /dev/null +++ b/site/common/software/charts/osh-infra/osh-infra-logging/elasticsearch.yaml @@ -0,0 +1,32 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: elasticsearch + layeringDefinition: + abstract: false + layer: site + parentSelector: + hosttype: elasticsearch-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: {} +... diff --git a/site/common/software/charts/osh-infra/osh-infra-logging/fluent-logging.yaml b/site/common/software/charts/osh-infra/osh-infra-logging/fluent-logging.yaml new file mode 100644 index 0000000..bf4b39f --- /dev/null +++ b/site/common/software/charts/osh-infra/osh-infra-logging/fluent-logging.yaml @@ -0,0 +1,32 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: fluent-logging + layeringDefinition: + abstract: false + layer: site + parentSelector: + hosttype: fluent-logging-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: {} +... diff --git a/site/site30/software/charts/ucp/divingbell/divingbell.yaml b/site/common/software/charts/ucp/divingbell/divingbell.yaml similarity index 95% rename from site/site30/software/charts/ucp/divingbell/divingbell.yaml rename to site/common/software/charts/ucp/divingbell/divingbell.yaml index e0ebd93..5b9525a 100644 --- a/site/site30/software/charts/ucp/divingbell/divingbell.yaml +++ b/site/common/software/charts/ucp/divingbell/divingbell.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/software/charts/ucp/drydock/maas.yaml b/site/common/software/charts/ucp/drydock/maas.yaml similarity index 95% rename from site/site30/software/charts/ucp/drydock/maas.yaml rename to site/common/software/charts/ucp/drydock/maas.yaml index b214198..4aad5c7 100644 --- a/site/site30/software/charts/ucp/drydock/maas.yaml +++ b/site/common/software/charts/ucp/drydock/maas.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/site30/software/config/common-software-config.yaml b/site/common/software/config/common-software-config.yaml similarity index 94% rename from site/site30/software/config/common-software-config.yaml rename to site/common/software/config/common-software-config.yaml index 2a35eec..6683425 100644 --- a/site/site30/software/config/common-software-config.yaml +++ b/site/common/software/config/common-software-config.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/common/software/config/endpoints.yaml b/site/common/software/config/endpoints.yaml new file mode 100644 index 0000000..0f0324c --- /dev/null +++ b/site/common/software/config/endpoints.yaml @@ -0,0 +1,1582 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: pegleg/EndpointCatalogue/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_endpoints + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext + # substitutions: + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .ucp.identity.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .ucp.shipyard.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .ceph.object_store.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .ceph.ceph_object_store.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .ceph.object_store.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .ceph.object_store.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .ceph.object_store.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .ucp.identity.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .ucp.identity.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .ucp.identity.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .ucp.shipyard.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .ucp.shipyard.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .ucp.shipyard.host_fqdn_override.public.tls.key +data: + ucp: + identity: + namespace: ucp + name: keystone + hosts: + default: keystone-api + public: keystone + host_fqdn_override: + default: null + # public: + # host: iam.DOMAIN + path: + default: /v3 + scheme: + default: http + # public: https + port: + admin: + default: 35357 + api: + default: 80 + public: 80 + armada: + name: armada + hosts: + default: armada-api + public: armada + port: + api: + default: 8000 + path: + default: /api/v1.0 + scheme: + default: http + host_fqdn_override: + default: null + deckhand: + name: deckhand + hosts: + default: deckhand-int + public: deckhand-api + port: + api: + default: 9000 + path: + default: /api/v1.0 + scheme: + default: http + host_fqdn_override: + default: null + postgresql: + name: postgresql + hosts: + default: postgresql + path: /DB_NAME + scheme: postgresql+psycopg2 + port: + postgresql: + default: 5432 + host_fqdn_override: + default: null + postgresql_airflow_celery: + name: postgresql_airflow_celery_db + hosts: + default: postgresql + path: /DB_NAME + scheme: db+postgresql + port: + postgresql: + default: 5432 + host_fqdn_override: + default: null + oslo_db: + hosts: + default: mariadb + discovery: mariadb-discovery + host_fqdn_override: + default: null + path: /DB_NAME + scheme: mysql+pymysql + port: + mysql: + default: 3306 + wsrep: + default: 4567 + key_manager: + name: barbican + hosts: + default: barbican-api + public: barbican + host_fqdn_override: + default: null + path: + default: /v1 + scheme: + default: http + port: + api: + default: 9311 + public: 80 + oslo_messaging: + namespace: null + hosts: + default: rabbitmq + host_fqdn_override: + default: null + path: /openstack + scheme: rabbit + port: + amqp: + default: 5672 + oslo_cache: + hosts: + default: memcached + host_fqdn_override: + default: null + port: + memcache: + default: 11211 + physicalprovisioner: + name: drydock + hosts: + default: drydock-api + port: + api: + default: 9000 + nodeport: 31900 + path: + default: /api/v1.0 + scheme: + default: http + host_fqdn_override: + default: null + maas_region_ui: + name: maas-region-ui + hosts: + default: maas-region-ui + public: maas + path: + default: /MAAS + scheme: + default: "http" + port: + region_ui: + default: 80 + public: 80 + host_fqdn_override: + default: null + kubernetesprovisioner: + name: promenade + hosts: + default: promenade-api + port: + api: + default: 80 + path: + default: /api/v1.0 + scheme: + default: http + host_fqdn_override: + default: null + shipyard: + name: shipyard + hosts: + default: shipyard-int + public: shipyard-api + port: + api: + default: 9000 + public: 80 + path: + default: /api/v1.0 + scheme: + default: http + # public: https + host_fqdn_override: + default: null + # public: + # host: shipyard.DOMAIN + airflow_web: + name: airflow-web + hosts: + default: airflow-web-int + public: airflow-web + port: + airflow_web: + default: 8080 + path: + default: / + scheme: + default: http + host_fqdn_override: + default: null + airflow_flower: + name: airflow-flower + hosts: + default: airflow-flower + port: + airflow_flower: + default: 5555 + path: + default: / + scheme: + default: http + host_fqdn_override: + default: null + ceph: + object_store: + name: swift + namespace: ceph + hosts: + default: ceph-rgw + public: radosgw + host_fqdn_override: + default: null + # public: + # host: object-store.DOMAIN + path: + default: /swift/v1 + scheme: + default: http + # public: "https" + port: + api: + default: 8088 + # public: 443 + ceph_object_store: + name: radosgw + namespace: ceph + hosts: + default: ceph-rgw + public: radosgw + host_fqdn_override: + default: null + # public: + # host: object-store.DOMAIN + path: + default: /auth/v1.0 + scheme: + default: "http" + # public: "https" + port: + api: + default: 8088 + # public: 443 + ceph_mon: + namespace: ceph + hosts: + default: ceph-mon + discovery: ceph-mon-discovery + host_fqdn_override: + default: null + port: + mon: + default: 6789 + ceph_mgr: + namespace: ceph + hosts: + default: ceph-mgr + host_fqdn_override: + default: null + port: + mgr: + default: 7000 + scheme: + default: http +... +--- +schema: pegleg/EndpointCatalogue/v1 +metadata: + schema: metadata/Document/v1 + name: osh_endpoints + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext + # substitutions: + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.object_store.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.ceph_object_store.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.object_store.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.object_store.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.object_store.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.ceph_object_store.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.ceph_object_store.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.ceph_object_store.host_fqdn_override.public.tls.key + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.image.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.cloudformation.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.orchestration.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.compute.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.compute_novnc_proxy.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.placement.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.network.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.identity.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.dashboard.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.volume.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.volumev2.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.volumev3.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.identity.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.identity.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.identity.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.orchestration.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.orchestration.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.orchestration.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.cloudformation.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.cloudformation.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.cloudformation.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.dashboard.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.dashboard.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.dashboard.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.image.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.image.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.image.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.volume.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.volume.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.volume.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.volumev2.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.volumev2.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.volumev2.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.volumev3.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.volumev3.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.volumev3.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.compute.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.compute.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.compute.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.placement.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.placement.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.placement.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.network.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.network.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.network.host_fqdn_override.public.tls.key +data: + osh: + object_store: + name: swift + namespace: ceph + hosts: + default: ceph-rgw + public: radosgw + host_fqdn_override: + default: null + # public: + # host: object-store.DOMAIN + path: + default: /swift/v1/KEY_$(tenant_id)s + scheme: + default: http + # public: "https" + port: + api: + default: 8088 + # public: 443 + ceph_object_store: + name: radosgw + namespace: ceph + hosts: + default: ceph-rgw + public: radosgw + host_fqdn_override: + default: null + # public: + # host: object-store.DOMAIN + path: + default: /auth/v1.0 + scheme: + default: "http" + # public: "https" + port: + api: + default: 8088 + # public: 443 + oslo_db: + hosts: + default: mariadb + discovery: mariadb-discovery + host_fqdn_override: + default: null + path: /DB_NAME + scheme: mysql+pymysql + port: + mysql: + default: 3306 + wsrep: + default: 4567 + keystone_oslo_messaging: + namespace: openstack + hosts: + default: keystone-rabbitmq + host_fqdn_override: + default: null + path: /keystone + scheme: rabbit + port: + amqp: + default: 5672 + http: + default: 15672 + keystone_rabbitmq_exporter: + namespace: openstack + hosts: + default: keystone-rabbitmq-exporter + host_fqdn_override: + default: null + path: + default: /metrics + scheme: + default: "http" + port: + metrics: + default: 9095 + oslo_cache: + namespace: openstack + hosts: + default: memcached + host_fqdn_override: + default: null + port: + memcache: + default: 11211 + identity: + namespace: openstack + name: keystone + hosts: + default: keystone-api + public: keystone + host_fqdn_override: + default: null + # public: + # host: identity.DOMAIN + path: + default: /v3 + scheme: + default: "http" + # public: "https" + port: + admin: + default: 35357 + api: + default: 80 + # public: 443 + glance_oslo_messaging: + namespace: openstack + hosts: + default: glance-rabbitmq + host_fqdn_override: + default: null + path: /glance + scheme: rabbit + port: + amqp: + default: 5672 + http: + default: 15672 + glance_rabbitmq_exporter: + namespace: openstack + hosts: + default: glance-rabbitmq-exporter + host_fqdn_override: + default: null + path: + default: /metrics + scheme: + default: "http" + port: + metrics: + default: 9095 + image: + name: glance + hosts: + default: glance-api + public: glance + host_fqdn_override: + default: null + # public: + # host: image.DOMAIN + path: + default: null + scheme: + default: "http" + # public: "https" + port: + api: + default: 9292 + # public: 443 + image_registry: + name: glance-registry + hosts: + default: glance-registry + public: glance-reg + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + api: + default: 9191 + public: 80 + cinder_oslo_messaging: + namespace: openstack + hosts: + default: cinder-rabbitmq + host_fqdn_override: + default: null + path: /cinder + scheme: rabbit + port: + amqp: + default: 5672 + http: + default: 15672 + cinder_rabbitmq_exporter: + namespace: openstack + hosts: + default: cinder-rabbitmq-exporter + host_fqdn_override: + default: null + path: + default: /metrics + scheme: + default: "http" + port: + metrics: + default: 9095 + volume: + name: cinder + hosts: + default: cinder-api + public: cinder + host_fqdn_override: + default: null + # public: + # host: volume.DOMAIN + path: + default: "/v1/%(tenant_id)s" + scheme: + default: "http" + # public: "https" + port: + api: + default: 8776 + # public: 443 + volumev2: + name: cinderv2 + hosts: + default: cinder-api + public: cinder + host_fqdn_override: + default: null + # public: + # host: volume.DOMAIN + path: + default: "/v2/%(tenant_id)s" + scheme: + default: "http" + # public: "https" + port: + api: + default: 8776 + # public: 443 + volumev3: + name: cinderv3 + hosts: + default: cinder-api + public: cinder + host_fqdn_override: + default: null + # public: + # host: volume.DOMAIN + path: + default: "/v3/%(tenant_id)s" + scheme: + default: "http" + # public: "https" + port: + api: + default: 8776 + # public: 443 + heat_oslo_messaging: + namespace: openstack + hosts: + default: heat-rabbitmq + host_fqdn_override: + default: null + path: /heat + scheme: rabbit + port: + amqp: + default: 5672 + http: + default: 15672 + heat_rabbitmq_exporter: + namespace: openstack + hosts: + default: heat-rabbitmq-exporter + host_fqdn_override: + default: null + path: + default: /metrics + scheme: + default: "http" + port: + metrics: + default: 9095 + orchestration: + name: heat + hosts: + default: heat-api + public: heat + host_fqdn_override: + default: null + # public: + # host: orchestration.DOMAIN + path: + default: "/v1/%(project_id)s" + scheme: + default: "http" + # public: "https" + port: + api: + default: 8004 + # public: 443 + cloudformation: + name: heat-cfn + hosts: + default: heat-cfn + public: cloudformation + host_fqdn_override: + default: null + # public: + # host: cloudformation.DOMAIN + path: + default: /v1 + scheme: + default: "http" + # public: "https" + port: + api: + default: 8000 + # public: 443 + cloudwatch: + name: heat-cloudwatch + hosts: + default: heat-cloudwatch + public: cloudwatch + host_fqdn_override: + default: null + path: + default: null + type: null + scheme: + default: "http" + port: + api: + default: 8003 + public: 80 + neutron_oslo_messaging: + namespace: openstack + hosts: + default: neutron-rabbitmq + host_fqdn_override: + default: null + path: /neutron + scheme: rabbit + port: + amqp: + default: 5672 + http: + default: 15672 + neutron_rabbitmq_exporter: + namespace: openstack + hosts: + default: neutron-rabbitmq-exporter + host_fqdn_override: + default: null + path: + default: /metrics + scheme: + default: "http" + port: + metrics: + default: 9095 + network: + name: neutron + hosts: + default: neutron-server + public: neutron + host_fqdn_override: + default: null + # public: + # host: network.DOMAIN + path: + default: null + scheme: + default: "http" + # public: "https" + port: + api: + default: 9696 + # public: 443 + nova_oslo_messaging: + namespace: openstack + hosts: + default: nova-rabbitmq + host_fqdn_override: + default: null + path: /nova + scheme: rabbit + port: + amqp: + default: 5672 + http: + default: 15672 + nova_rabbitmq_exporter: + namespace: openstack + hosts: + default: nova-rabbitmq-exporter + host_fqdn_override: + default: null + path: + default: /metrics + scheme: + default: "http" + port: + metrics: + default: 9095 + compute: + name: nova + hosts: + default: nova-api + public: nova + host_fqdn_override: + default: null + # public: + # host: compute.DOMAIN + path: + default: "/v2/%(tenant_id)s" + scheme: + default: "http" + # public: "https" + port: + api: + default: 8774 + # public: 443 + novncproxy: + default: 443 + compute_metadata: + name: nova + hosts: + default: nova-metadata + public: metadata + host_fqdn_override: + default: null + path: + default: / + scheme: + default: "http" + port: + metadata: + default: 8775 + public: 80 + compute_novnc_proxy: + name: nova + hosts: + default: nova-novncproxy + public: novncproxy + host_fqdn_override: + default: null + # public: + # host: nova-novncproxy.DOMAIN + path: + default: /vnc_auto.html + scheme: + default: "http" + # public: "https" + port: + novnc_proxy: + default: 6080 + # public: 443 + compute_spice_proxy: + name: nova + hosts: + default: nova-spiceproxy + host_fqdn_override: + default: null + path: + default: /spice_auto.html + scheme: + default: "http" + port: + spice_proxy: + default: 6082 + placement: + name: placement + hosts: + default: placement-api + public: placement + host_fqdn_override: + default: null + # public: + # host: placement.DOMAIN + path: + default: / + scheme: + default: "http" + # public: "https" + port: + api: + default: 8778 + # public: 443 + dashboard: + name: horizon + hosts: + default: horizon-int + public: horizon + host_fqdn_override: + default: null + # public: + # host: dashboard.DOMAIN + path: + default: null + scheme: + default: "http" + # public: "https" + port: + web: + default: 80 + # public: 443 +... +--- +schema: pegleg/EndpointCatalogue/v1 +metadata: + schema: metadata/Document/v1 + name: osh_infra_endpoints + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext + # substitutions: + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh_infra.kibana.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh_infra.grafana.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh_infra.nagios.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh_infra.kibana.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh_infra.kibana.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh_infra.kibana.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh_infra.grafana.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh_infra.grafana.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh_infra.grafana.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh_infra.nagios.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh_infra.nagios.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh_infra.nagios.host_fqdn_override.public.tls.key + # path: .osh_infra.nagios.host_fqdn_override.public.tls.key + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .ldap.base_url + # dest: + # path: .osh_infra.ldap.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .ldap.auth_path + # dest: + # path: .osh_infra.ldap.path.default + # pattern: AUTH_PATH +data: + osh_infra: + elasticsearch: + name: elasticsearch + namespace: osh-infra + hosts: + data: elasticsearch-data + default: elasticsearch-logging + discovery: elasticsearch-discovery + public: elasticsearch + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + http: + default: 80 + prometheus_elasticsearch_exporter: + namespace: null + hosts: + default: elasticsearch-exporter + host_fqdn_override: + default: null + path: + default: /metrics + scheme: + default: "http" + port: + metrics: + default: 9108 + fluentd: + namespace: osh-infra + name: fluentd + hosts: + default: fluentd-logging + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + service: + default: 24224 + metrics: + default: 24220 + prometheus_fluentd_exporter: + namespace: osh-infra + hosts: + default: fluentd-exporter + host_fqdn_override: + default: null + path: + default: /metrics + scheme: + default: "http" + port: + metrics: + default: 9309 + oslo_db: + namespace: osh-infra + hosts: + default: mariadb + host_fqdn_override: + default: null + path: /DB_NAME + scheme: mysql+pymysql + port: + mysql: + default: 3306 + grafana: + name: grafana + namespace: osh-infra + hosts: + default: grafana-dashboard + public: grafana + host_fqdn_override: + default: null + # public: + # host: grafana.DOMAIN + path: + default: null + scheme: + default: "http" + # public: "https" + port: + grafana: + default: 3000 + # public: 443 + monitoring: + name: prometheus + namespace: osh-infra + hosts: + default: prom-metrics + public: prometheus + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + api: + default: 9090 + public: 80 + kibana: + name: kibana + namespace: osh-infra + hosts: + default: kibana-dash + public: kibana + host_fqdn_override: + default: null + # public: + # host: kibana.DOMAIN + path: + default: null + scheme: + default: "http" + # public: "https" + port: + kibana: + default: 5601 + # public: 443 + alerts: + name: alertmanager + namespace: osh-infra + hosts: + default: alerts-engine + public: alertmanager + discovery: alertmanager-discovery + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + api: + default: 9093 + public: 80 + mesh: + default: 6783 + kube_state_metrics: + namespace: kube-system + hosts: + default: kube-state-metrics + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + http: + default: 8080 + kube_scheduler: + scheme: + default: "http" + path: + default: /metrics + kube_controller_manager: + scheme: + default: "http" + path: + default: /metrics + node_metrics: + namespace: kube-system + hosts: + default: node-exporter + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + metrics: + default: 9100 + prometheus_port: + default: 9100 + prometheus_openstack_exporter: + namespace: openstack + hosts: + default: openstack-metrics + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + exporter: + default: 9103 + nagios: + name: nagios + namespace: osh-infra + hosts: + default: nagios-metrics + public: nagios + host_fqdn_override: + default: null + # public: + # host: nagios.DOMAIN + path: + default: null + scheme: + default: http + # public: https + port: + http: + default: 80 + # public: 443 + ldap: + hosts: + default: ldap + host_fqdn_override: + default: null + public: + host: DOMAIN + path: + default: /AUTH_PATH + scheme: + default: "ldap" + port: + ldap: + default: 389 +... diff --git a/site/site30/software/config/service_accounts.yaml b/site/common/software/config/service_accounts.yaml similarity index 97% rename from site/site30/software/config/service_accounts.yaml rename to site/common/software/config/service_accounts.yaml index 08b78e3..4dbe82d 100644 --- a/site/site30/software/config/service_accounts.yaml +++ b/site/common/software/config/service_accounts.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -401,4 +401,13 @@ data: username: prometheus-openstack-exporter project_name: service user_domain_name: default + nagios: + admin: + username: nagios + ldap: + admin: + # NEWSITE-CHANGEME: Replace with the site's LDAP account used to + # authenticate to the active directory backend to validate keystone + # users. + bind: "test@ldap.example.com" ... diff --git a/site/site30/software/manifests/full-site.yaml b/site/common/software/manifests/full-site.yaml similarity index 89% rename from site/site30/software/manifests/full-site.yaml rename to site/common/software/manifests/full-site.yaml index ff45494..0bf3dd6 100644 --- a/site/site30/software/manifests/full-site.yaml +++ b/site/common/software/manifests/full-site.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -29,7 +29,7 @@ metadata: path: . storagePolicy: cleartext data: - release_prefix: clcp + release_prefix: airship chart_groups: - kubernetes-proxy - kubernetes-container-networking @@ -48,10 +48,6 @@ data: - ucp-drydock - ucp-promenade - ucp-shipyard -# - artifactory-ceph-config -# - artifactory-mariadb -# - artifactory-webapp -# - jenkins - osh-infra-ingress-controller - osh-infra-ceph-config - osh-infra-logging @@ -62,15 +58,12 @@ data: - openstack-ceph-config - openstack-mariadb - openstack-memcached - - openstack-compute-services - openstack-keystone - - openstack-glance - openstack-radosgw + - openstack-glance - openstack-cinder - openstack-compute-kit - openstack-heat - osh-infra-prometheus-openstack-exporter - openstack-horizon - - openstack-barbican - ... diff --git a/site/dellgen10/baremetal/bootaction-sriov-blacklist.yaml b/site/dellgen10/baremetal/bootaction-sriov-blacklist.yaml new file mode 100644 index 0000000..2ad6637 --- /dev/null +++ b/site/dellgen10/baremetal/bootaction-sriov-blacklist.yaml @@ -0,0 +1,42 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: 'drydock/BootAction/v1' +metadata: + schema: 'metadata/Document/v1' + name: i40evf_blacklist + storagePolicy: 'cleartext' + layeringDefinition: + abstract: false + layer: site + labels: + application: 'drydock' +data: + signaling: false + node_filter: + filter_set_type: 'union' + filter_set: + - filter_type: 'union' + assets: + - path: /etc/modprobe.d/sriov_blacklist.conf + type: file + permissions: '644' + data_pipeline: + - utf8_decode + data: | + blacklist i40evf +... diff --git a/site/dellgen10/baremetal/calico-ip-rules.yaml b/site/dellgen10/baremetal/calico-ip-rules.yaml new file mode 100644 index 0000000..022b17c --- /dev/null +++ b/site/dellgen10/baremetal/calico-ip-rules.yaml @@ -0,0 +1,160 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: 'drydock/BootAction/v1' +metadata: + schema: 'metadata/Document/v1' + name: calico-ip-rules + storagePolicy: 'cleartext' + layeringDefinition: + abstract: false + layer: site + labels: + application: 'drydock' + substitutions: + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .kubernetes.pod_cidr + dest: + path: .assets[0].data + pattern: DH_SUB_POD_CIDR +data: + signaling: false + assets: + - path: /etc/systemd/system/configure-ip-rules.service + type: unit + permissions: '444' + data: |- + [Unit] + Description=IP Rules Initialization Service + After=network-online.target local-fs.target + + [Service] + Type=simple + ExecStart=/opt/configure-ip-rules.sh -g 172.29.1.1 -c 10.98.0.0/16 -s 172.29.1.128/29 + + [Install] + WantedBy=multi-user.target + data_pipeline: + - utf8_decode + - path: /opt/configure-ip-rules.sh + type: file + permissions: '700' + data_pipeline: + - utf8_decode + data: |- + #!/bin/bash + set -ex + + function usage() { + cat <&2 + exit 1 + ;; + :) + echo "Missing argument for option: -${OPTARG}" >&2 + exit 1 + ;; + *) + echo "Unimplemented option: -${OPTARG}" >&2 + exit 1 + ;; + esac + done + shift $((OPTIND-1)) + + if [ "x$POD_CIDR" == "x" ]; then + echo "Missing pod CIDR, e.g -c 10.98.0.0/16" >&2 + usage + exit 1 + fi + + if [ "x$INTERFACE" == "x" ]; then + echo "Missing interface, e.g. -i bond1.2006" >&2 + usage + exit 1 + fi + + while ! ip route list dev "${INTERFACE}" > /dev/null; do + echo Waiting for device "${INTERFACE}" to be ready. >&2 + sleep 5 + done + + intra_vrrp_ip=$(ip route list dev "${INTERFACE}" | awk '($2~/via/){print $3}' | head -n 1) + + TABLE="1500" + + # Setup a routing table for traffic from service IPs + ip route flush table "${TABLE}" + ip route add default via "${intra_vrrp_ip}" table "${TABLE}" + + if [ "x$OVERLAP_CIDR" != "x" ]; then + # NOTE(mb874d): This is a work-around for nodes not receiving complete + # routes via BGP. It may also be required for brownfield large sites. + ip route add "${OVERLAP_CIDR}" via "${intra_vrrp_ip}" + fi + + if [ "x$SERVICE_CIDR" != "x" ]; then + # Traffic from the service IPs to pods should use the pod network. + ip rule add \ + from "${SERVICE_CIDR}" \ + to "${POD_CIDR}" \ + lookup main \ + pref 10000 + # Other traffic from service IPs should only use the VRRP IP + ip rule add \ + from "${SERVICE_CIDR}" \ + lookup "${TABLE}" \ + pref 10100 + fi +... diff --git a/site/dellgen10/baremetal/promjoin.yaml b/site/dellgen10/baremetal/promjoin.yaml new file mode 100644 index 0000000..235895c --- /dev/null +++ b/site/dellgen10/baremetal/promjoin.yaml @@ -0,0 +1,60 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: 'drydock/BootAction/v1' +metadata: + schema: 'metadata/Document/v1' + name: promjoin + storagePolicy: 'cleartext' + layeringDefinition: + abstract: false + layer: site + labels: + application: 'drydock' +data: + signaling: false + node_filter: + filter_set_type: 'union' + filter_set: + - filter_type: 'union' + node_names: + - 'aknode41' + - 'aknode42' + # TODO(alanmeadows) move what is global about this document - everything except nodenames to global + assets: + - path: /opt/promjoin.sh + type: file + permissions: '555' + # TODO(alanmeadows) You must replace the ip= parameter below with the appropriate MaaS network name of the network + # you should use to contact kubernetes in the case below, this is cab24_mgmt + location: promenade+http://promenade-api.ucp.svc.cluster.local/api/v1.0/join-scripts?design_ref={{ action.design_ref | urlencode }}&hostname={{ node.hostname }}&ip={{ node.network.calico.ip }}{% for k, v in node.labels.items() %}&labels.dynamic={{ k }}={{ v }}{% endfor %} + location_pipeline: + - template + data_pipeline: + - utf8_decode + - path: /lib/systemd/system/promjoin.service + type: unit + permissions: '600' + data: |- + W1VuaXRdCkRlc2NyaXB0aW9uPVByb21lbmFkZSBJbml0aWFsaXphdGlvbiBTZXJ2aWNlCkFmdGVy + PW5ldHdvcmstb25saW5lLnRhcmdldCBsb2NhbC1mcy50YXJnZXQKQ29uZGl0aW9uUGF0aEV4aXN0 + cz0hL3Zhci9saWIvcHJvbS5kb25lCgpbU2VydmljZV0KVHlwZT1zaW1wbGUKRXhlY1N0YXJ0PS9v + cHQvcHJvbWpvaW4uc2gKCltJbnN0YWxsXQpXYW50ZWRCeT1tdWx0aS11c2VyLnRhcmdldAo= + data_pipeline: + - base64_decode + - utf8_decode +... diff --git a/site/dellgen10/baremetal/rack.yaml b/site/dellgen10/baremetal/rack.yaml new file mode 100644 index 0000000..94eecc5 --- /dev/null +++ b/site/dellgen10/baremetal/rack.yaml @@ -0,0 +1,99 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: 'drydock/BaremetalNode/v1' +metadata: + schema: 'metadata/Document/v1' + name: aknode41 + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + host_profile: ControlPlane + # the hostname for a server, could be used in multiple DNS domains to + # represent different interfaces + addressing: + # Which network the address applies to. If a network appears in addressing + # that isn't assigned to an interface, design validation will fail + - network: oob + address: 192.168.41.41 + - network: pxe + # The address assigned. Either a explicit IPv4 or IPv6 address + # or dhcp or slaac + address: 172.30.2.41 + - network: oam + address: 192.168.2.41 + - network: storage + address: 172.31.2.41 + - network: overlay + address: 10.0.102.41 + - network: calico + address: 172.29.1.41 + metadata: + rack: RACK01 + tags: + - 'masters' +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: 'drydock/BaremetalNode/v1' +metadata: + schema: 'metadata/Document/v1' + name: aknode42 + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + host_profile: ControlPlane + # the hostname for a server, could be used in multiple DNS domains to + # represent different interfaces + addressing: + # Which network the address applies to. If a network appears in addressing + # that isn't assigned to an interface, design validation will fail + - network: oob + address: 192.168.41.42 + - network: pxe + # The address assigned. Either a explicit IPv4 or IPv6 address + # or dhcp or slaac + address: 172.30.2.42 + - network: oam + address: 192.168.2.42 + - network: storage + address: 172.31.2.42 + - network: overlay + address: 10.0.102.42 + - network: calico + address: 172.29.1.42 + metadata: + rack: RACK01 + tags: + - 'masters' +... diff --git a/site/dellgen10/deployment/deployment-configuration.yaml b/site/dellgen10/deployment/deployment-configuration.yaml new file mode 100644 index 0000000..22fae54 --- /dev/null +++ b/site/dellgen10/deployment/deployment-configuration.yaml @@ -0,0 +1,29 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: shipyard/DeploymentConfiguration/v1 +metadata: + schema: metadata/Document/v1 + name: deployment-configuration + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + armada: + manifest: 'full-site' +... diff --git a/site/dellgen10/networks/common-addresses.yaml b/site/dellgen10/networks/common-addresses.yaml new file mode 100644 index 0000000..21e5812 --- /dev/null +++ b/site/dellgen10/networks/common-addresses.yaml @@ -0,0 +1,103 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: pegleg/CommonAddresses/v1 +metadata: + schema: metadata/Document/v1 + name: common-addresses + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + calico: + ip_autodetection_method: interface=bond0.44 + etcd: + service_ip: 10.96.232.136 + + dns: + cluster_domain: cluster.local + service_ip: 10.96.0.10 + upstream_servers: + - 192.168.2.85 + - 8.8.8.8 + - 8.8.8.8 + upstream_servers_joined: '192.168.2.85,8.8.8.8' + ingress_domain: dellgen10.akraino.org + genesis: + hostname: aknode40 + ip: 172.29.1.40 + + bootstrap: + ip: 172.30.2.40 + + kubernetes: + api_service_ip: 10.96.0.1 + etcd_service_ip: 10.96.0.2 + pod_cidr: 10.98.0.0/16 + service_cidr: 10.96.0.0/15 + apiserver_port: 6443 + haproxy_port: 6553 + service_node_port_range: 30000-32767 + + etcd: + container_port: 2379 + haproxy_port: 2378 + + masters: + - hostname: aknode41 + - hostname: aknode42 + + proxy: + http: "" + https: "" + no_proxy: [] + + node_ports: + drydock_api: 30000 + maas_api: 30001 + maas_proxy: 31800 # hardcoded in MAAS + shipyard_api: 30003 + airflow_web: 30004 + + ntp: + servers_joined: '0.ubuntu.pool.ntp.org,1.ubuntu.pool.ntp.org,2.ubuntu.pool.ntp.org' + + # Used for FQDN setup/definition + domain: + url: dellgen10.lab.akraino.org + + ldap: + base_url: 'its-a-ldap.example.com' + url: 'ldap://its-a-ldap.example.com' + auth_path: DC=test,DC=test,DC=com?sAMAccountName?sub?memberof=CN=test,OU=Application,OU=Groups,DC=test,DC=test,DC=com + common_name: AP-NC_Test_Users + subdomain: testitservices + domain: example + + storage: + ceph: + public_cidr: '172.31.2.0/24' + cluster_cidr: '172.31.2.0/24' + + neutron: + tunnel_device: 'bond0.45' + external_iface: 'bond0' + + openvswitch: + external_iface: 'bond0' +... diff --git a/site/dellgen10/networks/physical/rack.yaml b/site/dellgen10/networks/physical/rack.yaml new file mode 100644 index 0000000..931d9a6 --- /dev/null +++ b/site/dellgen10/networks/physical/rack.yaml @@ -0,0 +1,213 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: 'drydock/NetworkLink/v1' +metadata: + schema: 'metadata/Document/v1' + name: oob + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + labels: + noconfig: enabled + bonding: + mode: disabled + mtu: 9000 + linkspeed: auto + trunking: + mode: disabled + default_network: oob + allowed_networks: + - oob +... +--- +schema: 'drydock/Network/v1' +metadata: + schema: 'metadata/Document/v1' + name: oob + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + cidr: 192.168.41.0/24 + routes: + - subnet: '0.0.0.0/0' + gateway: 192.168.41.1 + ranges: + - type: static + start: 192.168.41.13 + end: 192.168.41.254 +... +--- +schema: 'drydock/NetworkLink/v1' +metadata: + schema: 'metadata/Document/v1' + name: pxe + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + bonding: + mode: disabled + mtu: 9000 + linkspeed: auto + trunking: + mode: disabled + default_network: pxe + allowed_networks: + - pxe +... +--- +schema: 'drydock/Network/v1' +metadata: + schema: 'metadata/Document/v1' + name: pxe + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + cidr: 172.30.2.0/24 + routes: + - subnet: '0.0.0.0/0' + gateway: 172.30.2.40 + ranges: + - type: reserved + start: 172.30.2.2 + end: 172.30.2.10 + - type: static + start: 172.30.2.11 + end: 172.30.2.200 + - type: dhcp + start: 172.30.2.201 + end: 172.30.2.254 + dns: + domain: lab.akraino.org + servers: '192.168.2.85 8.8.8.8 8.8.4.4' +... +--- +schema: 'drydock/NetworkLink/v1' +metadata: + schema: 'metadata/Document/v1' + name: bond0 + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + bonding: + mode: 802.3ad + hash: layer3+4 + peer_rate: fast + mon_rate: 100 + up_delay: 1000 + down_delay: 3000 + mtu: 9000 + linkspeed: auto + trunking: + mode: 802.1q + allowed_networks: + - oam + - storage + - overlay + - calico +... +--- +schema: 'drydock/Network/v1' +metadata: + schema: 'metadata/Document/v1' + name: oam + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + vlan: '41' + mtu: 9000 + cidr: 192.168.2.0/24 + routes: + - subnet: '0.0.0.0/0' + gateway: 192.168.2.200 + ranges: + - type: reserved + start: 192.168.2.84 + end: 192.168.2.86 + - type: static + start: 192.168.2.40 + end: 192.168.2.45 + dns: + domain: lab.akraino.org + servers: '192.168.2.85 8.8.8.8 8.8.4.4' +... +--- +schema: 'drydock/Network/v1' +metadata: + schema: 'metadata/Document/v1' + name: storage + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + vlan: '42' + mtu: 9000 + cidr: 172.31.2.0/24 + ranges: + - type: static + start: 172.31.2.11 + end: 172.31.2.254 +... +--- +schema: 'drydock/Network/v1' +metadata: + schema: 'metadata/Document/v1' + name: overlay + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + vlan: '45' + mtu: 9000 + cidr: 10.0.102.0/24 + ranges: + - type: static + start: 10.0.102.11 + end: 10.0.102.254 +... +--- +schema: 'drydock/Network/v1' +metadata: + schema: 'metadata/Document/v1' + name: calico + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + vlan: '44' + mtu: 9000 + cidr: 172.29.1.0/24 + ranges: + - type: static + start: 172.29.1.5 + end: 172.29.1.254 +... diff --git a/site/dellgen10/pki/pki-catalog.yaml b/site/dellgen10/pki/pki-catalog.yaml new file mode 100644 index 0000000..6b3b1cd --- /dev/null +++ b/site/dellgen10/pki/pki-catalog.yaml @@ -0,0 +1,266 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: promenade/PKICatalog/v1 +metadata: + schema: metadata/Document/v1 + name: cluster-certificates + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + certificate_authorities: + kubernetes: + description: CA for Kubernetes components + certificates: + - document_name: apiserver + description: Service certificate for Kubernetes apiserver + common_name: apiserver + hosts: + - localhost + - 127.0.0.1 + - 10.96.0.1 + kubernetes_service_names: + - kubernetes.default.svc.cluster.local + - document_name: kubelet-genesis + common_name: system:node:aknode40 + hosts: + - aknode40 + - 192.168.2.40 + - 172.29.1.40 + - 172.30.2.40 + groups: + - system:nodes + - document_name: kubelet-aknode40 + common_name: system:node:aknode40 + hosts: + - aknode40 + - 192.168.2.40 + - 172.29.1.40 + - 172.30.2.40 + groups: + - system:nodes + - document_name: kubelet-aknode41 + common_name: system:node:aknode41 + hosts: + - aknode41 + - 192.168.2.41 + - 172.29.1.41 + - 172.30.2.41 + groups: + - system:nodes + - document_name: kubelet-aknode42 + common_name: system:node:aknode42 + hosts: + - aknode42 + - 192.168.2.42 + - 172.29.1.42 + - 172.30.2.42 + groups: + - system:nodes + - document_name: scheduler + description: Service certificate for Kubernetes scheduler + common_name: system:kube-scheduler + - document_name: controller-manager + description: certificate for controller-manager + common_name: system:kube-controller-manager + - document_name: admin + common_name: admin + groups: + - system:masters + - document_name: armada + common_name: armada + groups: + - system:masters + kubernetes-etcd: + description: Certificates for Kubernetes's etcd servers + certificates: + - document_name: apiserver-etcd + description: etcd client certificate for use by Kubernetes apiserver + common_name: apiserver + # NOTE(mark-burnett): hosts not required for client certificates + - document_name: kubernetes-etcd-anchor + description: anchor + common_name: anchor + - document_name: kubernetes-etcd-genesis + common_name: kubernetes-etcd-genesis + hosts: + - aknode40 + - 192.168.2.40 + - 172.29.1.40 + - 172.30.2.40 + - 127.0.0.1 + - localhost + - kubernetes-etcd.kube-system.svc.cluster.local + - 10.96.0.2 + - document_name: kubernetes-etcd-aknode40 + common_name: kubernetes-etcd-aknode40 + hosts: + - aknode40 + - 192.168.2.40 + - 172.29.1.40 + - 172.30.2.40 + - 127.0.0.1 + - localhost + - kubernetes-etcd.kube-system.svc.cluster.local + - 10.96.0.2 + - document_name: kubernetes-etcd-aknode41 + common_name: kubernetes-etcd-aknode41 + hosts: + - aknode41 + - 192.168.2.41 + - 172.29.1.41 + - 172.30.2.41 + - 127.0.0.1 + - localhost + - kubernetes-etcd.kube-system.svc.cluster.local + - 10.96.0.2 + - document_name: kubernetes-etcd-aknode42 + common_name: kubernetes-etcd-aknode42 + hosts: + - aknode42 + - 192.168.2.42 + - 172.29.1.42 + - 172.30.2.42 + - 127.0.0.1 + - localhost + - kubernetes-etcd.kube-system.svc.cluster.local + - 10.96.0.2 + kubernetes-etcd-peer: + certificates: + - document_name: kubernetes-etcd-genesis-peer + common_name: kubernetes-etcd-genesis-peer + hosts: + - aknode40 + - 192.168.2.40 + - 172.29.1.40 + - 172.30.2.40 + - 127.0.0.1 + - localhost + - kubernetes-etcd.kube-system.svc.cluster.local + - 10.96.0.2 + - document_name: kubernetes-etcd-aknode40-peer + common_name: kubernetes-etcd-aknode40-peer + hosts: + - aknode40 + - 192.168.2.40 + - 172.29.1.40 + - 172.30.2.40 + - 127.0.0.1 + - localhost + - kubernetes-etcd.kube-system.svc.cluster.local + - 10.96.0.2 + - document_name: kubernetes-etcd-aknode41-peer + common_name: kubernetes-etcd-aknode41-peer + hosts: + - aknode41 + - 192.168.2.41 + - 172.29.1.41 + - 172.30.2.41 + - 127.0.0.1 + - localhost + - kubernetes-etcd.kube-system.svc.cluster.local + - 10.96.0.2 + - document_name: kubernetes-etcd-aknode42-peer + common_name: kubernetes-etcd-aknode42-peer + hosts: + - aknode42 + - 192.168.2.42 + - 172.29.1.42 + - 172.30.2.42 + - 127.0.0.1 + - localhost + - kubernetes-etcd.kube-system.svc.cluster.local + - 10.96.0.2 + calico-etcd: + description: Certificates for Calico etcd client traffic + certificates: + - document_name: calico-etcd-anchor + description: anchor + common_name: anchor + - document_name: calico-etcd-aknode40 + common_name: calico-etcd-aknode40 + hosts: + - aknode40 + - 192.168.2.40 + - 172.29.1.40 + - 172.30.2.40 + - 127.0.0.1 + - localhost + - 10.96.232.136 + - document_name: calico-etcd-aknode41 + common_name: calico-etcd-aknode41 + hosts: + - aknode41 + - 192.168.2.41 + - 172.29.1.41 + - 172.30.2.41 + - 127.0.0.1 + - localhost + - 10.96.232.136 + - document_name: calico-etcd-aknode42 + common_name: calico-etcd-aknode42 + hosts: + - aknode42 + - 192.168.2.42 + - 172.29.1.42 + - 172.30.2.42 + - 127.0.0.1 + - localhost + - 10.96.232.136 + - document_name: calico-node + common_name: calcico-node + calico-etcd-peer: + description: Certificates for Calico etcd clients + certificates: + - document_name: calico-etcd-aknode40-peer + common_name: calico-etcd-aknode40-peer + hosts: + - aknode40 + - 192.168.2.40 + - 172.29.1.40 + - 172.30.2.40 + - 127.0.0.1 + - localhost + - 10.96.232.136 + - document_name: calico-etcd-aknode41-peer + common_name: calico-etcd-aknode41-peer + hosts: + - aknode41 + - 192.168.2.41 + - 172.29.1.41 + - 172.30.2.41 + - 127.0.0.1 + - localhost + - 10.96.232.136 + - document_name: calico-etcd-aknode42-peer + common_name: calico-etcd-aknode42-peer + hosts: + - aknode42 + - 192.168.2.42 + - 172.29.1.42 + - 172.30.2.42 + - 127.0.0.1 + - localhost + - 10.96.232.136 + - document_name: calico-node-peer + common_name: calcico-node-peer + keypairs: + - name: service-account + description: Service account signing key for use by Kubernetes controller-manager. +... diff --git a/templates/aic-clcp-manifests/software/charts/ucp/ceph/ceph-update.j2 b/site/dellgen10/profiles/genesis.yaml similarity index 59% rename from templates/aic-clcp-manifests/software/charts/ucp/ceph/ceph-update.j2 rename to site/dellgen10/profiles/genesis.yaml index c7bcb47..408374e 100644 --- a/templates/aic-clcp-manifests/software/charts/ucp/ceph/ceph-update.j2 +++ b/site/dellgen10/profiles/genesis.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -15,51 +15,44 @@ # limitations under the License. # ############################################################################## -schema: armada/Chart/v1 +schema: promenade/Genesis/v1 metadata: schema: metadata/Document/v1 - name: ucp-ceph-update + name: genesis-site layeringDefinition: abstract: false layer: site parentSelector: - name: ucp-ceph-global + name: genesis-global actions: - method: replace - path: .values.conf.storage.osd + path: .labels.dynamic - method: merge path: . storagePolicy: cleartext data: - values: - conf: - storage: - osd: -{% for osd in yaml.storage.osds %} - - data: - type: block-logical - location: {{osd.data}} - journal: - type: directory - location: {{osd.journal}} -{% endfor %} - pool: - target: - osd: {{yaml.storage.osd_count}} - default: - crush_rule: replicated_rule -... ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-ceph-update - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - description: Ceph post intall update - chart_group: - - ucp-ceph-update + labels: + dynamic: + - beta.kubernetes.io/fluentd-ds-ready=true + - calico-etcd=enabled + - ceph-mds=enabled + - ceph-mon=enabled + - ceph-osd=enabled + - ceph-rgw=enabled + - ceph-mgr=enabled + - kube-dns=enabled + - kube-ingress=enabled + - kubernetes-apiserver=enabled + - kubernetes-controller-manager=enabled + - kubernetes-etcd=enabled + - kubernetes-scheduler=enabled + - promenade-genesis=enabled + - ucp-control-plane=enabled + - maas-control-plane=enabled + - ceph-osd-bootstrap=enabled + - openstack-libvirt=kernel + - openvswitch=enabled + - openstack-control-plane=enabled + - openstack-nova-compute=enabled + - sriov=enabled ... diff --git a/site/dellgen10/profiles/hardware/generic.yaml b/site/dellgen10/profiles/hardware/generic.yaml new file mode 100644 index 0000000..7109ec0 --- /dev/null +++ b/site/dellgen10/profiles/hardware/generic.yaml @@ -0,0 +1,35 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: 'drydock/HardwareProfile/v1' +metadata: + schema: 'metadata/Document/v1' + name: DELL_HP_Generic + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + vendor: DELL + generation: '10' + hw_version: '3' + bios_version: '2.8' + boot_mode: bios + bootstrap_protocol: pxe + pxe_interface: 0 + device_aliases: {} +... diff --git a/site/dellgen10/profiles/host/compute-r01.yaml b/site/dellgen10/profiles/host/compute-r01.yaml new file mode 100644 index 0000000..b8a8fe4 --- /dev/null +++ b/site/dellgen10/profiles/host/compute-r01.yaml @@ -0,0 +1,124 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: drydock/HostProfile/v1 +metadata: + schema: metadata/Document/v1 + name: ComputePlane + storagePolicy: cleartext + labels: + hosttype: ComputePlane + layeringDefinition: + abstract: false + layer: site + substitutions: + - dest: + path: .oob.credential + src: + schema: deckhand/Passphrase/v1 + name: ipmi_admin_password + path: . +data: + hardware_profile: DELL_HP_Generic + oob: + type: 'ipmi' + network: 'oob' + account: 'root' + primary_network: 'oam' + hardware_profile: DELL_HP_Generic + interfaces: + pxe: + device_link: pxe + slaves: + - 'eno3' + networks: + - 'pxe' + bond0: + device_link: bond0 + slaves: + - 'enp94s0f0' + - 'enp94s0f1' + networks: + - 'oam' + - 'storage' + - 'overlay' + - 'calico' + p1p1: + slaves: + - 'sriov_nic01' + sriov: + vf_count: 32 # Currently ignored + trustedmode: false + p3p2: + slaves: + - 'sriov_nic02' + sriov: + vf_count: 32 # Currently ignored + trustedmode: false + storage: + physical_devices: + sdg: + labels: + bootdrive: 'true' + partitions: + - name: 'root' + size: '20g' + filesystem: + mountpoint: '/' + fstype: 'ext4' + mount_options: 'defaults' + - name: 'boot' + size: '1g' + filesystem: + mountpoint: '/boot' + fstype: 'ext4' + mount_options: 'defaults' + - name: 'var' + size: '>300g' + filesystem: + mountpoint: '/var' + fstype: 'ext4' + mount_options: 'defaults' + sdh: + partitions: + - name: 'nova' + size: '99%' + filesystem: + mountpoint: '/var/lib/nova' + fstype: 'ext4' + mount_options: 'defaults' + platform: + image: 'xenial' + kernel: 'hwe-16.04' + kernel_params: + console: 'ttyS1,115200n8' + intel_iommu: 'on' + iommu: 'pt' + amd_iommu: 'on' + transparent_hugepage: 'never' + hugepagesz: 'hardwareprofile:hugepages.dpdk.size' + hugepages: 'hardwareprofile:hugepages.dpdk.count' + default_hugepagesz: 'hardwareprofile:hugepages.dpdk.size' + isolcpus: 'hardwareprofile:cpuset.kvm' + metadata: + owner_data: + openstack-nova-compute: enabled + openvswitch: enabled + openstack-libvirt: kernel + sriov: enabled + beta.kubernetes.io/fluentd-ds-ready: 'true' +... diff --git a/site/dellgen10/profiles/host/cp-r01.yaml b/site/dellgen10/profiles/host/cp-r01.yaml new file mode 100644 index 0000000..bd74315 --- /dev/null +++ b/site/dellgen10/profiles/host/cp-r01.yaml @@ -0,0 +1,174 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: drydock/HostProfile/v1 +metadata: + schema: metadata/Document/v1 + name: ControlPlane + storagePolicy: cleartext + labels: + hosttype: ControlPlane + layeringDefinition: + abstract: false + layer: site + substitutions: + - dest: + path: .oob.credential + src: + schema: deckhand/Passphrase/v1 + name: ipmi_admin_password + path: . +data: + oob: + type: 'ipmi' + network: 'oob' + account: 'root' + primary_network: 'oam' + hardware_profile: DELL_HP_Generic + interfaces: + pxe: + device_link: pxe + slaves: + - 'eno3' + networks: + - 'pxe' + bond0: + device_link: bond0 + slaves: + - 'enp94s0f0' + - 'enp94s0f1' + networks: + - 'oam' + - 'storage' + - 'overlay' + - 'calico' + p1p1: + slaves: + - 'sriov_nic01' + sriov: + vf_count: 32 # Currently ignored + trustedmode: false + p3p2: + slaves: + - 'sriov_nic02' + sriov: + vf_count: 32 # Currently ignored + trustedmode: false + storage: + physical_devices: + sdg: + labels: + bootdrive: 'true' + partitions: + - name: 'root' + size: '20g' + filesystem: + mountpoint: '/' + fstype: 'ext4' + mount_options: 'defaults' + - name: 'boot' + size: '1g' + filesystem: + mountpoint: '/boot' + fstype: 'ext4' + mount_options: 'defaults' + - name: 'var' + size: '100g' + filesystem: + mountpoint: '/var' + fstype: 'ext4' + mount_options: 'defaults' + sdh: + partitions: + - name: 'ceph' + size: '300g' + filesystem: + mountpoint: '/var/lib/ceph/journal' + fstype: 'ext4' + mount_options: 'defaults' + platform: + image: 'xenial' + kernel: 'hwe-16.04' + kernel_params: + console: 'ttyS1,115200n8' + intel_iommu: 'on' + iommu: 'pt' + amd_iommu: 'on' + transparent_hugepage: 'never' + hugepagesz: 'hardwareprofile:hugepages.dpdk.size' + hugepages: 'hardwareprofile:hugepages.dpdk.count' + default_hugepagesz: 'hardwareprofile:hugepages.dpdk.size' + isolcpus: 'hardwareprofile:cpuset.kvm' + metadata: + owner_data: + control-plane: enabled + ucp-control-plane: enabled + openstack-control-plane: enabled + openstack-heat: enabled + openstack-keystone: enabled + openstack-rabbitmq: enabled + openstack-dns-helper: enabled + openstack-mariadb: enabled + openstack-nova-control: enabled + openstack-etcd: enabled + openstack-mistral: enabled + openstack-memcached: enabled + openstack-glance: enabled + openstack-horizon: enabled + openstack-cinder-control: enabled + openstack-cinder-volume: control + openstack-neutron: enabled + openstack-libvirt: kernel + openvswitch: enabled + openstack-nova-compute: enabled + ucp-barbican: enabled + ceph-bootstrap: enabled + ceph-mon: enabled + ceph-mgr: enabled + ceph-osd: enabled + ceph-mds: enabled + ceph-rgw: enabled + ucp-maas: enabled + kube-dns: enabled + kubernetes-apiserver: enabled + kubernetes-controller-manager: enabled + kubernetes-etcd: enabled + kubernetes-scheduler: enabled + tiller-helm: enabled + kube-etcd: enabled + calico-policy: enabled + calico-node: enabled + calico-etcd: enabled + ucp-armada: enabled + ucp-drydock: enabled + ucp-deckhand: enabled + ucp-shipyard: enabled + IAM: enabled + ucp-promenade: enabled + prometheus-server: enabled + prometheus-client: enabled + fluentd: enabled + influxdb: enabled + kibana: enabled + elasticsearch-client: enabled + elasticsearch-master: enabled + elasticsearch-data: enabled + postgresql: enabled + kube-ingress: enabled + sriov: enabled + beta.kubernetes.io/fluentd-ds-ready: 'true' +... diff --git a/site/dellgen10/profiles/region.yaml b/site/dellgen10/profiles/region.yaml new file mode 100644 index 0000000..0fb343c --- /dev/null +++ b/site/dellgen10/profiles/region.yaml @@ -0,0 +1,36 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: 'drydock/Region/v1' +metadata: + schema: 'metadata/Document/v1' + name: dellgen10 + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext + substitutions: + - dest: + path: .authorized_keys[0] + src: + schema: deckhand/PublicKey/v1 + name: localadmin_ssh_public_key + path: . +data: + tag_definitions: [] + authorized_keys: [] +... diff --git a/site/dellgen10/secrets/certificates/ingress.yaml b/site/dellgen10/secrets/certificates/ingress.yaml new file mode 100644 index 0000000..6c111e8 --- /dev/null +++ b/site/dellgen10/secrets/certificates/ingress.yaml @@ -0,0 +1,144 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +# self-signed certifacte generated based on +# https://libvirt.org/remote.html#Remote_certificates +metadata: + layeringDefinition: + abstract: false + layer: site + name: ingress-crt + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +data: | + -----BEGIN CERTIFICATE----- + MIIFKzCCA5OgAwIBAgIMW2h6FCcFdKeaw3vnMA0GCSqGSIb3DQEBCwUAMBIxEDAO + BgNVBAMTB0FpcnNoaXAwHhcNMTgwODA2MTY0MDUyWhcNMTkwODA2MTY0MDUyWjBJ + MTUwMwYDVQQDEyxpbmdyZXNzLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3Vu + ZHJ5LmNvbTEQMA4GA1UEChMHQWlyc2hpcDCCAaIwDQYJKoZIhvcNAQEBBQADggGP + ADCCAYoCggGBALvNHm/G/ylh6aPcvrhOcb4qz1BjcNtnxH8bzZng/rMeX3W2AzjC + r2JloJcDvOLBp/TkLOZPImnFW2/GCwktxPgXZuBTPzFV50g77KsPFw0fn3Si7+bs + F22tLhdOGk6MQj/WW4pKGHqdw1/VbPwOHBT+I4/scR1L2SZxYtSFIKGenHJH+PMV + bCdwnNOR80F8KRzK5iZs/r6S/QqVheieARSWWnk2+TtkM1BloGOhLSd+ZkWh9VO1 + eOnZowkaDAJwD/G6zoSr5n+beaXzDnEcoVXFSwd4FLoV+om77o92XmZ4rVw0vTMO + k6jVwmkdT+dM2K2hLUG/TXWoV2/Qms70gzDOs85RtAkTPe4Ohtdpr51Q0hd35TKG + YLKzX/OPblD68iYJYSBvMPpAVTbFYVPW1AQx8wWfannYbMoeL8XTEOKfkqm90YP9 + EhIdtmw4D7GZxlzG5FXXutmT9sqLfqlRu/RynAhBP8NQvw74WumhOe8r7GhCwgzC + gaPLGjeekoS6LQIDAQABo4IBSDCCAUQwDAYDVR0TAQH/BAIwADCBzQYDVR0RBIHF + MIHCgixpbmdyZXNzLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3VuZHJ5LmNv + bYIta2V5c3RvbmUuYWlyc2hpcC1zZWF3b3J0aHkuYXRsYW50YWZvdW5kcnkuY29t + gilub3ZhLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3VuZHJ5LmNvbYIsaG9y + aXpvbi5haXJzaGlwLXNlYXdvcnRoeS5hdGxhbnRhZm91bmRyeS5jb22HBAoXFQuH + BAoXFgswEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0PAQH/BAUDAwegADAdBgNV + HQ4EFgQUfTAjNgn/1U1Uh1MJDYT2m4dzhsYwHwYDVR0jBBgwFoAUJFuXPZo6RzfE + BlJjnnk5jhcP4wIwDQYJKoZIhvcNAQELBQADggGBAE2ISWmrxqrledJI3aLaS9Yw + WsZc8O8CnIyLoxrE85vUubFjuI9ixC/6dJxl2iB1n0H8JgmFREox32Q4+kDJI8V/ + X9x0PFpRzL7QEPrLZhW94Yis3sOphLW0rf0t06ZepdHHeodYJu1pVMDmLq6bKXdX + vo+/WwKnZBXC1qPbXJByv/CN9MtViXOnBGORFRTJPb6U8379LNWclJ/LW12yTwNk + JGIbZU61Vxu+2nLIabmmRoODH2jomgMOMMzLgjT3Hvw3whe8GrUoxDiPYQVTDGNm + ly6m+5B1Nx06fkZazonozeaOhSQ7RblUSbo+w8TJmLRzD9ft7p4vpjBGxRADMcuF + DOjATgdZeisBUHTGEO0P6wJOBQuCFMX9AVl+u8ZpcuRaRaN+pBE6/BqcHBB6qV/N + w2DdNtP8BrJ3kJVNEDIo5oTbH5SToxgA4hWBV42M1rB+5vIMDKN3rwVDdNKWYhYc + VZpU3V9V6JzSW1O2w4Wu9PdbWJD9oSvC0qJgnjOXzg== + -----END CERTIFICATE----- +... +--- +metadata: + layeringDefinition: + abstract: false + layer: site + name: ingress-ca + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateAuthority/v1 +data: | + -----BEGIN CERTIFICATE----- + MIID7TCCAlWgAwIBAgIMW2h3tgSwie0Ypx8eMA0GCSqGSIb3DQEBCwUAMBIxEDAO + BgNVBAMTB0FpcnNoaXAwHhcNMTgwODA2MTYzMDQ2WhcNMTkwODA2MTYzMDQ2WjAS + MRAwDgYDVQQDEwdBaXJzaGlwMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKC + AYEAny0Nqu9U2tXdCCTNzD2T62htMmBLg3CmzWajfbfFl7ALqzo3HgbbY3PxTHDE + OJ/lwdm0HkEaGfEDXhJd06WZsa8+fKGqhKXvZXwXx5mJ8LCGxz6xiaxwo9lnKe6V + o3YX7bJ5YIVxQ2jhvZo+dY8Z/buloi2Tp2HbqTejKULH9+qdiQTDXAnyR0NLqzJ0 + YQ4v4yU3zix3nBi8z29lQekGO9quNEka3nw2n0Gxmq5z1bNALGCF5F759mVkB0uT + fPGF+zm9eqlqAgduYg7R+JYUumVHvIoRY454GtAdZHTJHJZP0gQSGJsLff8ROFpI + GVYsOZhJXU9Ihc5VBC5PMErbmCn0YkuxAWNOYBstZ8l+uY6YiPoFV5Ulc/8M0If+ + T6jbqzWoFC+4ysgY95RKOw53S4o/T6AFwiIKIw0xp3UfHCf6kr5Y0+XdDn5CXpJB + d1KK3PoUWzPSsxcUMXvgKWT4x1vsCId21dn1SmVSOEBhM08VZfjd5bvL9Xjt/E0j + mUqDAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcEADAd + BgNVHQ4EFgQUJFuXPZo6RzfEBlJjnnk5jhcP4wIwDQYJKoZIhvcNAQELBQADggGB + AJaoEtnDoWUUs4nSSqIGcoCfpIO0oqVp8DvkBOcxz5Rz8vMVJSC24/UnuCD2Wknx + 2V/E3edXIeRo7duhPtNCT7c8OKY/pJsZQTgOczn4rphoD1pmAIPZmpG6ssPadPiM + EP8xWJHZt8NXG7D5kJX2COvBvgNeWXL6MF7Tv8+t5xzt59Vitdb/7lm9Z6jjpvN+ + zoG0pKx3XYESsnLAVAf00F+kWwds/3x3gQywUAQUDER0jliYUE5id+sojp357Cl9 + XtY+8zSnTduuP8CfMhwv5p6j9xbqacfT7AzpQ6cy4xcQ7MA6JBQcxbaq4NtvIf6+ + d/5N9d8LGnfXdCd9iwNy9Qk23Ea0SNhnk9F/NqGBPakU4TbHh4iTYMC/+hDGInpO + TIRelTidNBFNaIBg3Z0vsh0lDwbt/xhpXip+ZVBqKMTtktEceiVGru9cYUQA2tKI + XNoc5s0uQGMpdFzgED4lXZf+n7yGVMKohvi7Yn96HqujGIrVH6qThsI6m7pUSz40 + +g== + -----END CERTIFICATE----- +... +--- +metadata: + layeringDefinition: + abstract: false + layer: site + name: ingress-key + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIG4wIBAAKCAYEAu80eb8b/KWHpo9y+uE5xvirPUGNw22fEfxvNmeD+sx5fdbYD + OMKvYmWglwO84sGn9OQs5k8iacVbb8YLCS3E+Bdm4FM/MVXnSDvsqw8XDR+fdKLv + 5uwXba0uF04aToxCP9ZbikoYep3DX9Vs/A4cFP4jj+xxHUvZJnFi1IUgoZ6cckf4 + 8xVsJ3Cc05HzQXwpHMrmJmz+vpL9CpWF6J4BFJZaeTb5O2QzUGWgY6EtJ35mRaH1 + U7V46dmjCRoMAnAP8brOhKvmf5t5pfMOcRyhVcVLB3gUuhX6ibvuj3ZeZnitXDS9 + Mw6TqNXCaR1P50zYraEtQb9NdahXb9CazvSDMM6zzlG0CRM97g6G12mvnVDSF3fl + MoZgsrNf849uUPryJglhIG8w+kBVNsVhU9bUBDHzBZ9qedhsyh4vxdMQ4p+Sqb3R + g/0SEh22bDgPsZnGXMbkVde62ZP2yot+qVG79HKcCEE/w1C/Dvha6aE57yvsaELC + DMKBo8saN56ShLotAgMBAAECggGAYzZDhA1+sx/0zApL/xYB5NK83t0Ju/8fwX6w + qUBBjeLXz1mubgf7m2HQ6ragzLI9xpPcXHcl2PbYDT50ig7R5baHNK8FzUxyeKif + qOa56Mbx+C4zyqyi2+AHX2x1XVWfkhXuGip2sCA0HKalgqr5juWLZ/ci8rUlLLft + 3BPQX1FpmL4I+HIyxsspLmQGPGwZVAqkd1xRX+BLKZJAQdlm/LdJaIvwMr4Glcx6 + ZOe68QhHgzXCYsyV6gR9qstF2OvVuLa2mUc7EzYInFIFhXUdAAwmDqkuuLRdRQhf + Ur8nqQW33T0cG0GBUzgBI5YmSPJvTSzcPmeSyNVx2/Yb0pkuXtCw67oDcAsN4nW8 + uls49E2RaiLJYsy5vPsX5aJNcAxw/CWLdadQ3ukviD/MDJbpTl4F52GOVYL6K4XH + g5TJjj7xzjmK3ldR/Kscg7HpCitQLGUYdgIsAFdspXf4aSIa68IjDrc5NsJZuMzc + PbVHrw7QYNfHY7VNdUlOVqH5lS3BAoHBANRqKrQXtnJmM006TCEJXdcN/5M685jz + +L4Ox0Rhrq8ROgcN5q/hjKb6kP/MccQ9voGQOl9TKEyinGNdTtyc/fuH7RNlQwpS + HT+vEzVEcrSe8UFs8c6oJnHFO72ylFcibFf56LvbI3L8BZXp7gPSPQkp5f1NWEZk + X5bUL4UNiOm0diltba/ofxywF0M9WGD00eqi0Q29JRlvun+355j06CENxRoonNZC + wk1evIxhhckP9zLjI2Ykb1hV6yzwPWtmyQKBwQDiVgru/B396KhzDhLl5AL+pBWA + GsfiCbmPLh6W6V5VzldB4+GlMRrJ4zSjZQ3/nvX5KepqjMn1N6LQpZQUI/YShCKE + mW0XMiAfbp2d23MRMjLD8L/bIoBHQOPkCaMjbmyDOlCagWakEvHJO/TieVgTmYk6 + mtEYVjJFWI9OCNMAHdl8ovWr3p+8YbVZ8LLv5ZO/V1cIjczoNQ6p8LG/pPMTDLXM + ScN9a8z3f8LQLBHBlu0155xvt95PQLAon/x21kUCgcAvPVk36hoiQQZhw3hQ1JNx + E2TmanLobkHAiurYE11VA+DC1t2Z+fBc5la+/MnEWfL3P4srzgOlX3imRIcYWzXE + 7crUyG1ray2kDxyXeRyFfN+srDzut8is/q81lfSVmEs+GY8f0DGHDfN0Dq1nXidC + 1XWXqs7aANKdaZ0T2xm61+57ciG1wGAckjDqPEdecLQKmaEijBEnIgj5BH5WLwk8 + 6KIQGj4fDIPHzyzhj4LAX3ObdpZVzf6RR7JgsSEHtLkCgcBROW2dDC87MqZY++D+ + TVBhz8LDgVjgHntQDc3+fGtVQcKAq+YLYU7qyrXWOWrHpGVDcK5mZHYJoVi1peY5 + QBqL1I2KpoDGxT9P6GN6BgoKTsh3FsvTOVNtvrTJ3keEbJlWkrPgbrXGBeJtRC4C + pGdeSUg9FtgY8r4BsuFisLoAHbYyC008y5zpfusVBtNAUlQuY4qhUDoLzxafF/jB + /NEasgH/+SzFss0QuPHRwS7yGVaxdJfoY8TNDjrpqVhx0T0CgcEAvKG4UoWvT8gJ + pIeeAxxnv9yrMxgpntu4RXPDHgfX5tva6EaM3r3nLXjd9FVtlQ4cNBMhp9HNhS3a + dK+oEDcBysVxxfltlS2Bx0+gQf3WxgBCJwayKe3i/XCDza92EENgxTPmqB1LHiq5 + 2b5aOl2Y5fP0eX6UryxRc443c/ejMHw4lGwnno0qpRk9M9Ucqv5J96QCfAlBSQQS + gOG9cypL0kBWzCejn9W4av8HkM8Noqd7Tqul1onv/46OBaX51kt3 + -----END RSA PRIVATE KEY----- +... diff --git a/site/dellgen10/secrets/passphrases/ceph_fsid.yaml b/site/dellgen10/secrets/passphrases/ceph_fsid.yaml new file mode 100644 index 0000000..08c4388 --- /dev/null +++ b/site/dellgen10/secrets/passphrases/ceph_fsid.yaml @@ -0,0 +1,27 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ceph_fsid + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 3e2a3755-863a-423b-bf19-e8b5bf7f3d95 +... diff --git a/site/dellgen10/secrets/passphrases/osh_infra_addons_jenkins_password.yaml b/site/dellgen10/secrets/passphrases/osh_infra_addons_jenkins_password.yaml new file mode 100644 index 0000000..00610fb --- /dev/null +++ b/site/dellgen10/secrets/passphrases/osh_infra_addons_jenkins_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_infra_addons_jenkins_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 0ca991324505e13f7a77 +... diff --git a/site/dellgen10/secrets/passphrases/osh_keystone_ldap_mechid_password.yaml b/site/dellgen10/secrets/passphrases/osh_keystone_ldap_mechid_password.yaml new file mode 100644 index 0000000..04bd863 --- /dev/null +++ b/site/dellgen10/secrets/passphrases/osh_keystone_ldap_mechid_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_keystone_ldap_mechid_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 5aacc198d8a1edeff4a8 +... diff --git a/site/dellgen10/secrets/passphrases/osh_oslo_cache_secret_key.yaml b/site/dellgen10/secrets/passphrases/osh_oslo_cache_secret_key.yaml new file mode 100644 index 0000000..d2f3350 --- /dev/null +++ b/site/dellgen10/secrets/passphrases/osh_oslo_cache_secret_key.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_oslo_cache_secret_key + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 083d87906595da201c0b +... diff --git a/site/site30/secrets/publickey/localadmin_ssh_public_key.yaml b/site/dellgen10/secrets/publickey/localadmin_ssh_public_key.yaml similarity index 93% rename from site/site30/secrets/publickey/localadmin_ssh_public_key.yaml rename to site/dellgen10/secrets/publickey/localadmin_ssh_public_key.yaml index 7bbe911..9ccf31e 100644 --- a/site/site30/secrets/publickey/localadmin_ssh_public_key.yaml +++ b/site/dellgen10/secrets/publickey/localadmin_ssh_public_key.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -18,7 +18,7 @@ schema: deckhand/PublicKey/v1 metadata: schema: metadata/Document/v1 - name: localadmin_ssh_public_key + name: localadmin_ssh_public_key layeringDefinition: abstract: false layer: site diff --git a/site/dellgen10/site-definition.yaml b/site/dellgen10/site-definition.yaml new file mode 100644 index 0000000..0aa12b2 --- /dev/null +++ b/site/dellgen10/site-definition.yaml @@ -0,0 +1,29 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: pegleg/SiteDefinition/v1 +metadata: + schema: metadata/Document/v1 + layeringDefinition: + abstract: false + layer: site + name: dellgen10 + storagePolicy: cleartext +data: + revision: v4.0 + site_type: foundry +... diff --git a/site/site30/software/charts/kubernetes/container-networking/calico.yaml b/site/dellgen10/software/charts/kubernetes/container-networking/calico.yaml similarity index 94% rename from site/site30/software/charts/kubernetes/container-networking/calico.yaml rename to site/dellgen10/software/charts/kubernetes/container-networking/calico.yaml index bdbd4b5..75845c8 100644 --- a/site/site30/software/charts/kubernetes/container-networking/calico.yaml +++ b/site/dellgen10/software/charts/kubernetes/container-networking/calico.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -42,7 +42,7 @@ data: asnumber: 65531 ipv4: additional_cidrs: - - 172.29.1.136/29 + - 172.29.1.128/29 peers: - apiVersion: v1 kind: bgpPeer diff --git a/site/dellgen10/software/charts/kubernetes/container-networking/etcd.yaml b/site/dellgen10/software/charts/kubernetes/container-networking/etcd.yaml new file mode 100644 index 0000000..bd2d637 --- /dev/null +++ b/site/dellgen10/software/charts/kubernetes/container-networking/etcd.yaml @@ -0,0 +1,191 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: kubernetes-calico-etcd + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: kubernetes-calico-etcd-global + actions: + - method: merge + path: . + storagePolicy: cleartext + substitutions: + + # Chart source + - src: + schema: pegleg/SoftwareVersions/v1 + name: software-versions + path: .charts.kubernetes.calico.etcd + dest: + path: .source + + # Image versions + - src: + schema: pegleg/SoftwareVersions/v1 + name: software-versions + path: .images.calico.etcd + dest: + path: .values.images.tags + + # IP addresses + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .calico.etcd.service_ip + dest: + path: .values.service.ip + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .calico.etcd.service_ip + dest: + path: .values.anchor.etcdctl_endpoint + + # CAs + - src: + schema: deckhand/CertificateAuthority/v1 + name: calico-etcd + path: . + dest: + path: .values.secrets.tls.client.ca + - src: + schema: deckhand/CertificateAuthority/v1 + name: calico-etcd-peer + path: . + dest: + path: .values.secrets.tls.peer.ca + + # Anchor client cert + - src: + schema: deckhand/Certificate/v1 + name: calico-etcd-anchor + path: . + dest: + path: .values.secrets.anchor.tls.cert + - src: + schema: deckhand/CertificateKey/v1 + name: calico-etcd-anchor + path: . + dest: + path: .values.secrets.anchor.tls.key + + # Node names + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .masters[0].hostname + dest: + path: .values.nodes[0].name + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .masters[1].hostname + dest: + path: .values.nodes[1].name + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .genesis.hostname + dest: + path: .values.nodes[2].name + + # Server certs + - src: + schema: deckhand/Certificate/v1 + name: calico-etcd-aknode41 + path: . + dest: + path: .values.nodes[0].tls.client.cert + - src: + schema: deckhand/CertificateKey/v1 + name: calico-etcd-aknode41 + path: . + dest: + path: .values.nodes[0].tls.client.key + - src: + schema: deckhand/Certificate/v1 + name: calico-etcd-aknode41-peer + path: . + dest: + path: .values.nodes[0].tls.peer.cert + - src: + schema: deckhand/CertificateKey/v1 + name: calico-etcd-aknode41-peer + path: . + dest: + path: .values.nodes[0].tls.peer.key + - src: + schema: deckhand/Certificate/v1 + name: calico-etcd-aknode42 + path: . + dest: + path: .values.nodes[1].tls.client.cert + - src: + schema: deckhand/CertificateKey/v1 + name: calico-etcd-aknode42 + path: . + dest: + path: .values.nodes[1].tls.client.key + - src: + schema: deckhand/Certificate/v1 + name: calico-etcd-aknode42-peer + path: . + dest: + path: .values.nodes[1].tls.peer.cert + - src: + schema: deckhand/CertificateKey/v1 + name: calico-etcd-aknode42-peer + path: . + dest: + path: .values.nodes[1].tls.peer.key + + # NOTE(mb874d): Be sure we generate these certs for genesis. + - src: + schema: deckhand/Certificate/v1 + name: calico-etcd-aknode40 + path: . + dest: + path: .values.nodes[2].tls.client.cert + - src: + schema: deckhand/CertificateKey/v1 + name: calico-etcd-aknode40 + path: . + dest: + path: .values.nodes[2].tls.client.key + - src: + schema: deckhand/Certificate/v1 + name: calico-etcd-aknode40-peer + path: . + dest: + path: .values.nodes[2].tls.peer.cert + - src: + schema: deckhand/CertificateKey/v1 + name: calico-etcd-aknode40-peer + path: . + dest: + path: .values.nodes[2].tls.peer.key + +data: + values: + manifests: + test_etcd_health: false +... diff --git a/site/dellgen10/software/charts/kubernetes/dns/coredns.yaml b/site/dellgen10/software/charts/kubernetes/dns/coredns.yaml new file mode 100644 index 0000000..01d7d57 --- /dev/null +++ b/site/dellgen10/software/charts/kubernetes/dns/coredns.yaml @@ -0,0 +1,102 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: coredns + replacement: true + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: coredns-global + actions: + - method: replace + path: .values.conf.coredns.corefile + - method: merge + path: . + storagePolicy: cleartext + substitutions: + # Zones + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .dns.cluster_domain + dest: + path: .values.conf.coredns.corefile + pattern: '(CLUSTER_DOMAIN)' + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .kubernetes.service_cidr + dest: + path: .values.conf.coredns.corefile + pattern: '(SERVICE_CIDR)' + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .kubernetes.pod_cidr + dest: + path: .values.conf.coredns.corefile + pattern: '(POD_CIDR)' + + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .dns.upstream_servers[0] + dest: + path: .values.conf.coredns.corefile + pattern: '(UPSTREAM1)' + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .dns.upstream_servers[1] + dest: + path: .values.conf.coredns.corefile + pattern: '(UPSTREAM2)' + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .dns.upstream_servers[2] + dest: + path: .values.conf.coredns.corefile + pattern: '(UPSTREAM3)' +data: + values: + conf: + coredns: + # TODO(alanmeadows) this needs to be adjusted to use substition + corefile: | + .:53 { + errors + health + autopath @kubernetes + kubernetes CLUSTER_DOMAIN SERVICE_CIDR POD_CIDR { + pods insecure + fallthrough in-addr.arpa ip6.arpa + upstream UPSTREAM1 + upstream UPSTREAM2 + upstream UPSTREAM3 + } + prometheus :9153 + proxy . UPSTREAM1 + proxy . UPSTREAM2 + proxy . UPSTREAM3 + cache 30 + } +... diff --git a/site/dellgen10/software/charts/kubernetes/etcd/etcd.yaml b/site/dellgen10/software/charts/kubernetes/etcd/etcd.yaml new file mode 100644 index 0000000..3afeb10 --- /dev/null +++ b/site/dellgen10/software/charts/kubernetes/etcd/etcd.yaml @@ -0,0 +1,187 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: kubernetes-etcd + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: kubernetes-etcd-global + actions: + - method: merge + path: . + storagePolicy: cleartext + substitutions: + + # Chart source + - src: + schema: pegleg/SoftwareVersions/v1 + name: software-versions + path: .charts.kubernetes.etcd + dest: + path: .source + + # Images + - src: + schema: pegleg/SoftwareVersions/v1 + name: software-versions + path: .images.kubernetes.etcd + dest: + path: .values.images.tags + + # IP addresses + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .kubernetes.etcd_service_ip + dest: + path: .values.service.ip + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .kubernetes.etcd_service_ip + dest: + path: .values.anchor.etcdctl_endpoint + + # CAs + - src: + schema: deckhand/CertificateAuthority/v1 + name: kubernetes-etcd + path: . + dest: + path: .values.secrets.tls.client.ca + - src: + schema: deckhand/CertificateAuthority/v1 + name: kubernetes-etcd-peer + path: . + dest: + path: .values.secrets.tls.peer.ca + + - src: + schema: deckhand/Certificate/v1 + name: kubernetes-etcd-anchor + path: . + dest: + path: .values.secrets.anchor.tls.cert + - src: + schema: deckhand/CertificateKey/v1 + name: kubernetes-etcd-anchor + path: . + dest: + path: .values.secrets.anchor.tls.key + + # Node names + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .masters[0].hostname + dest: + path: .values.nodes[0].name + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .masters[1].hostname + dest: + path: .values.nodes[1].name + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .genesis.hostname + dest: + path: .values.nodes[2].name + + # Server certs + - src: + schema: deckhand/Certificate/v1 + name: kubernetes-etcd-aknode41 + path: . + dest: + path: .values.nodes[0].tls.client.cert + - src: + schema: deckhand/CertificateKey/v1 + name: kubernetes-etcd-aknode41 + path: . + dest: + path: .values.nodes[0].tls.client.key + - src: + schema: deckhand/Certificate/v1 + name: kubernetes-etcd-aknode41-peer + path: . + dest: + path: .values.nodes[0].tls.peer.cert + - src: + schema: deckhand/CertificateKey/v1 + name: kubernetes-etcd-aknode41-peer + path: . + dest: + path: .values.nodes[0].tls.peer.key + - src: + schema: deckhand/Certificate/v1 + name: kubernetes-etcd-aknode42 + path: . + dest: + path: .values.nodes[1].tls.client.cert + - src: + schema: deckhand/CertificateKey/v1 + name: kubernetes-etcd-aknode42 + path: . + dest: + path: .values.nodes[1].tls.client.key + - src: + schema: deckhand/Certificate/v1 + name: kubernetes-etcd-aknode42-peer + path: . + dest: + path: .values.nodes[1].tls.peer.cert + - src: + schema: deckhand/CertificateKey/v1 + name: kubernetes-etcd-aknode42-peer + path: . + dest: + path: .values.nodes[1].tls.peer.key + + # Genesis node + - src: + schema: deckhand/Certificate/v1 + name: kubernetes-etcd-genesis + path: . + dest: + path: .values.nodes[2].tls.client.cert + - src: + schema: deckhand/CertificateKey/v1 + name: kubernetes-etcd-genesis + path: . + dest: + path: .values.nodes[2].tls.client.key + - src: + schema: deckhand/Certificate/v1 + name: kubernetes-etcd-genesis-peer + path: . + dest: + path: .values.nodes[2].tls.peer.cert + - src: + schema: deckhand/CertificateKey/v1 + name: kubernetes-etcd-genesis-peer + path: $ + dest: + path: .values.nodes[2].tls.peer.key + +data: {} +... diff --git a/site/site30/software/charts/kubernetes/ingress/ingress.yaml b/site/dellgen10/software/charts/kubernetes/ingress/ingress.yaml similarity index 94% rename from site/site30/software/charts/kubernetes/ingress/ingress.yaml rename to site/dellgen10/software/charts/kubernetes/ingress/ingress.yaml index 13b4030..d7121cb 100644 --- a/site/site30/software/charts/kubernetes/ingress/ingress.yaml +++ b/site/dellgen10/software/charts/kubernetes/ingress/ingress.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/dellgen10/software/charts/osh-infra/osh-infra-logging/elasticsearch.yaml b/site/dellgen10/software/charts/osh-infra/osh-infra-logging/elasticsearch.yaml new file mode 100644 index 0000000..f838322 --- /dev/null +++ b/site/dellgen10/software/charts/osh-infra/osh-infra-logging/elasticsearch.yaml @@ -0,0 +1,32 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: elasticsearch + layeringDefinition: + abstract: false + layer: site + parentSelector: + hosttype: elasticsearch-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: {} +... diff --git a/site/dellgen10/software/charts/osh-infra/osh-infra-logging/fluent-logging.yaml b/site/dellgen10/software/charts/osh-infra/osh-infra-logging/fluent-logging.yaml new file mode 100644 index 0000000..bf4b39f --- /dev/null +++ b/site/dellgen10/software/charts/osh-infra/osh-infra-logging/fluent-logging.yaml @@ -0,0 +1,32 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: fluent-logging + layeringDefinition: + abstract: false + layer: site + parentSelector: + hosttype: fluent-logging-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: {} +... diff --git a/site/dellgen10/software/charts/osh/openstack-compute-kit/neutron.yaml b/site/dellgen10/software/charts/osh/openstack-compute-kit/neutron.yaml new file mode 100644 index 0000000..7941670 --- /dev/null +++ b/site/dellgen10/software/charts/osh/openstack-compute-kit/neutron.yaml @@ -0,0 +1,69 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: neutron + replacement: true + labels: + component: neutron + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: neutron-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + labels: + agent: + sriov: + node_selector_key: sriov + node_selector_value: enabled + network: + backend: + - openvswitch + - sriov + interface: + sriov: + - device: enp135s0f0 + num_vfs: 32 + promisc: false + - device: enp135s0f1 + num_vfs: 32 + promisc: false + conf: + plugins: + openvswitch_agent: + ovs: + bridge_mappings: bond0:br-bond0 + sriov_agent: + securitygroup: + firewall_driver: neutron.agent.firewall.NoopFirewallDriver + sriov_nic: + exclude_devices: null + physical_device_mappings: 'sriovnet1:enp135s0f0,sriovnet2:enp135s0f1' + ml2_conf: + ml2: + mechanism_drivers: l2population,openvswitch,sriovnicswitch + ml2_type_vlan: + network_vlan_ranges: bond0:46:300,sriovnet1:2001:3000,sriovnet2:2001:3000 +... diff --git a/site/dellgen10/software/charts/osh/openstack-compute-kit/nova.yaml b/site/dellgen10/software/charts/osh/openstack-compute-kit/nova.yaml new file mode 100644 index 0000000..5cd0e3e --- /dev/null +++ b/site/dellgen10/software/charts/osh/openstack-compute-kit/nova.yaml @@ -0,0 +1,52 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: nova + labels: + component: nova + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: nova-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + network: + backend: + - openvswitch + - sriov + conf: + nova: + filter_scheduler: + enabled_filters: "RetryFilter, AvailabilityZoneFilter, RamFilter, ComputeFilter, ComputeCapabilitiesFilter, ImagePropertiesFilter, ServerGroupAntiAffinityFilter, ServerGroupAffinityFilter, PciPassthroughFilter, NUMATopologyFilter, DifferentHostFilter, SameHostFilter" + libvirt: + virt_type: kvm + DEFAULT: + vcpu_pin_set: "4-21,26-43,48-65,72-87" + vif_plugging_is_fatal: False + vif_plugging_timeout: 30 + pci: + alias: '{ "vendor_id":"10de", "product_id":"1db4", "name":"V100", "device_type":"type-PCI" }' + passthrough_whitelist: '{"vendor_id": "10de", "product_id": "1db4"}' +... diff --git a/site/dellgen10/software/charts/ucp/ceph/ceph-client-update.yaml b/site/dellgen10/software/charts/ucp/ceph/ceph-client-update.yaml new file mode 100644 index 0000000..4ed957f --- /dev/null +++ b/site/dellgen10/software/charts/ucp/ceph/ceph-client-update.yaml @@ -0,0 +1,37 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: ucp-ceph-client-update + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: ucp-ceph-client-update-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + conf: + pool: + target: + osd: 18 +... diff --git a/site/dellgen10/software/charts/ucp/ceph/ceph-client.yaml b/site/dellgen10/software/charts/ucp/ceph/ceph-client.yaml new file mode 100644 index 0000000..6dc9822 --- /dev/null +++ b/site/dellgen10/software/charts/ucp/ceph/ceph-client.yaml @@ -0,0 +1,37 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: ucp-ceph-client + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: ucp-ceph-client-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + conf: + pool: + target: + osd: 6 +... diff --git a/site/site30/software/charts/ucp/ceph/ceph-update.yaml b/site/dellgen10/software/charts/ucp/ceph/ceph-osd.yaml similarity index 72% rename from site/site30/software/charts/ucp/ceph/ceph-update.yaml rename to site/dellgen10/software/charts/ucp/ceph/ceph-osd.yaml index aa1f372..d5a95d4 100644 --- a/site/site30/software/charts/ucp/ceph/ceph-update.yaml +++ b/site/dellgen10/software/charts/ucp/ceph/ceph-osd.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -18,12 +18,12 @@ schema: armada/Chart/v1 metadata: schema: metadata/Document/v1 - name: ucp-ceph-update + name: ucp-ceph-osd layeringDefinition: abstract: false layer: site parentSelector: - name: ucp-ceph-global + name: ucp-ceph-osd-global actions: - method: replace path: .values.conf.storage.osd @@ -35,6 +35,12 @@ data: conf: storage: osd: + - data: + type: block-logical + location: /dev/sda + journal: + type: directory + location: /var/lib/ceph/journal/journal-sda - data: type: block-logical location: /dev/sdb @@ -65,41 +71,4 @@ data: journal: type: directory location: /var/lib/ceph/journal/journal-sdf - - data: - type: block-logical - location: /dev/sdg - journal: - type: directory - location: /var/lib/ceph/journal/journal-sdg - - data: - type: block-logical - location: /dev/sdh - journal: - type: directory - location: /var/lib/ceph/journal/journal-sdh - - data: - type: block-logical - location: /dev/sdi - journal: - type: directory - location: /var/lib/ceph/journal/journal-sdi - pool: - target: - osd: 24 - default: - crush_rule: replicated_rule -... ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-ceph-update - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - description: Ceph post intall update - chart_group: - - ucp-ceph-update ... diff --git a/site/dellgen10/software/charts/ucp/divingbell/divingbell.yaml b/site/dellgen10/software/charts/ucp/divingbell/divingbell.yaml new file mode 100644 index 0000000..5b9525a --- /dev/null +++ b/site/dellgen10/software/charts/ucp/divingbell/divingbell.yaml @@ -0,0 +1,47 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: ucp-divingbell + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: ucp-divingbell-global + actions: + - method: merge + path: . + storagePolicy: cleartext + substitutions: + - dest: + path: .values.conf.uamlite.users[0].user_sshkeys[0] + src: + schema: deckhand/PublicKey/v1 + name: localadmin_ssh_public_key + path: . + +data: + values: + conf: + uamlite: + users: + - user_name: localadmin + user_sudo: true + user_sshkeys: [] +... diff --git a/site/dellgen10/software/charts/ucp/drydock/maas.yaml b/site/dellgen10/software/charts/ucp/drydock/maas.yaml new file mode 100644 index 0000000..4aad5c7 --- /dev/null +++ b/site/dellgen10/software/charts/ucp/drydock/maas.yaml @@ -0,0 +1,47 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: ucp-maas + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: ucp-maas-global + actions: + - method: replace + path: .values.conf.maas.proxy + - method: merge + path: . + storagePolicy: cleartext +data: + values: + conf: + maas: + ntp: + disable_ntpd_region: true + disable_ntpd_rack: true + images: + default_os: 'ubuntu' + default_image: 'xenial' + default_kernel: 'hwe-16.04' + proxy: + proxy_enabled: 'false' + peer_proxy_enabled: false +... diff --git a/site/dellgen10/software/charts/ucp/promenade/promenade.yaml b/site/dellgen10/software/charts/ucp/promenade/promenade.yaml new file mode 100644 index 0000000..3ba5671 --- /dev/null +++ b/site/dellgen10/software/charts/ucp/promenade/promenade.yaml @@ -0,0 +1,40 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: ucp-promenade + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: ucp-promenade-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + pod: + env: + promenade_api: + - name: no_proxy + value: localhost,127.0.0.1,192.168.0.0/16,172.0.0.0/8,10.0.0.0/8 + - name: NO_PROXY + value: localhost,127.0.0.1,192.168.0.0/16,172.0.0.0/8,10.0.0.0/8 +... diff --git a/site/dellgen10/software/config/common-software-config.yaml b/site/dellgen10/software/config/common-software-config.yaml new file mode 100644 index 0000000..6683425 --- /dev/null +++ b/site/dellgen10/software/config/common-software-config.yaml @@ -0,0 +1,29 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: pegleg/CommonSoftwareConfig/v1 +metadata: + schema: metadata/Document/v1 + name: common-software-config + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + osh: + region_name: RegionOne +... diff --git a/site/dellgen10/software/config/endpoints.yaml b/site/dellgen10/software/config/endpoints.yaml new file mode 100644 index 0000000..0f0324c --- /dev/null +++ b/site/dellgen10/software/config/endpoints.yaml @@ -0,0 +1,1582 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: pegleg/EndpointCatalogue/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_endpoints + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext + # substitutions: + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .ucp.identity.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .ucp.shipyard.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .ceph.object_store.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .ceph.ceph_object_store.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .ceph.object_store.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .ceph.object_store.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .ceph.object_store.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .ucp.identity.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .ucp.identity.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .ucp.identity.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .ucp.shipyard.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .ucp.shipyard.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .ucp.shipyard.host_fqdn_override.public.tls.key +data: + ucp: + identity: + namespace: ucp + name: keystone + hosts: + default: keystone-api + public: keystone + host_fqdn_override: + default: null + # public: + # host: iam.DOMAIN + path: + default: /v3 + scheme: + default: http + # public: https + port: + admin: + default: 35357 + api: + default: 80 + public: 80 + armada: + name: armada + hosts: + default: armada-api + public: armada + port: + api: + default: 8000 + path: + default: /api/v1.0 + scheme: + default: http + host_fqdn_override: + default: null + deckhand: + name: deckhand + hosts: + default: deckhand-int + public: deckhand-api + port: + api: + default: 9000 + path: + default: /api/v1.0 + scheme: + default: http + host_fqdn_override: + default: null + postgresql: + name: postgresql + hosts: + default: postgresql + path: /DB_NAME + scheme: postgresql+psycopg2 + port: + postgresql: + default: 5432 + host_fqdn_override: + default: null + postgresql_airflow_celery: + name: postgresql_airflow_celery_db + hosts: + default: postgresql + path: /DB_NAME + scheme: db+postgresql + port: + postgresql: + default: 5432 + host_fqdn_override: + default: null + oslo_db: + hosts: + default: mariadb + discovery: mariadb-discovery + host_fqdn_override: + default: null + path: /DB_NAME + scheme: mysql+pymysql + port: + mysql: + default: 3306 + wsrep: + default: 4567 + key_manager: + name: barbican + hosts: + default: barbican-api + public: barbican + host_fqdn_override: + default: null + path: + default: /v1 + scheme: + default: http + port: + api: + default: 9311 + public: 80 + oslo_messaging: + namespace: null + hosts: + default: rabbitmq + host_fqdn_override: + default: null + path: /openstack + scheme: rabbit + port: + amqp: + default: 5672 + oslo_cache: + hosts: + default: memcached + host_fqdn_override: + default: null + port: + memcache: + default: 11211 + physicalprovisioner: + name: drydock + hosts: + default: drydock-api + port: + api: + default: 9000 + nodeport: 31900 + path: + default: /api/v1.0 + scheme: + default: http + host_fqdn_override: + default: null + maas_region_ui: + name: maas-region-ui + hosts: + default: maas-region-ui + public: maas + path: + default: /MAAS + scheme: + default: "http" + port: + region_ui: + default: 80 + public: 80 + host_fqdn_override: + default: null + kubernetesprovisioner: + name: promenade + hosts: + default: promenade-api + port: + api: + default: 80 + path: + default: /api/v1.0 + scheme: + default: http + host_fqdn_override: + default: null + shipyard: + name: shipyard + hosts: + default: shipyard-int + public: shipyard-api + port: + api: + default: 9000 + public: 80 + path: + default: /api/v1.0 + scheme: + default: http + # public: https + host_fqdn_override: + default: null + # public: + # host: shipyard.DOMAIN + airflow_web: + name: airflow-web + hosts: + default: airflow-web-int + public: airflow-web + port: + airflow_web: + default: 8080 + path: + default: / + scheme: + default: http + host_fqdn_override: + default: null + airflow_flower: + name: airflow-flower + hosts: + default: airflow-flower + port: + airflow_flower: + default: 5555 + path: + default: / + scheme: + default: http + host_fqdn_override: + default: null + ceph: + object_store: + name: swift + namespace: ceph + hosts: + default: ceph-rgw + public: radosgw + host_fqdn_override: + default: null + # public: + # host: object-store.DOMAIN + path: + default: /swift/v1 + scheme: + default: http + # public: "https" + port: + api: + default: 8088 + # public: 443 + ceph_object_store: + name: radosgw + namespace: ceph + hosts: + default: ceph-rgw + public: radosgw + host_fqdn_override: + default: null + # public: + # host: object-store.DOMAIN + path: + default: /auth/v1.0 + scheme: + default: "http" + # public: "https" + port: + api: + default: 8088 + # public: 443 + ceph_mon: + namespace: ceph + hosts: + default: ceph-mon + discovery: ceph-mon-discovery + host_fqdn_override: + default: null + port: + mon: + default: 6789 + ceph_mgr: + namespace: ceph + hosts: + default: ceph-mgr + host_fqdn_override: + default: null + port: + mgr: + default: 7000 + scheme: + default: http +... +--- +schema: pegleg/EndpointCatalogue/v1 +metadata: + schema: metadata/Document/v1 + name: osh_endpoints + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext + # substitutions: + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.object_store.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.ceph_object_store.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.object_store.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.object_store.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.object_store.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.ceph_object_store.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.ceph_object_store.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.ceph_object_store.host_fqdn_override.public.tls.key + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.image.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.cloudformation.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.orchestration.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.compute.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.compute_novnc_proxy.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.placement.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.network.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.identity.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.dashboard.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.volume.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.volumev2.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.volumev3.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.identity.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.identity.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.identity.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.orchestration.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.orchestration.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.orchestration.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.cloudformation.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.cloudformation.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.cloudformation.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.dashboard.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.dashboard.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.dashboard.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.image.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.image.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.image.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.volume.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.volume.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.volume.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.volumev2.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.volumev2.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.volumev2.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.volumev3.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.volumev3.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.volumev3.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.compute.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.compute.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.compute.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.placement.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.placement.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.placement.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.network.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.network.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.network.host_fqdn_override.public.tls.key +data: + osh: + object_store: + name: swift + namespace: ceph + hosts: + default: ceph-rgw + public: radosgw + host_fqdn_override: + default: null + # public: + # host: object-store.DOMAIN + path: + default: /swift/v1/KEY_$(tenant_id)s + scheme: + default: http + # public: "https" + port: + api: + default: 8088 + # public: 443 + ceph_object_store: + name: radosgw + namespace: ceph + hosts: + default: ceph-rgw + public: radosgw + host_fqdn_override: + default: null + # public: + # host: object-store.DOMAIN + path: + default: /auth/v1.0 + scheme: + default: "http" + # public: "https" + port: + api: + default: 8088 + # public: 443 + oslo_db: + hosts: + default: mariadb + discovery: mariadb-discovery + host_fqdn_override: + default: null + path: /DB_NAME + scheme: mysql+pymysql + port: + mysql: + default: 3306 + wsrep: + default: 4567 + keystone_oslo_messaging: + namespace: openstack + hosts: + default: keystone-rabbitmq + host_fqdn_override: + default: null + path: /keystone + scheme: rabbit + port: + amqp: + default: 5672 + http: + default: 15672 + keystone_rabbitmq_exporter: + namespace: openstack + hosts: + default: keystone-rabbitmq-exporter + host_fqdn_override: + default: null + path: + default: /metrics + scheme: + default: "http" + port: + metrics: + default: 9095 + oslo_cache: + namespace: openstack + hosts: + default: memcached + host_fqdn_override: + default: null + port: + memcache: + default: 11211 + identity: + namespace: openstack + name: keystone + hosts: + default: keystone-api + public: keystone + host_fqdn_override: + default: null + # public: + # host: identity.DOMAIN + path: + default: /v3 + scheme: + default: "http" + # public: "https" + port: + admin: + default: 35357 + api: + default: 80 + # public: 443 + glance_oslo_messaging: + namespace: openstack + hosts: + default: glance-rabbitmq + host_fqdn_override: + default: null + path: /glance + scheme: rabbit + port: + amqp: + default: 5672 + http: + default: 15672 + glance_rabbitmq_exporter: + namespace: openstack + hosts: + default: glance-rabbitmq-exporter + host_fqdn_override: + default: null + path: + default: /metrics + scheme: + default: "http" + port: + metrics: + default: 9095 + image: + name: glance + hosts: + default: glance-api + public: glance + host_fqdn_override: + default: null + # public: + # host: image.DOMAIN + path: + default: null + scheme: + default: "http" + # public: "https" + port: + api: + default: 9292 + # public: 443 + image_registry: + name: glance-registry + hosts: + default: glance-registry + public: glance-reg + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + api: + default: 9191 + public: 80 + cinder_oslo_messaging: + namespace: openstack + hosts: + default: cinder-rabbitmq + host_fqdn_override: + default: null + path: /cinder + scheme: rabbit + port: + amqp: + default: 5672 + http: + default: 15672 + cinder_rabbitmq_exporter: + namespace: openstack + hosts: + default: cinder-rabbitmq-exporter + host_fqdn_override: + default: null + path: + default: /metrics + scheme: + default: "http" + port: + metrics: + default: 9095 + volume: + name: cinder + hosts: + default: cinder-api + public: cinder + host_fqdn_override: + default: null + # public: + # host: volume.DOMAIN + path: + default: "/v1/%(tenant_id)s" + scheme: + default: "http" + # public: "https" + port: + api: + default: 8776 + # public: 443 + volumev2: + name: cinderv2 + hosts: + default: cinder-api + public: cinder + host_fqdn_override: + default: null + # public: + # host: volume.DOMAIN + path: + default: "/v2/%(tenant_id)s" + scheme: + default: "http" + # public: "https" + port: + api: + default: 8776 + # public: 443 + volumev3: + name: cinderv3 + hosts: + default: cinder-api + public: cinder + host_fqdn_override: + default: null + # public: + # host: volume.DOMAIN + path: + default: "/v3/%(tenant_id)s" + scheme: + default: "http" + # public: "https" + port: + api: + default: 8776 + # public: 443 + heat_oslo_messaging: + namespace: openstack + hosts: + default: heat-rabbitmq + host_fqdn_override: + default: null + path: /heat + scheme: rabbit + port: + amqp: + default: 5672 + http: + default: 15672 + heat_rabbitmq_exporter: + namespace: openstack + hosts: + default: heat-rabbitmq-exporter + host_fqdn_override: + default: null + path: + default: /metrics + scheme: + default: "http" + port: + metrics: + default: 9095 + orchestration: + name: heat + hosts: + default: heat-api + public: heat + host_fqdn_override: + default: null + # public: + # host: orchestration.DOMAIN + path: + default: "/v1/%(project_id)s" + scheme: + default: "http" + # public: "https" + port: + api: + default: 8004 + # public: 443 + cloudformation: + name: heat-cfn + hosts: + default: heat-cfn + public: cloudformation + host_fqdn_override: + default: null + # public: + # host: cloudformation.DOMAIN + path: + default: /v1 + scheme: + default: "http" + # public: "https" + port: + api: + default: 8000 + # public: 443 + cloudwatch: + name: heat-cloudwatch + hosts: + default: heat-cloudwatch + public: cloudwatch + host_fqdn_override: + default: null + path: + default: null + type: null + scheme: + default: "http" + port: + api: + default: 8003 + public: 80 + neutron_oslo_messaging: + namespace: openstack + hosts: + default: neutron-rabbitmq + host_fqdn_override: + default: null + path: /neutron + scheme: rabbit + port: + amqp: + default: 5672 + http: + default: 15672 + neutron_rabbitmq_exporter: + namespace: openstack + hosts: + default: neutron-rabbitmq-exporter + host_fqdn_override: + default: null + path: + default: /metrics + scheme: + default: "http" + port: + metrics: + default: 9095 + network: + name: neutron + hosts: + default: neutron-server + public: neutron + host_fqdn_override: + default: null + # public: + # host: network.DOMAIN + path: + default: null + scheme: + default: "http" + # public: "https" + port: + api: + default: 9696 + # public: 443 + nova_oslo_messaging: + namespace: openstack + hosts: + default: nova-rabbitmq + host_fqdn_override: + default: null + path: /nova + scheme: rabbit + port: + amqp: + default: 5672 + http: + default: 15672 + nova_rabbitmq_exporter: + namespace: openstack + hosts: + default: nova-rabbitmq-exporter + host_fqdn_override: + default: null + path: + default: /metrics + scheme: + default: "http" + port: + metrics: + default: 9095 + compute: + name: nova + hosts: + default: nova-api + public: nova + host_fqdn_override: + default: null + # public: + # host: compute.DOMAIN + path: + default: "/v2/%(tenant_id)s" + scheme: + default: "http" + # public: "https" + port: + api: + default: 8774 + # public: 443 + novncproxy: + default: 443 + compute_metadata: + name: nova + hosts: + default: nova-metadata + public: metadata + host_fqdn_override: + default: null + path: + default: / + scheme: + default: "http" + port: + metadata: + default: 8775 + public: 80 + compute_novnc_proxy: + name: nova + hosts: + default: nova-novncproxy + public: novncproxy + host_fqdn_override: + default: null + # public: + # host: nova-novncproxy.DOMAIN + path: + default: /vnc_auto.html + scheme: + default: "http" + # public: "https" + port: + novnc_proxy: + default: 6080 + # public: 443 + compute_spice_proxy: + name: nova + hosts: + default: nova-spiceproxy + host_fqdn_override: + default: null + path: + default: /spice_auto.html + scheme: + default: "http" + port: + spice_proxy: + default: 6082 + placement: + name: placement + hosts: + default: placement-api + public: placement + host_fqdn_override: + default: null + # public: + # host: placement.DOMAIN + path: + default: / + scheme: + default: "http" + # public: "https" + port: + api: + default: 8778 + # public: 443 + dashboard: + name: horizon + hosts: + default: horizon-int + public: horizon + host_fqdn_override: + default: null + # public: + # host: dashboard.DOMAIN + path: + default: null + scheme: + default: "http" + # public: "https" + port: + web: + default: 80 + # public: 443 +... +--- +schema: pegleg/EndpointCatalogue/v1 +metadata: + schema: metadata/Document/v1 + name: osh_infra_endpoints + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext + # substitutions: + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh_infra.kibana.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh_infra.grafana.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh_infra.nagios.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh_infra.kibana.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh_infra.kibana.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh_infra.kibana.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh_infra.grafana.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh_infra.grafana.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh_infra.grafana.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh_infra.nagios.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh_infra.nagios.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh_infra.nagios.host_fqdn_override.public.tls.key + # path: .osh_infra.nagios.host_fqdn_override.public.tls.key + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .ldap.base_url + # dest: + # path: .osh_infra.ldap.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .ldap.auth_path + # dest: + # path: .osh_infra.ldap.path.default + # pattern: AUTH_PATH +data: + osh_infra: + elasticsearch: + name: elasticsearch + namespace: osh-infra + hosts: + data: elasticsearch-data + default: elasticsearch-logging + discovery: elasticsearch-discovery + public: elasticsearch + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + http: + default: 80 + prometheus_elasticsearch_exporter: + namespace: null + hosts: + default: elasticsearch-exporter + host_fqdn_override: + default: null + path: + default: /metrics + scheme: + default: "http" + port: + metrics: + default: 9108 + fluentd: + namespace: osh-infra + name: fluentd + hosts: + default: fluentd-logging + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + service: + default: 24224 + metrics: + default: 24220 + prometheus_fluentd_exporter: + namespace: osh-infra + hosts: + default: fluentd-exporter + host_fqdn_override: + default: null + path: + default: /metrics + scheme: + default: "http" + port: + metrics: + default: 9309 + oslo_db: + namespace: osh-infra + hosts: + default: mariadb + host_fqdn_override: + default: null + path: /DB_NAME + scheme: mysql+pymysql + port: + mysql: + default: 3306 + grafana: + name: grafana + namespace: osh-infra + hosts: + default: grafana-dashboard + public: grafana + host_fqdn_override: + default: null + # public: + # host: grafana.DOMAIN + path: + default: null + scheme: + default: "http" + # public: "https" + port: + grafana: + default: 3000 + # public: 443 + monitoring: + name: prometheus + namespace: osh-infra + hosts: + default: prom-metrics + public: prometheus + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + api: + default: 9090 + public: 80 + kibana: + name: kibana + namespace: osh-infra + hosts: + default: kibana-dash + public: kibana + host_fqdn_override: + default: null + # public: + # host: kibana.DOMAIN + path: + default: null + scheme: + default: "http" + # public: "https" + port: + kibana: + default: 5601 + # public: 443 + alerts: + name: alertmanager + namespace: osh-infra + hosts: + default: alerts-engine + public: alertmanager + discovery: alertmanager-discovery + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + api: + default: 9093 + public: 80 + mesh: + default: 6783 + kube_state_metrics: + namespace: kube-system + hosts: + default: kube-state-metrics + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + http: + default: 8080 + kube_scheduler: + scheme: + default: "http" + path: + default: /metrics + kube_controller_manager: + scheme: + default: "http" + path: + default: /metrics + node_metrics: + namespace: kube-system + hosts: + default: node-exporter + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + metrics: + default: 9100 + prometheus_port: + default: 9100 + prometheus_openstack_exporter: + namespace: openstack + hosts: + default: openstack-metrics + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + exporter: + default: 9103 + nagios: + name: nagios + namespace: osh-infra + hosts: + default: nagios-metrics + public: nagios + host_fqdn_override: + default: null + # public: + # host: nagios.DOMAIN + path: + default: null + scheme: + default: http + # public: https + port: + http: + default: 80 + # public: 443 + ldap: + hosts: + default: ldap + host_fqdn_override: + default: null + public: + host: DOMAIN + path: + default: /AUTH_PATH + scheme: + default: "ldap" + port: + ldap: + default: 389 +... diff --git a/site/dellgen10/software/config/service_accounts.yaml b/site/dellgen10/software/config/service_accounts.yaml new file mode 100644 index 0000000..4dbe82d --- /dev/null +++ b/site/dellgen10/software/config/service_accounts.yaml @@ -0,0 +1,413 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: pegleg/AccountCatalogue/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_service_accounts + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + ucp: + postgres: + admin: + username: postgres + oslo_db: + admin: + username: root + oslo_messaging: + admin: + username: rabbitmq + keystone: + admin: + region_name: RegionOne + username: admin + project_name: admin + user_domain_name: default + project_domain_name: default + oslo_messaging: + admin: + username: rabbitmq + keystone: + username: keystone + oslo_db: + username: keystone + database: keystone + promenade: + keystone: + region_name: RegionOne + role: admin + project_name: service + project_domain_name: default + user_domain_name: default + username: promenade + drydock: + keystone: + region_name: RegionOne + role: admin + project_name: service + project_domain_name: default + user_domain_name: default + username: drydock + postgres: + username: drydock + database: drydock + shipyard: + keystone: + region_name: RegionOne + role: admin + project_name: service + project_domain_name: default + user_domain_name: default + username: shipyard + postgres: + username: shipyard + database: shipyard + airflow: + postgres: + username: airflow + database: airflow + oslo_messaging: + username: rabbitmq + maas: + admin: + username: admin + email: none@none + postgres: + username: maas + database: maasdb + barbican: + keystone: + region_name: RegionOne + role: admin + project_name: service + project_domain_name: default + user_domain_name: default + username: barbican + oslo_db: + username: barbican + database: barbican + oslo_messaging: + admin: + username: rabbitmq + keystone: + username: keystone + armada: + keystone: + project_domain_name: default + user_domain_name: default + project_name: service + region_name: RegionOne + role: admin + user_domain_name: default + username: armada + deckhand: + keystone: + region_name: RegionOne + role: admin + project_name: service + project_domain_name: default + user_domain_name: default + username: deckhand + postgres: + username: deckhand + database: deckhand + ceph: + swift: + keystone: + role: admin + region_name: RegionOne + username: swift + project_name: service + user_domain_name: default + project_domain_name: default +... +--- +schema: pegleg/AccountCatalogue/v1 +metadata: + schema: metadata/Document/v1 + name: osh_service_accounts + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext + substitutions: + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.keystone.admin.region_name + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.cinder.cinder.region_name + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.glance.glance.region_name + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.heat.heat.region_name + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.heat.heat_trustee.region_name + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.heat.heat_stack_user.region_name + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.swift.keystone.region_name + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.neutron.neutron.region_name + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.nova.nova.region_name + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.nova.placement.region_name + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.barbican.barbican.region_name + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.barbican.barbican.region_name +data: + osh: + keystone: + admin: + username: admin + project_name: admin + user_domain_name: default + project_domain_name: default + oslo_db: + username: keystone + database: keystone + oslo_messaging: + admin: + username: keystone-rabbitmq-admin + keystone: + username: keystone-rabbitmq-user + ldap: + username: "user@example-ldap.com" + cinder: + cinder: + role: admin + username: cinder + project_name: service + user_domain_name: default + project_domain_name: default + oslo_db: + username: cinder + database: cinder + oslo_messaging: + admin: + username: cinder-rabbitmq-admin + cinder: + username: cinder-rabbitmq-user + glance: + glance: + role: admin + username: glance + project_name: service + user_domain_name: default + project_domain_name: default + oslo_db: + username: glance + database: glance + oslo_messaging: + admin: + username: glance-rabbitmq-admin + glance: + username: glance-rabbitmq-user + ceph_object_store: + username: glance + heat: + heat: + role: admin + username: heat + project_name: service + user_domain_name: default + project_domain_name: default + heat_trustee: + role: admin + username: heat-trust + project_name: service + user_domain_name: default + project_domain_name: default + heat_stack_user: + role: admin + username: heat-domain + domain_name: heat + oslo_db: + username: heat + database: heat + oslo_messaging: + admin: + username: heat-rabbitmq-admin + heat: + username: heat-rabbitmq-user + swift: + keystone: + role: admin + username: swift + project_name: service + user_domain_name: default + project_domain_name: default + oslo_db: + admin: + username: root + neutron: + neutron: + role: admin + username: neutron + project_name: service + user_domain_name: default + project_domain_name: default + oslo_db: + username: neutron + database: neutron + oslo_messaging: + admin: + username: neutron-rabbitmq-admin + neutron: + username: neutron-rabbitmq-user + nova: + nova: + role: admin + username: nova + project_name: service + user_domain_name: default + project_domain_name: default + placement: + role: admin + username: placement + project_name: service + user_domain_name: default + project_domain_name: default + oslo_db: + username: nova + database: nova + oslo_db_api: + username: nova + database: nova_api + oslo_db_cell0: + username: nova + database: "nova_cell0" + oslo_messaging: + admin: + username: nova-rabbitmq-admin + nova: + username: nova-rabbitmq-user + horizon: + oslo_db: + username: horizon + database: horizon + barbican: + barbican: + role: admin + username: barbican + project_name: service + user_domain_name: default + project_domain_name: default + oslo_db: + username: barbican + database: barbican + oslo_messaging: + admin: + username: barbican-rabbitmq-admin + barbican: + username: barbican-rabbitmq-user +... +--- +schema: pegleg/AccountCatalogue/v1 +metadata: + schema: metadata/Document/v1 + name: osh_infra_service_accounts + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + osh_infra: + grafana: + admin: + username: grafana + oslo_db: + username: grafana + database: grafana + oslo_db_session: + username: grafana_session + database: grafana_session + elasticsearch: + admin: + username: elasticsearch + kibana: + admin: + username: kibana + oslo_db: + admin: + username: root + prometheus_openstack_exporter: + user: + username: prometheus-openstack-exporter + project_name: service + user_domain_name: default + nagios: + admin: + username: nagios + ldap: + admin: + # NEWSITE-CHANGEME: Replace with the site's LDAP account used to + # authenticate to the active directory backend to validate keystone + # users. + bind: "test@ldap.example.com" +... diff --git a/site/dellgen10/software/manifests/full-site.yaml b/site/dellgen10/software/manifests/full-site.yaml new file mode 100644 index 0000000..0bf3dd6 --- /dev/null +++ b/site/dellgen10/software/manifests/full-site.yaml @@ -0,0 +1,69 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: armada/Manifest/v1 +metadata: + schema: metadata/Document/v1 + name: full-site + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: full-site-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + release_prefix: airship + chart_groups: + - kubernetes-proxy + - kubernetes-container-networking + - kubernetes-dns + - kubernetes-etcd + - kubernetes-haproxy + - kubernetes-core + - ingress-kube-system + - ucp-ceph-update + - ucp-ceph-config + - ucp-core + - ucp-keystone + - ucp-divingbell + - ucp-armada + - ucp-deckhand + - ucp-drydock + - ucp-promenade + - ucp-shipyard + - osh-infra-ingress-controller + - osh-infra-ceph-config + - osh-infra-logging + - osh-infra-monitoring + - osh-infra-mariadb + - osh-infra-dashboards + - openstack-ingress-controller + - openstack-ceph-config + - openstack-mariadb + - openstack-memcached + - openstack-keystone + - openstack-radosgw + - openstack-glance + - openstack-cinder + - openstack-compute-kit + - openstack-heat + - osh-infra-prometheus-openstack-exporter + - openstack-horizon +... diff --git a/site/hpgen10/baremetal/bootaction-sriov-blacklist.yaml b/site/hpgen10/baremetal/bootaction-sriov-blacklist.yaml new file mode 100644 index 0000000..2ad6637 --- /dev/null +++ b/site/hpgen10/baremetal/bootaction-sriov-blacklist.yaml @@ -0,0 +1,42 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: 'drydock/BootAction/v1' +metadata: + schema: 'metadata/Document/v1' + name: i40evf_blacklist + storagePolicy: 'cleartext' + layeringDefinition: + abstract: false + layer: site + labels: + application: 'drydock' +data: + signaling: false + node_filter: + filter_set_type: 'union' + filter_set: + - filter_type: 'union' + assets: + - path: /etc/modprobe.d/sriov_blacklist.conf + type: file + permissions: '644' + data_pipeline: + - utf8_decode + data: | + blacklist i40evf +... diff --git a/site/site30/baremetal/calico-ip-rules.yaml b/site/hpgen10/baremetal/calico-ip-rules.yaml similarity index 93% rename from site/site30/baremetal/calico-ip-rules.yaml rename to site/hpgen10/baremetal/calico-ip-rules.yaml index 1ad67ab..89c0e53 100644 --- a/site/site30/baremetal/calico-ip-rules.yaml +++ b/site/hpgen10/baremetal/calico-ip-rules.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -46,12 +46,8 @@ data: [Service] Type=simple - #ExecStart=/opt/configure-ip-rules.sh -i bond1.2406 -c DH_SUB_POD_CIDR -o 10.34.0.0/15 -s 135.21.157.32/29 - #ExecStart=/opt/configure-ip-rules.sh -i bond0.44 -c DH_SUB_POD_CIDR -o 10.99.0.0/16 -s 172.29.1.0/24 ExecStart=/opt/configure-ip-rules.sh -g 172.29.1.1 -c 10.99.0.0/16 -s 172.29.1.136/29 - - [Install] WantedBy=multi-user.target data_pipeline: @@ -69,7 +65,7 @@ data: cat <&2 + echo "Missing pod CIDR, e.g -c 10.99.0.0/16" >&2 usage exit 1 fi diff --git a/site/site30/baremetal/promjoin.yaml b/site/hpgen10/baremetal/promjoin.yaml similarity index 94% rename from site/site30/baremetal/promjoin.yaml rename to site/hpgen10/baremetal/promjoin.yaml index c2221d9..8932c1e 100644 --- a/site/site30/baremetal/promjoin.yaml +++ b/site/hpgen10/baremetal/promjoin.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -34,8 +34,6 @@ data: node_names: - 'aknode31' - 'aknode32' - - 'aknode33' - - 'aknode34' # TODO(alanmeadows) move what is global about this document - everything except nodenames to global assets: - path: /opt/promjoin.sh @@ -45,7 +43,6 @@ data: # you should use to contact kubernetes in the case below, this is cab24_mgmt location: promenade+http://promenade-api.ucp.svc.cluster.local/api/v1.0/join-scripts?design_ref={{ action.design_ref | urlencode }}&hostname={{ node.hostname }}&ip={{ node.network.calico.ip }}{% for k, v in node.labels.items() %}&labels.dynamic={{ k }}={{ v }}{% endfor %} location_pipeline: -#originally rack06_calico - template data_pipeline: - utf8_decode diff --git a/site/site30/baremetal/rack.yaml b/site/hpgen10/baremetal/rack.yaml similarity index 52% rename from site/site30/baremetal/rack.yaml rename to site/hpgen10/baremetal/rack.yaml index 3ca3cb1..58bcb28 100644 --- a/site/site30/baremetal/rack.yaml +++ b/site/hpgen10/baremetal/rack.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -14,7 +14,6 @@ # See the License for the specific language governing permissions and # # limitations under the License. # ############################################################################## - schema: 'drydock/BaremetalNode/v1' metadata: schema: 'metadata/Document/v1' @@ -24,12 +23,17 @@ metadata: layer: site storagePolicy: cleartext data: - host_profile: MyControlPlane_HP -#/new/notused/aic-clcp-manifests/site/clcp-seaworthy/profiles/host/cp_rack.yaml + host_profile: ControlPlane + # the hostname for a server, could be used in multiple DNS domains to + # represent different interfaces addressing: + # Which network the address applies to. If a network appears in addressing + # that isn't assigned to an interface, design validation will fail - network: oob address: 192.168.41.131 - network: pxe + # The address assigned. Either a explicit IPv4 or IPv6 address + # or dhcp or slaac address: 172.30.1.31 - network: oam address: 192.168.2.31 @@ -44,6 +48,21 @@ data: tags: - 'masters' --- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## schema: 'drydock/BaremetalNode/v1' metadata: schema: 'metadata/Document/v1' @@ -53,12 +72,17 @@ metadata: layer: site storagePolicy: cleartext data: - host_profile: MyControlPlane_HP -#/new/notused/aic-clcp-manifests/site/clcp-seaworthy/profiles/host/cp_rack.yaml + host_profile: ControlPlane + # the hostname for a server, could be used in multiple DNS domains to + # represent different interfaces addressing: + # Which network the address applies to. If a network appears in addressing + # that isn't assigned to an interface, design validation will fail - network: oob address: 192.168.41.132 - network: pxe + # The address assigned. Either a explicit IPv4 or IPv6 address + # or dhcp or slaac address: 172.30.1.32 - network: oam address: 192.168.2.32 @@ -72,60 +96,4 @@ data: rack: RACK01 tags: - 'masters' ---- -schema: 'drydock/BaremetalNode/v1' -metadata: - schema: 'metadata/Document/v1' - name: aknode33 - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - host_profile: MyComputePlane_HP - addressing: - - network: oob - address: 192.168.41.133 - - network: pxe - address: 172.30.1.33 - - network: oam - address: 192.168.2.33 - - network: storage - address: 172.31.1.33 - - network: overlay - address: 10.0.101.33 - - network: calico - address: 172.29.1.33 - metadata: - rack: RACK01 - tags: - - 'workers' -#--- -#schema: 'drydock/BaremetalNode/v1' -#metadata: -# schema: 'metadata/Document/v1' -# name: aknode34 -# layeringDefinition: -# abstract: false -# layer: site -# storagePolicy: cleartext -#data: -# host_profile: MyComputePlane_HP -# addressing: -# - network: oob -# address: 192.168.41.134 -# - network: pxe -# address: 172.30.1.34 -# - network: oam -# address: 192.168.2.34 -# - network: storage -# address: 172.31.1.34 -# - network: overlay -# address: 10.0.101.34 -# - network: calico -# address: 172.29.1.34 -# metadata: -# rack: RACK01 -# tags: -# - 'workers' ... diff --git a/site/hpgen10/deployment/deployment-configuration.yaml b/site/hpgen10/deployment/deployment-configuration.yaml new file mode 100644 index 0000000..22fae54 --- /dev/null +++ b/site/hpgen10/deployment/deployment-configuration.yaml @@ -0,0 +1,29 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: shipyard/DeploymentConfiguration/v1 +metadata: + schema: metadata/Document/v1 + name: deployment-configuration + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + armada: + manifest: 'full-site' +... diff --git a/site/site30/networks/common-addresses.yaml b/site/hpgen10/networks/common-addresses.yaml similarity index 89% rename from site/site30/networks/common-addresses.yaml rename to site/hpgen10/networks/common-addresses.yaml index 226f5f7..0d6ca3d 100644 --- a/site/site30/networks/common-addresses.yaml +++ b/site/hpgen10/networks/common-addresses.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -37,10 +37,9 @@ data: - 8.8.8.8 - 8.8.8.8 upstream_servers_joined: '192.168.2.85,8.8.8.8' - + ingress_domain: hpgen10.akraino.org genesis: hostname: aknode30 -# ip: 192.168.2.30 ip: 172.29.1.30 bootstrap: @@ -63,6 +62,11 @@ data: - hostname: aknode31 - hostname: aknode32 + proxy: + http: "" + https: "" + no_proxy: [] + node_ports: drydock_api: 30000 maas_api: 30001 @@ -73,13 +77,14 @@ data: ntp: servers_joined: '0.ubuntu.pool.ntp.org,1.ubuntu.pool.ntp.org,2.ubuntu.pool.ntp.org' - # Used for FQDN setup/definition domain: url: hpgen10.lab.akraino.org ldap: + base_url: 'its-a-ldap.example.com' url: 'ldap://its-a-ldap.example.com' + auth_path: DC=test,DC=test,DC=com?sAMAccountName?sub?memberof=CN=test,OU=Application,OU=Groups,DC=test,DC=test,DC=com common_name: AP-NC_Test_Users subdomain: testitservices domain: example @@ -89,8 +94,6 @@ data: public_cidr: '172.31.1.0/24' cluster_cidr: '172.31.1.0/24' - # external: typically the floating IP subnet - # tunnel: overlay network for VM traffic neutron: tunnel_device: 'bond0.45' external_iface: 'bond0' diff --git a/site/site30/networks/physical/rack.yaml b/site/hpgen10/networks/physical/rack.yaml similarity index 94% rename from site/site30/networks/physical/rack.yaml rename to site/hpgen10/networks/physical/rack.yaml index ae374d6..8348382 100644 --- a/site/site30/networks/physical/rack.yaml +++ b/site/hpgen10/networks/physical/rack.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -107,7 +107,6 @@ data: schema: 'drydock/NetworkLink/v1' metadata: schema: 'metadata/Document/v1' -# name: gp name: bond0 layeringDefinition: abstract: false @@ -127,7 +126,6 @@ data: mode: 802.1q allowed_networks: - oam -# - public - storage - overlay - calico @@ -144,14 +142,14 @@ metadata: data: vlan: '41' mtu: 9000 - cidr: 192.168.2.0/24 + cidr: 192.168.2.0/24 routes: - subnet: '0.0.0.0/0' gateway: 192.168.2.200 ranges: - type: reserved - start: 192.168.2.84 - end: 192.168.2.86 + start: 192.168.2.84 + end: 192.168.2.86 - type: static start: 192.168.2.1 end: 192.168.2.83 @@ -212,7 +210,4 @@ data: - type: static start: 172.29.1.5 end: 172.29.1.254 -# routes: -# - subnet: '172.29.140.64/26' -# gateway: 172.29.140.3 ... diff --git a/site/site30/pki/pki-catalog.yaml b/site/hpgen10/pki/pki-catalog.yaml similarity index 93% rename from site/site30/pki/pki-catalog.yaml rename to site/hpgen10/pki/pki-catalog.yaml index b4c5889..cce0cb4 100644 --- a/site/site30/pki/pki-catalog.yaml +++ b/site/hpgen10/pki/pki-catalog.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -73,24 +73,6 @@ data: - 172.30.1.32 groups: - system:nodes - - document_name: kubelet-aknode33 - common_name: system:node:aknode33 - hosts: - - aknode33 - - 192.168.2.33 - - 172.29.1.33 - - 172.30.1.33 - groups: - - system:nodes - - document_name: kubelet-aknode34 - common_name: system:node:aknode34 - hosts: - - aknode34 - - 192.168.2.34 - - 172.29.1.34 - - 172.30.1.34 - groups: - - system:nodes - document_name: scheduler description: Service certificate for Kubernetes scheduler common_name: system:kube-scheduler @@ -282,4 +264,3 @@ data: - name: service-account description: Service account signing key for use by Kubernetes controller-manager. ... - diff --git a/site/hpgen10/profiles/genesis.yaml b/site/hpgen10/profiles/genesis.yaml new file mode 100644 index 0000000..408374e --- /dev/null +++ b/site/hpgen10/profiles/genesis.yaml @@ -0,0 +1,58 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: promenade/Genesis/v1 +metadata: + schema: metadata/Document/v1 + name: genesis-site + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: genesis-global + actions: + - method: replace + path: .labels.dynamic + - method: merge + path: . + storagePolicy: cleartext +data: + labels: + dynamic: + - beta.kubernetes.io/fluentd-ds-ready=true + - calico-etcd=enabled + - ceph-mds=enabled + - ceph-mon=enabled + - ceph-osd=enabled + - ceph-rgw=enabled + - ceph-mgr=enabled + - kube-dns=enabled + - kube-ingress=enabled + - kubernetes-apiserver=enabled + - kubernetes-controller-manager=enabled + - kubernetes-etcd=enabled + - kubernetes-scheduler=enabled + - promenade-genesis=enabled + - ucp-control-plane=enabled + - maas-control-plane=enabled + - ceph-osd-bootstrap=enabled + - openstack-libvirt=kernel + - openvswitch=enabled + - openstack-control-plane=enabled + - openstack-nova-compute=enabled + - sriov=enabled +... diff --git a/site/hpgen10/profiles/hardware/generic.yaml b/site/hpgen10/profiles/hardware/generic.yaml new file mode 100644 index 0000000..3c03512 --- /dev/null +++ b/site/hpgen10/profiles/hardware/generic.yaml @@ -0,0 +1,35 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: 'drydock/HardwareProfile/v1' +metadata: + schema: 'metadata/Document/v1' + name: DELL_HP_Generic + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + vendor: HP + generation: '10' + hw_version: '3' + bios_version: '2.8' + boot_mode: bios + bootstrap_protocol: pxe + pxe_interface: 0 + device_aliases: {} +... diff --git a/site/site30/profiles/host/compute-r01.yaml b/site/hpgen10/profiles/host/compute-r01.yaml similarity index 79% rename from site/site30/profiles/host/compute-r01.yaml rename to site/hpgen10/profiles/host/compute-r01.yaml index 35ece6c..67b04d8 100644 --- a/site/site30/profiles/host/compute-r01.yaml +++ b/site/hpgen10/profiles/host/compute-r01.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -18,10 +18,10 @@ schema: drydock/HostProfile/v1 metadata: schema: metadata/Document/v1 - name: MyComputePlane_HP + name: ComputePlane storagePolicy: cleartext labels: - hosttype: MyComputePlane_HP + hosttype: ComputePlane layeringDefinition: abstract: false layer: site @@ -33,6 +33,7 @@ metadata: name: ipmi_admin_password path: . data: + hardware_profile: DELL_HP_Generic oob: type: 'ipmi' network: 'oob' @@ -56,6 +57,18 @@ data: - 'storage' - 'overlay' - 'calico' + p1p1: + slaves: + - 'sriov_nic01' + sriov: + vf_count: 32 # Currently ignored + trustedmode: false + p3p2: + slaves: + - 'sriov_nic02' + sriov: + vf_count: 32 # Currently ignored + trustedmode: false storage: physical_devices: sdj: @@ -64,7 +77,6 @@ data: partitions: - name: 'root' size: '20g' - bootable: true filesystem: mountpoint: '/' fstype: 'ext4' @@ -94,11 +106,19 @@ data: kernel: 'hwe-16.04' kernel_params: console: 'ttyS1,115200n8' + intel_iommu: 'on' + iommu: 'pt' + amd_iommu: 'on' + transparent_hugepage: 'never' + hugepagesz: 'hardwareprofile:hugepages.dpdk.size' + hugepages: 'hardwareprofile:hugepages.dpdk.count' + default_hugepagesz: 'hardwareprofile:hugepages.dpdk.size' + isolcpus: 'hardwareprofile:cpuset.kvm' metadata: owner_data: openstack-nova-compute: enabled openvswitch: enabled openstack-libvirt: kernel + sriov: enabled beta.kubernetes.io/fluentd-ds-ready: 'true' ... - diff --git a/site/site30/profiles/host/cp-r01.yaml b/site/hpgen10/profiles/host/cp-r01.yaml similarity index 84% rename from site/site30/profiles/host/cp-r01.yaml rename to site/hpgen10/profiles/host/cp-r01.yaml index 7a686e0..605aa3b 100644 --- a/site/site30/profiles/host/cp-r01.yaml +++ b/site/hpgen10/profiles/host/cp-r01.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -18,10 +18,10 @@ schema: drydock/HostProfile/v1 metadata: schema: metadata/Document/v1 - name: MyControlPlane_HP + name: ControlPlane storagePolicy: cleartext labels: - hosttype: MyControlPlane_HP + hosttype: ControlPlane layeringDefinition: abstract: false layer: site @@ -38,7 +38,7 @@ data: network: 'oob' account: 'Administrator' primary_network: 'oam' - hardware_profile: DELL_HP_Generic + hardware_profile: DELL_HP_Generic interfaces: pxe: device_link: pxe @@ -56,6 +56,18 @@ data: - 'storage' - 'overlay' - 'calico' + p1p1: + slaves: + - 'sriov_nic01' + sriov: + vf_count: 32 # Currently ignored + trustedmode: false + p3p2: + slaves: + - 'sriov_nic02' + sriov: + vf_count: 32 # Currently ignored + trustedmode: false storage: physical_devices: sdj: @@ -64,7 +76,6 @@ data: partitions: - name: 'root' size: '20g' - bootable: true filesystem: mountpoint: '/' fstype: 'ext4' @@ -92,8 +103,16 @@ data: platform: image: 'xenial' kernel: 'hwe-16.04' -# kernel_params: -# console: 'ttyS1,115200n8' + kernel_params: + console: 'ttyS1,115200n8' + intel_iommu: 'on' + iommu: 'pt' + amd_iommu: 'on' + transparent_hugepage: 'never' + hugepagesz: 'hardwareprofile:hugepages.dpdk.size' + hugepages: 'hardwareprofile:hugepages.dpdk.count' + default_hugepagesz: 'hardwareprofile:hugepages.dpdk.size' + isolcpus: 'hardwareprofile:cpuset.kvm' metadata: owner_data: control-plane: enabled @@ -113,11 +132,13 @@ data: openstack-cinder-control: enabled openstack-cinder-volume: control openstack-neutron: enabled + openstack-libvirt: kernel openvswitch: enabled - sriov: enabled + openstack-nova-compute: enabled ucp-barbican: enabled ceph-bootstrap: enabled ceph-mon: enabled + ceph-mgr: enabled ceph-osd: enabled ceph-mds: enabled ceph-rgw: enabled @@ -149,8 +170,5 @@ data: postgresql: enabled kube-ingress: enabled sriov: enabled - openstack-nova-compute: enabled - openstack-libvirt: kernel beta.kubernetes.io/fluentd-ds-ready: 'true' ... - diff --git a/site/site30/profiles/region.yaml b/site/hpgen10/profiles/region.yaml similarity index 94% rename from site/site30/profiles/region.yaml rename to site/hpgen10/profiles/region.yaml index 803aafb..528c3dd 100644 --- a/site/site30/profiles/region.yaml +++ b/site/hpgen10/profiles/region.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/site/hpgen10/secrets/certificates/ingress.yaml b/site/hpgen10/secrets/certificates/ingress.yaml new file mode 100644 index 0000000..6c111e8 --- /dev/null +++ b/site/hpgen10/secrets/certificates/ingress.yaml @@ -0,0 +1,144 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +# self-signed certifacte generated based on +# https://libvirt.org/remote.html#Remote_certificates +metadata: + layeringDefinition: + abstract: false + layer: site + name: ingress-crt + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +data: | + -----BEGIN CERTIFICATE----- + MIIFKzCCA5OgAwIBAgIMW2h6FCcFdKeaw3vnMA0GCSqGSIb3DQEBCwUAMBIxEDAO + BgNVBAMTB0FpcnNoaXAwHhcNMTgwODA2MTY0MDUyWhcNMTkwODA2MTY0MDUyWjBJ + MTUwMwYDVQQDEyxpbmdyZXNzLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3Vu + ZHJ5LmNvbTEQMA4GA1UEChMHQWlyc2hpcDCCAaIwDQYJKoZIhvcNAQEBBQADggGP + ADCCAYoCggGBALvNHm/G/ylh6aPcvrhOcb4qz1BjcNtnxH8bzZng/rMeX3W2AzjC + r2JloJcDvOLBp/TkLOZPImnFW2/GCwktxPgXZuBTPzFV50g77KsPFw0fn3Si7+bs + F22tLhdOGk6MQj/WW4pKGHqdw1/VbPwOHBT+I4/scR1L2SZxYtSFIKGenHJH+PMV + bCdwnNOR80F8KRzK5iZs/r6S/QqVheieARSWWnk2+TtkM1BloGOhLSd+ZkWh9VO1 + eOnZowkaDAJwD/G6zoSr5n+beaXzDnEcoVXFSwd4FLoV+om77o92XmZ4rVw0vTMO + k6jVwmkdT+dM2K2hLUG/TXWoV2/Qms70gzDOs85RtAkTPe4Ohtdpr51Q0hd35TKG + YLKzX/OPblD68iYJYSBvMPpAVTbFYVPW1AQx8wWfannYbMoeL8XTEOKfkqm90YP9 + EhIdtmw4D7GZxlzG5FXXutmT9sqLfqlRu/RynAhBP8NQvw74WumhOe8r7GhCwgzC + gaPLGjeekoS6LQIDAQABo4IBSDCCAUQwDAYDVR0TAQH/BAIwADCBzQYDVR0RBIHF + MIHCgixpbmdyZXNzLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3VuZHJ5LmNv + bYIta2V5c3RvbmUuYWlyc2hpcC1zZWF3b3J0aHkuYXRsYW50YWZvdW5kcnkuY29t + gilub3ZhLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3VuZHJ5LmNvbYIsaG9y + aXpvbi5haXJzaGlwLXNlYXdvcnRoeS5hdGxhbnRhZm91bmRyeS5jb22HBAoXFQuH + BAoXFgswEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0PAQH/BAUDAwegADAdBgNV + HQ4EFgQUfTAjNgn/1U1Uh1MJDYT2m4dzhsYwHwYDVR0jBBgwFoAUJFuXPZo6RzfE + BlJjnnk5jhcP4wIwDQYJKoZIhvcNAQELBQADggGBAE2ISWmrxqrledJI3aLaS9Yw + WsZc8O8CnIyLoxrE85vUubFjuI9ixC/6dJxl2iB1n0H8JgmFREox32Q4+kDJI8V/ + X9x0PFpRzL7QEPrLZhW94Yis3sOphLW0rf0t06ZepdHHeodYJu1pVMDmLq6bKXdX + vo+/WwKnZBXC1qPbXJByv/CN9MtViXOnBGORFRTJPb6U8379LNWclJ/LW12yTwNk + JGIbZU61Vxu+2nLIabmmRoODH2jomgMOMMzLgjT3Hvw3whe8GrUoxDiPYQVTDGNm + ly6m+5B1Nx06fkZazonozeaOhSQ7RblUSbo+w8TJmLRzD9ft7p4vpjBGxRADMcuF + DOjATgdZeisBUHTGEO0P6wJOBQuCFMX9AVl+u8ZpcuRaRaN+pBE6/BqcHBB6qV/N + w2DdNtP8BrJ3kJVNEDIo5oTbH5SToxgA4hWBV42M1rB+5vIMDKN3rwVDdNKWYhYc + VZpU3V9V6JzSW1O2w4Wu9PdbWJD9oSvC0qJgnjOXzg== + -----END CERTIFICATE----- +... +--- +metadata: + layeringDefinition: + abstract: false + layer: site + name: ingress-ca + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateAuthority/v1 +data: | + -----BEGIN CERTIFICATE----- + MIID7TCCAlWgAwIBAgIMW2h3tgSwie0Ypx8eMA0GCSqGSIb3DQEBCwUAMBIxEDAO + BgNVBAMTB0FpcnNoaXAwHhcNMTgwODA2MTYzMDQ2WhcNMTkwODA2MTYzMDQ2WjAS + MRAwDgYDVQQDEwdBaXJzaGlwMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKC + AYEAny0Nqu9U2tXdCCTNzD2T62htMmBLg3CmzWajfbfFl7ALqzo3HgbbY3PxTHDE + OJ/lwdm0HkEaGfEDXhJd06WZsa8+fKGqhKXvZXwXx5mJ8LCGxz6xiaxwo9lnKe6V + o3YX7bJ5YIVxQ2jhvZo+dY8Z/buloi2Tp2HbqTejKULH9+qdiQTDXAnyR0NLqzJ0 + YQ4v4yU3zix3nBi8z29lQekGO9quNEka3nw2n0Gxmq5z1bNALGCF5F759mVkB0uT + fPGF+zm9eqlqAgduYg7R+JYUumVHvIoRY454GtAdZHTJHJZP0gQSGJsLff8ROFpI + GVYsOZhJXU9Ihc5VBC5PMErbmCn0YkuxAWNOYBstZ8l+uY6YiPoFV5Ulc/8M0If+ + T6jbqzWoFC+4ysgY95RKOw53S4o/T6AFwiIKIw0xp3UfHCf6kr5Y0+XdDn5CXpJB + d1KK3PoUWzPSsxcUMXvgKWT4x1vsCId21dn1SmVSOEBhM08VZfjd5bvL9Xjt/E0j + mUqDAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcEADAd + BgNVHQ4EFgQUJFuXPZo6RzfEBlJjnnk5jhcP4wIwDQYJKoZIhvcNAQELBQADggGB + AJaoEtnDoWUUs4nSSqIGcoCfpIO0oqVp8DvkBOcxz5Rz8vMVJSC24/UnuCD2Wknx + 2V/E3edXIeRo7duhPtNCT7c8OKY/pJsZQTgOczn4rphoD1pmAIPZmpG6ssPadPiM + EP8xWJHZt8NXG7D5kJX2COvBvgNeWXL6MF7Tv8+t5xzt59Vitdb/7lm9Z6jjpvN+ + zoG0pKx3XYESsnLAVAf00F+kWwds/3x3gQywUAQUDER0jliYUE5id+sojp357Cl9 + XtY+8zSnTduuP8CfMhwv5p6j9xbqacfT7AzpQ6cy4xcQ7MA6JBQcxbaq4NtvIf6+ + d/5N9d8LGnfXdCd9iwNy9Qk23Ea0SNhnk9F/NqGBPakU4TbHh4iTYMC/+hDGInpO + TIRelTidNBFNaIBg3Z0vsh0lDwbt/xhpXip+ZVBqKMTtktEceiVGru9cYUQA2tKI + XNoc5s0uQGMpdFzgED4lXZf+n7yGVMKohvi7Yn96HqujGIrVH6qThsI6m7pUSz40 + +g== + -----END CERTIFICATE----- +... +--- +metadata: + layeringDefinition: + abstract: false + layer: site + name: ingress-key + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIG4wIBAAKCAYEAu80eb8b/KWHpo9y+uE5xvirPUGNw22fEfxvNmeD+sx5fdbYD + OMKvYmWglwO84sGn9OQs5k8iacVbb8YLCS3E+Bdm4FM/MVXnSDvsqw8XDR+fdKLv + 5uwXba0uF04aToxCP9ZbikoYep3DX9Vs/A4cFP4jj+xxHUvZJnFi1IUgoZ6cckf4 + 8xVsJ3Cc05HzQXwpHMrmJmz+vpL9CpWF6J4BFJZaeTb5O2QzUGWgY6EtJ35mRaH1 + U7V46dmjCRoMAnAP8brOhKvmf5t5pfMOcRyhVcVLB3gUuhX6ibvuj3ZeZnitXDS9 + Mw6TqNXCaR1P50zYraEtQb9NdahXb9CazvSDMM6zzlG0CRM97g6G12mvnVDSF3fl + MoZgsrNf849uUPryJglhIG8w+kBVNsVhU9bUBDHzBZ9qedhsyh4vxdMQ4p+Sqb3R + g/0SEh22bDgPsZnGXMbkVde62ZP2yot+qVG79HKcCEE/w1C/Dvha6aE57yvsaELC + DMKBo8saN56ShLotAgMBAAECggGAYzZDhA1+sx/0zApL/xYB5NK83t0Ju/8fwX6w + qUBBjeLXz1mubgf7m2HQ6ragzLI9xpPcXHcl2PbYDT50ig7R5baHNK8FzUxyeKif + qOa56Mbx+C4zyqyi2+AHX2x1XVWfkhXuGip2sCA0HKalgqr5juWLZ/ci8rUlLLft + 3BPQX1FpmL4I+HIyxsspLmQGPGwZVAqkd1xRX+BLKZJAQdlm/LdJaIvwMr4Glcx6 + ZOe68QhHgzXCYsyV6gR9qstF2OvVuLa2mUc7EzYInFIFhXUdAAwmDqkuuLRdRQhf + Ur8nqQW33T0cG0GBUzgBI5YmSPJvTSzcPmeSyNVx2/Yb0pkuXtCw67oDcAsN4nW8 + uls49E2RaiLJYsy5vPsX5aJNcAxw/CWLdadQ3ukviD/MDJbpTl4F52GOVYL6K4XH + g5TJjj7xzjmK3ldR/Kscg7HpCitQLGUYdgIsAFdspXf4aSIa68IjDrc5NsJZuMzc + PbVHrw7QYNfHY7VNdUlOVqH5lS3BAoHBANRqKrQXtnJmM006TCEJXdcN/5M685jz + +L4Ox0Rhrq8ROgcN5q/hjKb6kP/MccQ9voGQOl9TKEyinGNdTtyc/fuH7RNlQwpS + HT+vEzVEcrSe8UFs8c6oJnHFO72ylFcibFf56LvbI3L8BZXp7gPSPQkp5f1NWEZk + X5bUL4UNiOm0diltba/ofxywF0M9WGD00eqi0Q29JRlvun+355j06CENxRoonNZC + wk1evIxhhckP9zLjI2Ykb1hV6yzwPWtmyQKBwQDiVgru/B396KhzDhLl5AL+pBWA + GsfiCbmPLh6W6V5VzldB4+GlMRrJ4zSjZQ3/nvX5KepqjMn1N6LQpZQUI/YShCKE + mW0XMiAfbp2d23MRMjLD8L/bIoBHQOPkCaMjbmyDOlCagWakEvHJO/TieVgTmYk6 + mtEYVjJFWI9OCNMAHdl8ovWr3p+8YbVZ8LLv5ZO/V1cIjczoNQ6p8LG/pPMTDLXM + ScN9a8z3f8LQLBHBlu0155xvt95PQLAon/x21kUCgcAvPVk36hoiQQZhw3hQ1JNx + E2TmanLobkHAiurYE11VA+DC1t2Z+fBc5la+/MnEWfL3P4srzgOlX3imRIcYWzXE + 7crUyG1ray2kDxyXeRyFfN+srDzut8is/q81lfSVmEs+GY8f0DGHDfN0Dq1nXidC + 1XWXqs7aANKdaZ0T2xm61+57ciG1wGAckjDqPEdecLQKmaEijBEnIgj5BH5WLwk8 + 6KIQGj4fDIPHzyzhj4LAX3ObdpZVzf6RR7JgsSEHtLkCgcBROW2dDC87MqZY++D+ + TVBhz8LDgVjgHntQDc3+fGtVQcKAq+YLYU7qyrXWOWrHpGVDcK5mZHYJoVi1peY5 + QBqL1I2KpoDGxT9P6GN6BgoKTsh3FsvTOVNtvrTJ3keEbJlWkrPgbrXGBeJtRC4C + pGdeSUg9FtgY8r4BsuFisLoAHbYyC008y5zpfusVBtNAUlQuY4qhUDoLzxafF/jB + /NEasgH/+SzFss0QuPHRwS7yGVaxdJfoY8TNDjrpqVhx0T0CgcEAvKG4UoWvT8gJ + pIeeAxxnv9yrMxgpntu4RXPDHgfX5tva6EaM3r3nLXjd9FVtlQ4cNBMhp9HNhS3a + dK+oEDcBysVxxfltlS2Bx0+gQf3WxgBCJwayKe3i/XCDza92EENgxTPmqB1LHiq5 + 2b5aOl2Y5fP0eX6UryxRc443c/ejMHw4lGwnno0qpRk9M9Ucqv5J96QCfAlBSQQS + gOG9cypL0kBWzCejn9W4av8HkM8Noqd7Tqul1onv/46OBaX51kt3 + -----END RSA PRIVATE KEY----- +... diff --git a/site/hpgen10/secrets/passphrases/ceph_fsid.yaml b/site/hpgen10/secrets/passphrases/ceph_fsid.yaml new file mode 100644 index 0000000..08c4388 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/ceph_fsid.yaml @@ -0,0 +1,27 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ceph_fsid + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 3e2a3755-863a-423b-bf19-e8b5bf7f3d95 +... diff --git a/site/hpgen10/secrets/passphrases/ceph_swift_keystone_password.yaml b/site/hpgen10/secrets/passphrases/ceph_swift_keystone_password.yaml new file mode 100644 index 0000000..043a560 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/ceph_swift_keystone_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ceph_swift_keystone_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 610becbb8563c2d7abb2 +... diff --git a/site/hpgen10/secrets/passphrases/maas_region_secret.yaml b/site/hpgen10/secrets/passphrases/maas_region_secret.yaml new file mode 100644 index 0000000..f1a59f4 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/maas_region_secret.yaml @@ -0,0 +1,27 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: maas-region-key + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 3858f62230ac3c915f300c664312c63f +... diff --git a/site/hpgen10/secrets/passphrases/osh_barbican_oslo_db_password.yaml b/site/hpgen10/secrets/passphrases/osh_barbican_oslo_db_password.yaml new file mode 100644 index 0000000..469ff36 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_barbican_oslo_db_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_barbican_oslo_db_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: d992b45a48a3bf2698bc +... diff --git a/site/hpgen10/secrets/passphrases/osh_barbican_oslo_messaging_admin_password.yaml b/site/hpgen10/secrets/passphrases/osh_barbican_oslo_messaging_admin_password.yaml new file mode 100644 index 0000000..237f6ac --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_barbican_oslo_messaging_admin_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_barbican_oslo_messaging_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: c01c594967dfd4024121 +... diff --git a/site/hpgen10/secrets/passphrases/osh_barbican_oslo_messaging_password.yaml b/site/hpgen10/secrets/passphrases/osh_barbican_oslo_messaging_password.yaml new file mode 100644 index 0000000..b0b1203 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_barbican_oslo_messaging_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_barbican_oslo_messaging_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 7451bf1643ee73782da9 +... diff --git a/site/hpgen10/secrets/passphrases/osh_barbican_password.yaml b/site/hpgen10/secrets/passphrases/osh_barbican_password.yaml new file mode 100644 index 0000000..b6b898e --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_barbican_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_barbican_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: ec1a97a83907f193a717 +... diff --git a/site/hpgen10/secrets/passphrases/osh_barbican_rabbitmq_erlang_cookie.yaml b/site/hpgen10/secrets/passphrases/osh_barbican_rabbitmq_erlang_cookie.yaml new file mode 100644 index 0000000..8d4896e --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_barbican_rabbitmq_erlang_cookie.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_barbican_rabbitmq_erlang_cookie + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 634c104df082faf67332 +... diff --git a/site/hpgen10/secrets/passphrases/osh_cinder_oslo_db_password.yaml b/site/hpgen10/secrets/passphrases/osh_cinder_oslo_db_password.yaml new file mode 100644 index 0000000..f746a53 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_cinder_oslo_db_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_cinder_oslo_db_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 4be86cd9e1e9fc3f7dc5 +... diff --git a/site/hpgen10/secrets/passphrases/osh_cinder_oslo_messaging_admin_password.yaml b/site/hpgen10/secrets/passphrases/osh_cinder_oslo_messaging_admin_password.yaml new file mode 100644 index 0000000..7c44dad --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_cinder_oslo_messaging_admin_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_cinder_oslo_messaging_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 8d143e5fb4b4dac3768c +... diff --git a/site/hpgen10/secrets/passphrases/osh_cinder_oslo_messaging_password.yaml b/site/hpgen10/secrets/passphrases/osh_cinder_oslo_messaging_password.yaml new file mode 100644 index 0000000..ef35609 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_cinder_oslo_messaging_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_cinder_oslo_messaging_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: ac0217906c77ee117000 +... diff --git a/site/hpgen10/secrets/passphrases/osh_cinder_password.yaml b/site/hpgen10/secrets/passphrases/osh_cinder_password.yaml new file mode 100644 index 0000000..6c862e9 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_cinder_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_cinder_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 4dca0954fba72f359566 +... diff --git a/site/hpgen10/secrets/passphrases/osh_cinder_rabbitmq_erlang_cookie.yaml b/site/hpgen10/secrets/passphrases/osh_cinder_rabbitmq_erlang_cookie.yaml new file mode 100644 index 0000000..6b40e2e --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_cinder_rabbitmq_erlang_cookie.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_cinder_rabbitmq_erlang_cookie + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: f3bda8af291469d2240d +... diff --git a/site/hpgen10/secrets/passphrases/osh_glance_oslo_db_password.yaml b/site/hpgen10/secrets/passphrases/osh_glance_oslo_db_password.yaml new file mode 100644 index 0000000..d1b477f --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_glance_oslo_db_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_glance_oslo_db_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 153a394cfd01623987a7 +... diff --git a/site/hpgen10/secrets/passphrases/osh_glance_oslo_messaging_admin_password.yaml b/site/hpgen10/secrets/passphrases/osh_glance_oslo_messaging_admin_password.yaml new file mode 100644 index 0000000..3794583 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_glance_oslo_messaging_admin_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_glance_oslo_messaging_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 2c3fcccd6597903cb67c +... diff --git a/site/hpgen10/secrets/passphrases/osh_glance_oslo_messaging_password.yaml b/site/hpgen10/secrets/passphrases/osh_glance_oslo_messaging_password.yaml new file mode 100644 index 0000000..536f9e1 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_glance_oslo_messaging_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_glance_oslo_messaging_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 597a366bd4f86f2d7070 +... diff --git a/site/hpgen10/secrets/passphrases/osh_glance_password.yaml b/site/hpgen10/secrets/passphrases/osh_glance_password.yaml new file mode 100644 index 0000000..7e13ed4 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_glance_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_glance_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: bf7662ee82349d8ce8a2 +... diff --git a/site/hpgen10/secrets/passphrases/osh_glance_rabbitmq_erlang_cookie.yaml b/site/hpgen10/secrets/passphrases/osh_glance_rabbitmq_erlang_cookie.yaml new file mode 100644 index 0000000..4f71b69 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_glance_rabbitmq_erlang_cookie.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_glance_rabbitmq_erlang_cookie + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 245f4c5f7ca0d06e8416 +... diff --git a/site/hpgen10/secrets/passphrases/osh_heat_oslo_db_password.yaml b/site/hpgen10/secrets/passphrases/osh_heat_oslo_db_password.yaml new file mode 100644 index 0000000..9145d8b --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_heat_oslo_db_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_heat_oslo_db_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 6d5cbe4e78499e7ea1be +... diff --git a/site/hpgen10/secrets/passphrases/osh_heat_oslo_messaging_admin_password.yaml b/site/hpgen10/secrets/passphrases/osh_heat_oslo_messaging_admin_password.yaml new file mode 100644 index 0000000..8165c99 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_heat_oslo_messaging_admin_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_heat_oslo_messaging_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 0fb3767e5bd60737c3ce +... diff --git a/site/hpgen10/secrets/passphrases/osh_heat_oslo_messaging_password.yaml b/site/hpgen10/secrets/passphrases/osh_heat_oslo_messaging_password.yaml new file mode 100644 index 0000000..f588658 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_heat_oslo_messaging_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_heat_oslo_messaging_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 2f986c8b860f5e2e6e67 +... diff --git a/site/site30/secrets/passphrases/ipmi_admin_password.yaml b/site/hpgen10/secrets/passphrases/osh_heat_password.yaml similarity index 90% rename from site/site30/secrets/passphrases/ipmi_admin_password.yaml rename to site/hpgen10/secrets/passphrases/osh_heat_password.yaml index c0a70f1..3f718ff 100644 --- a/site/site30/secrets/passphrases/ipmi_admin_password.yaml +++ b/site/hpgen10/secrets/passphrases/osh_heat_password.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -14,14 +14,13 @@ # See the License for the specific language governing permissions and # # limitations under the License. # ############################################################################## - schema: deckhand/Passphrase/v1 metadata: schema: metadata/Document/v1 - name: ipmi_admin_password + name: osh_heat_password layeringDefinition: abstract: false layer: site storagePolicy: cleartext -data: Admin123 +data: 444f3082037eb9921782 ... diff --git a/site/hpgen10/secrets/passphrases/osh_heat_rabbitmq_erlang_cookie.yaml b/site/hpgen10/secrets/passphrases/osh_heat_rabbitmq_erlang_cookie.yaml new file mode 100644 index 0000000..a708f8b --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_heat_rabbitmq_erlang_cookie.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_heat_rabbitmq_erlang_cookie + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 7a525e66176fd10c317a +... diff --git a/site/hpgen10/secrets/passphrases/osh_heat_stack_user_password.yaml b/site/hpgen10/secrets/passphrases/osh_heat_stack_user_password.yaml new file mode 100644 index 0000000..66ce0ca --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_heat_stack_user_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_heat_stack_user_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 3cfcdb863f68ec896735 +... diff --git a/site/hpgen10/secrets/passphrases/osh_heat_trustee_password.yaml b/site/hpgen10/secrets/passphrases/osh_heat_trustee_password.yaml new file mode 100644 index 0000000..4ff7f30 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_heat_trustee_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_heat_trustee_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 6b1727c22c773c902647 +... diff --git a/site/hpgen10/secrets/passphrases/osh_horizon_oslo_db_password.yaml b/site/hpgen10/secrets/passphrases/osh_horizon_oslo_db_password.yaml new file mode 100644 index 0000000..51b950a --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_horizon_oslo_db_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_horizon_oslo_db_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 97456d11a2389e0a68b9 +... diff --git a/site/hpgen10/secrets/passphrases/osh_infra_addons_jenkins_password.yaml b/site/hpgen10/secrets/passphrases/osh_infra_addons_jenkins_password.yaml new file mode 100644 index 0000000..00610fb --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_infra_addons_jenkins_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_infra_addons_jenkins_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 0ca991324505e13f7a77 +... diff --git a/site/hpgen10/secrets/passphrases/osh_infra_elasticsearch_admin_password.yaml b/site/hpgen10/secrets/passphrases/osh_infra_elasticsearch_admin_password.yaml new file mode 100644 index 0000000..b103a8e --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_infra_elasticsearch_admin_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_infra_elasticsearch_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: b12f1e35c6951455d62d +... diff --git a/site/hpgen10/secrets/passphrases/osh_infra_grafana_admin_password.yaml b/site/hpgen10/secrets/passphrases/osh_infra_grafana_admin_password.yaml new file mode 100644 index 0000000..e58ee87 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_infra_grafana_admin_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_infra_grafana_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 573a60b9ca0e5639f86b +... diff --git a/site/hpgen10/secrets/passphrases/osh_infra_grafana_oslo_db_password.yaml b/site/hpgen10/secrets/passphrases/osh_infra_grafana_oslo_db_password.yaml new file mode 100644 index 0000000..764bd20 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_infra_grafana_oslo_db_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_infra_grafana_oslo_db_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 6e9a3a90bdac0988b850 +... diff --git a/site/hpgen10/secrets/passphrases/osh_infra_grafana_oslo_db_session_password.yaml b/site/hpgen10/secrets/passphrases/osh_infra_grafana_oslo_db_session_password.yaml new file mode 100644 index 0000000..f5c107c --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_infra_grafana_oslo_db_session_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_infra_grafana_oslo_db_session_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: e59fde1e4e2ca04a0e6d +... diff --git a/site/hpgen10/secrets/passphrases/osh_infra_kibana_admin_password.yaml b/site/hpgen10/secrets/passphrases/osh_infra_kibana_admin_password.yaml new file mode 100644 index 0000000..99615fe --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_infra_kibana_admin_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_infra_kibana_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: c3d955527901302d2c10 +... diff --git a/site/hpgen10/secrets/passphrases/osh_infra_nagios_admin_password.yaml b/site/hpgen10/secrets/passphrases/osh_infra_nagios_admin_password.yaml new file mode 100644 index 0000000..90aadfc --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_infra_nagios_admin_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_infra_nagios_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: cc78bc60e26c2f5a28fa +... diff --git a/site/hpgen10/secrets/passphrases/osh_infra_openstack_exporter_password.yaml b/site/hpgen10/secrets/passphrases/osh_infra_openstack_exporter_password.yaml new file mode 100644 index 0000000..5df7971 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_infra_openstack_exporter_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_infra_openstack_exporter_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: d5f5133765b1ab430e85 +... diff --git a/site/hpgen10/secrets/passphrases/osh_infra_oslo_db_admin_password.yaml b/site/hpgen10/secrets/passphrases/osh_infra_oslo_db_admin_password.yaml new file mode 100644 index 0000000..ed26a19 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_infra_oslo_db_admin_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_infra_oslo_db_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: f6a5b5fe9e6eb437c207 +... diff --git a/site/hpgen10/secrets/passphrases/osh_keystone_admin_password.yaml b/site/hpgen10/secrets/passphrases/osh_keystone_admin_password.yaml new file mode 100644 index 0000000..47f8457 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_keystone_admin_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_keystone_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: a3df1a9771d9f0480bb2 +... diff --git a/site/hpgen10/secrets/passphrases/osh_keystone_ldap_mechid_password.yaml b/site/hpgen10/secrets/passphrases/osh_keystone_ldap_mechid_password.yaml new file mode 100644 index 0000000..04bd863 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_keystone_ldap_mechid_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_keystone_ldap_mechid_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 5aacc198d8a1edeff4a8 +... diff --git a/site/hpgen10/secrets/passphrases/osh_keystone_ldap_password.yaml b/site/hpgen10/secrets/passphrases/osh_keystone_ldap_password.yaml new file mode 100644 index 0000000..b253174 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_keystone_ldap_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_keystone_ldap_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 5aacc198d8a1edeff4a8 +... diff --git a/site/hpgen10/secrets/passphrases/osh_keystone_oslo_db_password.yaml b/site/hpgen10/secrets/passphrases/osh_keystone_oslo_db_password.yaml new file mode 100644 index 0000000..ef96f98 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_keystone_oslo_db_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_keystone_oslo_db_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 57cfda14a8ec656b9ccf +... diff --git a/site/hpgen10/secrets/passphrases/osh_keystone_oslo_messaging_admin_password.yaml b/site/hpgen10/secrets/passphrases/osh_keystone_oslo_messaging_admin_password.yaml new file mode 100644 index 0000000..0f9734e --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_keystone_oslo_messaging_admin_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_keystone_oslo_messaging_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: c7e2ef5bfab729b9cdf1 +... diff --git a/site/hpgen10/secrets/passphrases/osh_keystone_oslo_messaging_password.yaml b/site/hpgen10/secrets/passphrases/osh_keystone_oslo_messaging_password.yaml new file mode 100644 index 0000000..44e39c1 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_keystone_oslo_messaging_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_keystone_oslo_messaging_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: a00052e05aa7e1b704bc +... diff --git a/site/hpgen10/secrets/passphrases/osh_keystone_rabbitmq_erlang_cookie.yaml b/site/hpgen10/secrets/passphrases/osh_keystone_rabbitmq_erlang_cookie.yaml new file mode 100644 index 0000000..28e43a8 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_keystone_rabbitmq_erlang_cookie.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_keystone_rabbitmq_erlang_cookie + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 7388108f67be16a4f252 +... diff --git a/site/hpgen10/secrets/passphrases/osh_neutron_oslo_db_password.yaml b/site/hpgen10/secrets/passphrases/osh_neutron_oslo_db_password.yaml new file mode 100644 index 0000000..1548270 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_neutron_oslo_db_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_neutron_oslo_db_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 5496c4a52d6223a1bc6c +... diff --git a/site/hpgen10/secrets/passphrases/osh_neutron_oslo_messaging_admin_password.yaml b/site/hpgen10/secrets/passphrases/osh_neutron_oslo_messaging_admin_password.yaml new file mode 100644 index 0000000..c471565 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_neutron_oslo_messaging_admin_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_neutron_oslo_messaging_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 4eaff3effbc9a1b5ddc3 +... diff --git a/site/hpgen10/secrets/passphrases/osh_neutron_oslo_messaging_password.yaml b/site/hpgen10/secrets/passphrases/osh_neutron_oslo_messaging_password.yaml new file mode 100644 index 0000000..133bd8f --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_neutron_oslo_messaging_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_neutron_oslo_messaging_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 10a9e6ad21ef9f43173c +... diff --git a/site/hpgen10/secrets/passphrases/osh_neutron_password.yaml b/site/hpgen10/secrets/passphrases/osh_neutron_password.yaml new file mode 100644 index 0000000..487d7af --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_neutron_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_neutron_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 9bb23c5d7181eabc52f7 +... diff --git a/site/hpgen10/secrets/passphrases/osh_neutron_rabbitmq_erlang_cookie.yaml b/site/hpgen10/secrets/passphrases/osh_neutron_rabbitmq_erlang_cookie.yaml new file mode 100644 index 0000000..d03ecd4 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_neutron_rabbitmq_erlang_cookie.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_neutron_rabbitmq_erlang_cookie + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: afa9d3d0af33dcc3ca57 +... diff --git a/site/hpgen10/secrets/passphrases/osh_nova_oslo_db_password.yaml b/site/hpgen10/secrets/passphrases/osh_nova_oslo_db_password.yaml new file mode 100644 index 0000000..71a158f --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_nova_oslo_db_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_nova_oslo_db_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: a1b32d78a4e4deee451a +... diff --git a/site/hpgen10/secrets/passphrases/osh_nova_oslo_messaging_admin_password.yaml b/site/hpgen10/secrets/passphrases/osh_nova_oslo_messaging_admin_password.yaml new file mode 100644 index 0000000..497262c --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_nova_oslo_messaging_admin_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_nova_oslo_messaging_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: c450b0c73cafa654e144 +... diff --git a/site/hpgen10/secrets/passphrases/osh_nova_oslo_messaging_password.yaml b/site/hpgen10/secrets/passphrases/osh_nova_oslo_messaging_password.yaml new file mode 100644 index 0000000..55ef5e6 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_nova_oslo_messaging_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_nova_oslo_messaging_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 173ec39e9f950f86ae24 +... diff --git a/site/hpgen10/secrets/passphrases/osh_nova_password.yaml b/site/hpgen10/secrets/passphrases/osh_nova_password.yaml new file mode 100644 index 0000000..36213b4 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_nova_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_nova_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: a48fdaacf7bd05f7c3ff +... diff --git a/site/hpgen10/secrets/passphrases/osh_nova_rabbitmq_erlang_cookie.yaml b/site/hpgen10/secrets/passphrases/osh_nova_rabbitmq_erlang_cookie.yaml new file mode 100644 index 0000000..627de35 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_nova_rabbitmq_erlang_cookie.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_nova_rabbitmq_erlang_cookie + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 410fe4f619b2cc8c417b +... diff --git a/site/hpgen10/secrets/passphrases/osh_oslo_cache_secret_key.yaml b/site/hpgen10/secrets/passphrases/osh_oslo_cache_secret_key.yaml new file mode 100644 index 0000000..d2f3350 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_oslo_cache_secret_key.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_oslo_cache_secret_key + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 083d87906595da201c0b +... diff --git a/site/hpgen10/secrets/passphrases/osh_oslo_db_admin_password.yaml b/site/hpgen10/secrets/passphrases/osh_oslo_db_admin_password.yaml new file mode 100644 index 0000000..7663900 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_oslo_db_admin_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_oslo_db_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 3affb82b52f975a256a8 +... diff --git a/site/hpgen10/secrets/passphrases/osh_placement_password.yaml b/site/hpgen10/secrets/passphrases/osh_placement_password.yaml new file mode 100644 index 0000000..d67e1a4 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/osh_placement_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_placement_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: c8d291a1a4dfa9fd41e0 +... diff --git a/site/hpgen10/secrets/passphrases/ucp_airflow_postgres_password.yaml b/site/hpgen10/secrets/passphrases/ucp_airflow_postgres_password.yaml new file mode 100644 index 0000000..e17c30f --- /dev/null +++ b/site/hpgen10/secrets/passphrases/ucp_airflow_postgres_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_airflow_postgres_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 2b2e4c8018c2b4ae511f +... diff --git a/site/hpgen10/secrets/passphrases/ucp_armada_keystone_password.yaml b/site/hpgen10/secrets/passphrases/ucp_armada_keystone_password.yaml new file mode 100644 index 0000000..0c1d1f6 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/ucp_armada_keystone_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_armada_keystone_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 1263859ed8265dac6feb +... diff --git a/site/hpgen10/secrets/passphrases/ucp_barbican_keystone_password.yaml b/site/hpgen10/secrets/passphrases/ucp_barbican_keystone_password.yaml new file mode 100644 index 0000000..94c9807 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/ucp_barbican_keystone_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_barbican_keystone_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 138611c0102dc397da43 +... diff --git a/site/hpgen10/secrets/passphrases/ucp_barbican_oslo_db_password.yaml b/site/hpgen10/secrets/passphrases/ucp_barbican_oslo_db_password.yaml new file mode 100644 index 0000000..c0212fe --- /dev/null +++ b/site/hpgen10/secrets/passphrases/ucp_barbican_oslo_db_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_barbican_oslo_db_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 9915552068ae3e3dc2e2 +... diff --git a/site/hpgen10/secrets/passphrases/ucp_deckhand_keystone_password.yaml b/site/hpgen10/secrets/passphrases/ucp_deckhand_keystone_password.yaml new file mode 100644 index 0000000..8d44a79 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/ucp_deckhand_keystone_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_deckhand_keystone_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 05f4bbbb3be35cc9b1ac +... diff --git a/site/hpgen10/secrets/passphrases/ucp_deckhand_postgres_password.yaml b/site/hpgen10/secrets/passphrases/ucp_deckhand_postgres_password.yaml new file mode 100644 index 0000000..661c72b --- /dev/null +++ b/site/hpgen10/secrets/passphrases/ucp_deckhand_postgres_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_deckhand_postgres_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 3f4f1368325e1d492ee0 +... diff --git a/site/hpgen10/secrets/passphrases/ucp_drydock_keystone_password.yaml b/site/hpgen10/secrets/passphrases/ucp_drydock_keystone_password.yaml new file mode 100644 index 0000000..1592a56 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/ucp_drydock_keystone_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_drydock_keystone_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 40cdf9c49bd6c7e66bc8 +... diff --git a/site/hpgen10/secrets/passphrases/ucp_drydock_postgres_password.yaml b/site/hpgen10/secrets/passphrases/ucp_drydock_postgres_password.yaml new file mode 100644 index 0000000..2d9e071 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/ucp_drydock_postgres_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_drydock_postgres_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 4c771ed9d38d38f4d939 +... diff --git a/site/hpgen10/secrets/passphrases/ucp_keystone_admin_password.yaml b/site/hpgen10/secrets/passphrases/ucp_keystone_admin_password.yaml new file mode 100644 index 0000000..066880c --- /dev/null +++ b/site/hpgen10/secrets/passphrases/ucp_keystone_admin_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_keystone_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: e170ddbdf99b022ae1fd +... diff --git a/site/hpgen10/secrets/passphrases/ucp_keystone_oslo_db_password.yaml b/site/hpgen10/secrets/passphrases/ucp_keystone_oslo_db_password.yaml new file mode 100644 index 0000000..b584f02 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/ucp_keystone_oslo_db_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_keystone_oslo_db_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 276a90de2bf3be8d1df8 +... diff --git a/site/hpgen10/secrets/passphrases/ucp_maas_admin_password.yaml b/site/hpgen10/secrets/passphrases/ucp_maas_admin_password.yaml new file mode 100644 index 0000000..1506e83 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/ucp_maas_admin_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_maas_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 825958a1a47ccba33b2a +... diff --git a/site/hpgen10/secrets/passphrases/ucp_maas_postgres_password.yaml b/site/hpgen10/secrets/passphrases/ucp_maas_postgres_password.yaml new file mode 100644 index 0000000..569d372 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/ucp_maas_postgres_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_maas_postgres_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: f3401297fd1b8e4b6df4 +... diff --git a/site/hpgen10/secrets/passphrases/ucp_oslo_db_admin_password.yaml b/site/hpgen10/secrets/passphrases/ucp_oslo_db_admin_password.yaml new file mode 100644 index 0000000..41d2a62 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/ucp_oslo_db_admin_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_oslo_db_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 045d835905deff7c4ed9 +... diff --git a/site/hpgen10/secrets/passphrases/ucp_oslo_messaging_password.yaml b/site/hpgen10/secrets/passphrases/ucp_oslo_messaging_password.yaml new file mode 100644 index 0000000..8f781ec --- /dev/null +++ b/site/hpgen10/secrets/passphrases/ucp_oslo_messaging_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_oslo_messaging_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 8744bd7b9d14fa037451 +... diff --git a/site/hpgen10/secrets/passphrases/ucp_postgres_admin_password.yaml b/site/hpgen10/secrets/passphrases/ucp_postgres_admin_password.yaml new file mode 100644 index 0000000..02edeaf --- /dev/null +++ b/site/hpgen10/secrets/passphrases/ucp_postgres_admin_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_postgres_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: a7330557eea3ce512402 +... diff --git a/site/hpgen10/secrets/passphrases/ucp_promenade_keystone_password.yaml b/site/hpgen10/secrets/passphrases/ucp_promenade_keystone_password.yaml new file mode 100644 index 0000000..308e44f --- /dev/null +++ b/site/hpgen10/secrets/passphrases/ucp_promenade_keystone_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_promenade_keystone_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 4533ad6a479120ef4710 +... diff --git a/site/hpgen10/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml b/site/hpgen10/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml new file mode 100644 index 0000000..c61043c --- /dev/null +++ b/site/hpgen10/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_rabbitmq_erlang_cookie + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 541fe3ba1c65bd553e9a +... diff --git a/site/hpgen10/secrets/passphrases/ucp_shipyard_keystone_password.yaml b/site/hpgen10/secrets/passphrases/ucp_shipyard_keystone_password.yaml new file mode 100644 index 0000000..f7231fa --- /dev/null +++ b/site/hpgen10/secrets/passphrases/ucp_shipyard_keystone_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_shipyard_keystone_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 86db58e20de93ef55477 +... diff --git a/site/hpgen10/secrets/passphrases/ucp_shipyard_postgres_password.yaml b/site/hpgen10/secrets/passphrases/ucp_shipyard_postgres_password.yaml new file mode 100644 index 0000000..5f2da82 --- /dev/null +++ b/site/hpgen10/secrets/passphrases/ucp_shipyard_postgres_password.yaml @@ -0,0 +1,26 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_shipyard_postgres_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: d1fcd313bdc5fe69464b +... diff --git a/site/hpgen10/secrets/publickey/localadmin_ssh_public_key.yaml b/site/hpgen10/secrets/publickey/localadmin_ssh_public_key.yaml new file mode 100644 index 0000000..9ccf31e --- /dev/null +++ b/site/hpgen10/secrets/publickey/localadmin_ssh_public_key.yaml @@ -0,0 +1,27 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: deckhand/PublicKey/v1 +metadata: + schema: metadata/Document/v1 + name: localadmin_ssh_public_key + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/n4mNLAj3XKG2fcm+8eVe0NUlNH0g8DA8KJ53rSLKccm8gm4UgLmGOJyBfUloQZMuOpU6a+hexN4ECCliqI7+KUmgJgsvLkJ3OUMNTEVu9tDX5mdXeffsufaqFkAdmbJ/9PMPiPQ3/UqbbtyEcqoZAwUWf4ggAWSp00SGE1Okg+skPSbDzPVHb4810eXZT1yoIg29HAenJNNrsVxvnMT2kw2OYmLfxgEUh1Ev4c5LnUog4GXBDHQtHAwaIoTu9s/q8VIvGav62RJVFn3U1D0jkiwDLSIFn8ezORQ4YkSidwdSrtqsqa2TJ0E5w/n5h5IVGO9neY8YlXrgynLd4Y+7 root@pocnjrsv132 +... diff --git a/site/site30/site-definition.yaml b/site/hpgen10/site-definition.yaml similarity index 92% rename from site/site30/site-definition.yaml rename to site/hpgen10/site-definition.yaml index 135d804..df500a2 100644 --- a/site/site30/site-definition.yaml +++ b/site/hpgen10/site-definition.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -25,5 +25,5 @@ metadata: storagePolicy: cleartext data: revision: v4.0 - site_type: large + site_type: foundry ... diff --git a/site/hpgen10/software/charts/kubernetes/container-networking/calico.yaml b/site/hpgen10/software/charts/kubernetes/container-networking/calico.yaml new file mode 100644 index 0000000..f3c0661 --- /dev/null +++ b/site/hpgen10/software/charts/kubernetes/container-networking/calico.yaml @@ -0,0 +1,54 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + replacement: true + name: kubernetes-calico + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: kubernetes-calico-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + networking: + settings: + mesh: "off" + ippool: + ipip: + enabled: "false" + mode: "cross-subnet" + bgp: + asnumber: 65531 + ipv4: + additional_cidrs: + - 172.29.1.136/29 + peers: + - apiVersion: v1 + kind: bgpPeer + metadata: + peerIP: 172.29.1.1 + scope: global + spec: + asnumber: 65001 +... diff --git a/site/site30/software/charts/kubernetes/container-networking/etcd.yaml b/site/hpgen10/software/charts/kubernetes/container-networking/etcd.yaml similarity index 95% rename from site/site30/software/charts/kubernetes/container-networking/etcd.yaml rename to site/hpgen10/software/charts/kubernetes/container-networking/etcd.yaml index 2df6132..6ab2ec3 100644 --- a/site/site30/software/charts/kubernetes/container-networking/etcd.yaml +++ b/site/hpgen10/software/charts/kubernetes/container-networking/etcd.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -47,15 +47,13 @@ metadata: path: .values.images.tags # IP addresses - - - src: + - src: schema: pegleg/CommonAddresses/v1 name: common-addresses path: .calico.etcd.service_ip dest: path: .values.service.ip - - - src: + - src: schema: pegleg/CommonAddresses/v1 name: common-addresses path: .calico.etcd.service_ip @@ -63,15 +61,13 @@ metadata: path: .values.anchor.etcdctl_endpoint # CAs - - - src: + - src: schema: deckhand/CertificateAuthority/v1 name: calico-etcd path: . dest: path: .values.secrets.tls.client.ca - - - src: + - src: schema: deckhand/CertificateAuthority/v1 name: calico-etcd-peer path: . @@ -79,15 +75,13 @@ metadata: path: .values.secrets.tls.peer.ca # Anchor client cert - - - src: + - src: schema: deckhand/Certificate/v1 name: calico-etcd-anchor path: . dest: path: .values.secrets.anchor.tls.cert - - - src: + - src: schema: deckhand/CertificateKey/v1 name: calico-etcd-anchor path: . @@ -95,29 +89,26 @@ metadata: path: .values.secrets.anchor.tls.key # Node names - - - src: + - src: schema: pegleg/CommonAddresses/v1 name: common-addresses path: .masters[0].hostname dest: path: .values.nodes[0].name - - - src: + - src: schema: pegleg/CommonAddresses/v1 name: common-addresses path: .masters[1].hostname dest: path: .values.nodes[1].name - - - src: + - src: schema: pegleg/CommonAddresses/v1 name: common-addresses path: .genesis.hostname dest: path: .values.nodes[2].name - # Server certs + # Server certs - src: schema: deckhand/Certificate/v1 name: calico-etcd-aknode31 @@ -166,6 +157,7 @@ metadata: path: . dest: path: .values.nodes[1].tls.peer.key + # NOTE(mb874d): Be sure we generate these certs for genesis. - src: schema: deckhand/Certificate/v1 @@ -192,7 +184,8 @@ metadata: dest: path: .values.nodes[2].tls.peer.key - -data: {} - +data: + values: + manifests: + test_etcd_health: false ... diff --git a/site/hpgen10/software/charts/kubernetes/dns/coredns.yaml b/site/hpgen10/software/charts/kubernetes/dns/coredns.yaml new file mode 100644 index 0000000..01d7d57 --- /dev/null +++ b/site/hpgen10/software/charts/kubernetes/dns/coredns.yaml @@ -0,0 +1,102 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: coredns + replacement: true + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: coredns-global + actions: + - method: replace + path: .values.conf.coredns.corefile + - method: merge + path: . + storagePolicy: cleartext + substitutions: + # Zones + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .dns.cluster_domain + dest: + path: .values.conf.coredns.corefile + pattern: '(CLUSTER_DOMAIN)' + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .kubernetes.service_cidr + dest: + path: .values.conf.coredns.corefile + pattern: '(SERVICE_CIDR)' + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .kubernetes.pod_cidr + dest: + path: .values.conf.coredns.corefile + pattern: '(POD_CIDR)' + + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .dns.upstream_servers[0] + dest: + path: .values.conf.coredns.corefile + pattern: '(UPSTREAM1)' + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .dns.upstream_servers[1] + dest: + path: .values.conf.coredns.corefile + pattern: '(UPSTREAM2)' + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .dns.upstream_servers[2] + dest: + path: .values.conf.coredns.corefile + pattern: '(UPSTREAM3)' +data: + values: + conf: + coredns: + # TODO(alanmeadows) this needs to be adjusted to use substition + corefile: | + .:53 { + errors + health + autopath @kubernetes + kubernetes CLUSTER_DOMAIN SERVICE_CIDR POD_CIDR { + pods insecure + fallthrough in-addr.arpa ip6.arpa + upstream UPSTREAM1 + upstream UPSTREAM2 + upstream UPSTREAM3 + } + prometheus :9153 + proxy . UPSTREAM1 + proxy . UPSTREAM2 + proxy . UPSTREAM3 + cache 30 + } +... diff --git a/site/site30/software/charts/kubernetes/etcd/etcd.yaml b/site/hpgen10/software/charts/kubernetes/etcd/etcd.yaml similarity index 94% rename from site/site30/software/charts/kubernetes/etcd/etcd.yaml rename to site/hpgen10/software/charts/kubernetes/etcd/etcd.yaml index b6b9f60..525d40c 100644 --- a/site/site30/software/charts/kubernetes/etcd/etcd.yaml +++ b/site/hpgen10/software/charts/kubernetes/etcd/etcd.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -23,10 +23,10 @@ metadata: abstract: false layer: site parentSelector: - name: kubernetes-etcd-global + name: kubernetes-etcd-global actions: - - method: merge - path: . + - method: merge + path: . storagePolicy: cleartext substitutions: @@ -47,15 +47,13 @@ metadata: path: .values.images.tags # IP addresses - - - src: + - src: schema: pegleg/CommonAddresses/v1 name: common-addresses path: .kubernetes.etcd_service_ip dest: path: .values.service.ip - - - src: + - src: schema: pegleg/CommonAddresses/v1 name: common-addresses path: .kubernetes.etcd_service_ip @@ -63,30 +61,26 @@ metadata: path: .values.anchor.etcdctl_endpoint # CAs - - - src: + - src: schema: deckhand/CertificateAuthority/v1 name: kubernetes-etcd path: . dest: path: .values.secrets.tls.client.ca - - - src: + - src: schema: deckhand/CertificateAuthority/v1 name: kubernetes-etcd-peer path: . dest: path: .values.secrets.tls.peer.ca - - - src: + - src: schema: deckhand/Certificate/v1 name: kubernetes-etcd-anchor path: . dest: path: .values.secrets.anchor.tls.cert - - - src: + - src: schema: deckhand/CertificateKey/v1 name: kubernetes-etcd-anchor path: . @@ -94,30 +88,26 @@ metadata: path: .values.secrets.anchor.tls.key # Node names - - - src: + - src: schema: pegleg/CommonAddresses/v1 name: common-addresses path: .masters[0].hostname dest: path: .values.nodes[0].name - - - src: + - src: schema: pegleg/CommonAddresses/v1 name: common-addresses path: .masters[1].hostname dest: path: .values.nodes[1].name - - - - src: + - src: schema: pegleg/CommonAddresses/v1 name: common-addresses path: .genesis.hostname dest: path: .values.nodes[2].name - # Server certs + # Server certs - src: schema: deckhand/Certificate/v1 name: kubernetes-etcd-aknode31 @@ -166,6 +156,7 @@ metadata: path: . dest: path: .values.nodes[1].tls.peer.key + # Genesis node - src: schema: deckhand/Certificate/v1 @@ -193,5 +184,4 @@ metadata: path: .values.nodes[2].tls.peer.key data: {} - ... diff --git a/site/hpgen10/software/charts/kubernetes/ingress/ingress.yaml b/site/hpgen10/software/charts/kubernetes/ingress/ingress.yaml new file mode 100644 index 0000000..d7121cb --- /dev/null +++ b/site/hpgen10/software/charts/kubernetes/ingress/ingress.yaml @@ -0,0 +1,32 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: ingress-kube-system + layeringDefinition: + abstract: false + layer: site + parentSelector: + ingress: kube-system + actions: + - method: merge + path: . + storagePolicy: cleartext +data: {} +... diff --git a/site/hpgen10/software/charts/osh-infra/osh-infra-logging/elasticsearch.yaml b/site/hpgen10/software/charts/osh-infra/osh-infra-logging/elasticsearch.yaml new file mode 100644 index 0000000..f838322 --- /dev/null +++ b/site/hpgen10/software/charts/osh-infra/osh-infra-logging/elasticsearch.yaml @@ -0,0 +1,32 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: elasticsearch + layeringDefinition: + abstract: false + layer: site + parentSelector: + hosttype: elasticsearch-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: {} +... diff --git a/site/hpgen10/software/charts/osh-infra/osh-infra-logging/fluent-logging.yaml b/site/hpgen10/software/charts/osh-infra/osh-infra-logging/fluent-logging.yaml new file mode 100644 index 0000000..bf4b39f --- /dev/null +++ b/site/hpgen10/software/charts/osh-infra/osh-infra-logging/fluent-logging.yaml @@ -0,0 +1,32 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: fluent-logging + layeringDefinition: + abstract: false + layer: site + parentSelector: + hosttype: fluent-logging-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: {} +... diff --git a/site/site30/software/charts/osh/openstack-compute-kit/neutron.yaml b/site/hpgen10/software/charts/osh/openstack-compute-kit/neutron.yaml similarity index 71% rename from site/site30/software/charts/osh/openstack-compute-kit/neutron.yaml rename to site/hpgen10/software/charts/osh/openstack-compute-kit/neutron.yaml index ec60713..5df293e 100644 --- a/site/site30/software/charts/osh/openstack-compute-kit/neutron.yaml +++ b/site/hpgen10/software/charts/osh/openstack-compute-kit/neutron.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -18,8 +18,8 @@ schema: armada/Chart/v1 metadata: schema: metadata/Document/v1 - name: neutron-site30 - #replacement: true + name: neutron + replacement: true labels: component: neutron layeringDefinition: @@ -33,9 +33,15 @@ metadata: storagePolicy: cleartext data: values: + labels: + agent: + sriov: + node_selector_key: sriov + node_selector_value: enabled network: -# auto_bridge_add: -# br-bond0: bond0 + backend: + - openvswitch + - sriov interface: sriov: - device: ens6f0 @@ -48,11 +54,16 @@ data: plugins: openvswitch_agent: ovs: - bridge_mappings: physnet:br-bond0 + bridge_mappings: bond0:br-bond0 sriov_agent: + securitygroup: + firewall_driver: neutron.agent.firewall.NoopFirewallDriver sriov_nic: - physical_device_mappings: sriovnet1:ens6f0,sriovnet2:ens6f1 + exclude_devices: null + physical_device_mappings: 'sriovnet1:ens6f0,sriovnet2:ens6f1' ml2_conf: + ml2: + mechanism_drivers: l2population,openvswitch,sriovnicswitch ml2_type_vlan: - network_vlan_ranges: physnet:46:300,sriovnet1:100:4000,sriovnet2:100:4000,sriovnet3:100:4000,sriovnet4:100:4000 + network_vlan_ranges: bond0:46:300,sriovnet1:2001:3000,sriovnet2:2001:3000 ... diff --git a/site/hpgen10/software/charts/osh/openstack-compute-kit/nova.yaml b/site/hpgen10/software/charts/osh/openstack-compute-kit/nova.yaml new file mode 100644 index 0000000..5cd0e3e --- /dev/null +++ b/site/hpgen10/software/charts/osh/openstack-compute-kit/nova.yaml @@ -0,0 +1,52 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: nova + labels: + component: nova + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: nova-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + network: + backend: + - openvswitch + - sriov + conf: + nova: + filter_scheduler: + enabled_filters: "RetryFilter, AvailabilityZoneFilter, RamFilter, ComputeFilter, ComputeCapabilitiesFilter, ImagePropertiesFilter, ServerGroupAntiAffinityFilter, ServerGroupAffinityFilter, PciPassthroughFilter, NUMATopologyFilter, DifferentHostFilter, SameHostFilter" + libvirt: + virt_type: kvm + DEFAULT: + vcpu_pin_set: "4-21,26-43,48-65,72-87" + vif_plugging_is_fatal: False + vif_plugging_timeout: 30 + pci: + alias: '{ "vendor_id":"10de", "product_id":"1db4", "name":"V100", "device_type":"type-PCI" }' + passthrough_whitelist: '{"vendor_id": "10de", "product_id": "1db4"}' +... diff --git a/site/hpgen10/software/charts/ucp/ceph/ceph-client-update.yaml b/site/hpgen10/software/charts/ucp/ceph/ceph-client-update.yaml new file mode 100644 index 0000000..9dda132 --- /dev/null +++ b/site/hpgen10/software/charts/ucp/ceph/ceph-client-update.yaml @@ -0,0 +1,37 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: ucp-ceph-client-update + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: ucp-ceph-client-update-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + conf: + pool: + target: + osd: 24 +... diff --git a/site/hpgen10/software/charts/ucp/ceph/ceph-client.yaml b/site/hpgen10/software/charts/ucp/ceph/ceph-client.yaml new file mode 100644 index 0000000..6abdfbf --- /dev/null +++ b/site/hpgen10/software/charts/ucp/ceph/ceph-client.yaml @@ -0,0 +1,37 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: ucp-ceph-client + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: ucp-ceph-client-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + conf: + pool: + target: + osd: 8 +... diff --git a/site/site30/software/charts/ucp/ceph/ceph.yaml b/site/hpgen10/software/charts/ucp/ceph/ceph-osd.yaml similarity index 94% rename from site/site30/software/charts/ucp/ceph/ceph.yaml rename to site/hpgen10/software/charts/ucp/ceph/ceph-osd.yaml index adf3976..65c871d 100644 --- a/site/site30/software/charts/ucp/ceph/ceph.yaml +++ b/site/hpgen10/software/charts/ucp/ceph/ceph-osd.yaml @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -18,12 +18,12 @@ schema: armada/Chart/v1 metadata: schema: metadata/Document/v1 - name: ucp-ceph + name: ucp-ceph-osd layeringDefinition: abstract: false layer: site parentSelector: - name: ucp-ceph-global + name: ucp-ceph-osd-global actions: - method: replace path: .values.conf.storage.osd @@ -83,8 +83,4 @@ data: journal: type: directory location: /var/lib/ceph/journal/journal-sdi - pool: - target: - osd: 8 ... - diff --git a/site/hpgen10/software/charts/ucp/divingbell/divingbell.yaml b/site/hpgen10/software/charts/ucp/divingbell/divingbell.yaml new file mode 100644 index 0000000..5b9525a --- /dev/null +++ b/site/hpgen10/software/charts/ucp/divingbell/divingbell.yaml @@ -0,0 +1,47 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: ucp-divingbell + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: ucp-divingbell-global + actions: + - method: merge + path: . + storagePolicy: cleartext + substitutions: + - dest: + path: .values.conf.uamlite.users[0].user_sshkeys[0] + src: + schema: deckhand/PublicKey/v1 + name: localadmin_ssh_public_key + path: . + +data: + values: + conf: + uamlite: + users: + - user_name: localadmin + user_sudo: true + user_sshkeys: [] +... diff --git a/site/hpgen10/software/charts/ucp/drydock/maas.yaml b/site/hpgen10/software/charts/ucp/drydock/maas.yaml new file mode 100644 index 0000000..4aad5c7 --- /dev/null +++ b/site/hpgen10/software/charts/ucp/drydock/maas.yaml @@ -0,0 +1,47 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: ucp-maas + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: ucp-maas-global + actions: + - method: replace + path: .values.conf.maas.proxy + - method: merge + path: . + storagePolicy: cleartext +data: + values: + conf: + maas: + ntp: + disable_ntpd_region: true + disable_ntpd_rack: true + images: + default_os: 'ubuntu' + default_image: 'xenial' + default_kernel: 'hwe-16.04' + proxy: + proxy_enabled: 'false' + peer_proxy_enabled: false +... diff --git a/site/hpgen10/software/charts/ucp/promenade/promenade.yaml b/site/hpgen10/software/charts/ucp/promenade/promenade.yaml new file mode 100644 index 0000000..3ba5671 --- /dev/null +++ b/site/hpgen10/software/charts/ucp/promenade/promenade.yaml @@ -0,0 +1,40 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: ucp-promenade + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: ucp-promenade-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + pod: + env: + promenade_api: + - name: no_proxy + value: localhost,127.0.0.1,192.168.0.0/16,172.0.0.0/8,10.0.0.0/8 + - name: NO_PROXY + value: localhost,127.0.0.1,192.168.0.0/16,172.0.0.0/8,10.0.0.0/8 +... diff --git a/site/hpgen10/software/config/common-software-config.yaml b/site/hpgen10/software/config/common-software-config.yaml new file mode 100644 index 0000000..6683425 --- /dev/null +++ b/site/hpgen10/software/config/common-software-config.yaml @@ -0,0 +1,29 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: pegleg/CommonSoftwareConfig/v1 +metadata: + schema: metadata/Document/v1 + name: common-software-config + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + osh: + region_name: RegionOne +... diff --git a/site/hpgen10/software/config/endpoints.yaml b/site/hpgen10/software/config/endpoints.yaml new file mode 100644 index 0000000..0f0324c --- /dev/null +++ b/site/hpgen10/software/config/endpoints.yaml @@ -0,0 +1,1582 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +schema: pegleg/EndpointCatalogue/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_endpoints + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext + # substitutions: + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .ucp.identity.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .ucp.shipyard.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .ceph.object_store.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .ceph.ceph_object_store.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .ceph.object_store.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .ceph.object_store.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .ceph.object_store.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .ucp.identity.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .ucp.identity.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .ucp.identity.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .ucp.shipyard.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .ucp.shipyard.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .ucp.shipyard.host_fqdn_override.public.tls.key +data: + ucp: + identity: + namespace: ucp + name: keystone + hosts: + default: keystone-api + public: keystone + host_fqdn_override: + default: null + # public: + # host: iam.DOMAIN + path: + default: /v3 + scheme: + default: http + # public: https + port: + admin: + default: 35357 + api: + default: 80 + public: 80 + armada: + name: armada + hosts: + default: armada-api + public: armada + port: + api: + default: 8000 + path: + default: /api/v1.0 + scheme: + default: http + host_fqdn_override: + default: null + deckhand: + name: deckhand + hosts: + default: deckhand-int + public: deckhand-api + port: + api: + default: 9000 + path: + default: /api/v1.0 + scheme: + default: http + host_fqdn_override: + default: null + postgresql: + name: postgresql + hosts: + default: postgresql + path: /DB_NAME + scheme: postgresql+psycopg2 + port: + postgresql: + default: 5432 + host_fqdn_override: + default: null + postgresql_airflow_celery: + name: postgresql_airflow_celery_db + hosts: + default: postgresql + path: /DB_NAME + scheme: db+postgresql + port: + postgresql: + default: 5432 + host_fqdn_override: + default: null + oslo_db: + hosts: + default: mariadb + discovery: mariadb-discovery + host_fqdn_override: + default: null + path: /DB_NAME + scheme: mysql+pymysql + port: + mysql: + default: 3306 + wsrep: + default: 4567 + key_manager: + name: barbican + hosts: + default: barbican-api + public: barbican + host_fqdn_override: + default: null + path: + default: /v1 + scheme: + default: http + port: + api: + default: 9311 + public: 80 + oslo_messaging: + namespace: null + hosts: + default: rabbitmq + host_fqdn_override: + default: null + path: /openstack + scheme: rabbit + port: + amqp: + default: 5672 + oslo_cache: + hosts: + default: memcached + host_fqdn_override: + default: null + port: + memcache: + default: 11211 + physicalprovisioner: + name: drydock + hosts: + default: drydock-api + port: + api: + default: 9000 + nodeport: 31900 + path: + default: /api/v1.0 + scheme: + default: http + host_fqdn_override: + default: null + maas_region_ui: + name: maas-region-ui + hosts: + default: maas-region-ui + public: maas + path: + default: /MAAS + scheme: + default: "http" + port: + region_ui: + default: 80 + public: 80 + host_fqdn_override: + default: null + kubernetesprovisioner: + name: promenade + hosts: + default: promenade-api + port: + api: + default: 80 + path: + default: /api/v1.0 + scheme: + default: http + host_fqdn_override: + default: null + shipyard: + name: shipyard + hosts: + default: shipyard-int + public: shipyard-api + port: + api: + default: 9000 + public: 80 + path: + default: /api/v1.0 + scheme: + default: http + # public: https + host_fqdn_override: + default: null + # public: + # host: shipyard.DOMAIN + airflow_web: + name: airflow-web + hosts: + default: airflow-web-int + public: airflow-web + port: + airflow_web: + default: 8080 + path: + default: / + scheme: + default: http + host_fqdn_override: + default: null + airflow_flower: + name: airflow-flower + hosts: + default: airflow-flower + port: + airflow_flower: + default: 5555 + path: + default: / + scheme: + default: http + host_fqdn_override: + default: null + ceph: + object_store: + name: swift + namespace: ceph + hosts: + default: ceph-rgw + public: radosgw + host_fqdn_override: + default: null + # public: + # host: object-store.DOMAIN + path: + default: /swift/v1 + scheme: + default: http + # public: "https" + port: + api: + default: 8088 + # public: 443 + ceph_object_store: + name: radosgw + namespace: ceph + hosts: + default: ceph-rgw + public: radosgw + host_fqdn_override: + default: null + # public: + # host: object-store.DOMAIN + path: + default: /auth/v1.0 + scheme: + default: "http" + # public: "https" + port: + api: + default: 8088 + # public: 443 + ceph_mon: + namespace: ceph + hosts: + default: ceph-mon + discovery: ceph-mon-discovery + host_fqdn_override: + default: null + port: + mon: + default: 6789 + ceph_mgr: + namespace: ceph + hosts: + default: ceph-mgr + host_fqdn_override: + default: null + port: + mgr: + default: 7000 + scheme: + default: http +... +--- +schema: pegleg/EndpointCatalogue/v1 +metadata: + schema: metadata/Document/v1 + name: osh_endpoints + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext + # substitutions: + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.object_store.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.ceph_object_store.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.object_store.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.object_store.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.object_store.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.ceph_object_store.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.ceph_object_store.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.ceph_object_store.host_fqdn_override.public.tls.key + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.image.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.cloudformation.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.orchestration.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.compute.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.compute_novnc_proxy.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.placement.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.network.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.identity.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.dashboard.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.volume.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.volumev2.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh.volumev3.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.identity.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.identity.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.identity.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.orchestration.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.orchestration.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.orchestration.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.cloudformation.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.cloudformation.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.cloudformation.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.dashboard.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.dashboard.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.dashboard.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.image.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.image.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.image.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.volume.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.volume.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.volume.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.volumev2.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.volumev2.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.volumev2.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.volumev3.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.volumev3.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.volumev3.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.compute.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.compute.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.compute.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.placement.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.placement.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.placement.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh.network.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh.network.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh.network.host_fqdn_override.public.tls.key +data: + osh: + object_store: + name: swift + namespace: ceph + hosts: + default: ceph-rgw + public: radosgw + host_fqdn_override: + default: null + # public: + # host: object-store.DOMAIN + path: + default: /swift/v1/KEY_$(tenant_id)s + scheme: + default: http + # public: "https" + port: + api: + default: 8088 + # public: 443 + ceph_object_store: + name: radosgw + namespace: ceph + hosts: + default: ceph-rgw + public: radosgw + host_fqdn_override: + default: null + # public: + # host: object-store.DOMAIN + path: + default: /auth/v1.0 + scheme: + default: "http" + # public: "https" + port: + api: + default: 8088 + # public: 443 + oslo_db: + hosts: + default: mariadb + discovery: mariadb-discovery + host_fqdn_override: + default: null + path: /DB_NAME + scheme: mysql+pymysql + port: + mysql: + default: 3306 + wsrep: + default: 4567 + keystone_oslo_messaging: + namespace: openstack + hosts: + default: keystone-rabbitmq + host_fqdn_override: + default: null + path: /keystone + scheme: rabbit + port: + amqp: + default: 5672 + http: + default: 15672 + keystone_rabbitmq_exporter: + namespace: openstack + hosts: + default: keystone-rabbitmq-exporter + host_fqdn_override: + default: null + path: + default: /metrics + scheme: + default: "http" + port: + metrics: + default: 9095 + oslo_cache: + namespace: openstack + hosts: + default: memcached + host_fqdn_override: + default: null + port: + memcache: + default: 11211 + identity: + namespace: openstack + name: keystone + hosts: + default: keystone-api + public: keystone + host_fqdn_override: + default: null + # public: + # host: identity.DOMAIN + path: + default: /v3 + scheme: + default: "http" + # public: "https" + port: + admin: + default: 35357 + api: + default: 80 + # public: 443 + glance_oslo_messaging: + namespace: openstack + hosts: + default: glance-rabbitmq + host_fqdn_override: + default: null + path: /glance + scheme: rabbit + port: + amqp: + default: 5672 + http: + default: 15672 + glance_rabbitmq_exporter: + namespace: openstack + hosts: + default: glance-rabbitmq-exporter + host_fqdn_override: + default: null + path: + default: /metrics + scheme: + default: "http" + port: + metrics: + default: 9095 + image: + name: glance + hosts: + default: glance-api + public: glance + host_fqdn_override: + default: null + # public: + # host: image.DOMAIN + path: + default: null + scheme: + default: "http" + # public: "https" + port: + api: + default: 9292 + # public: 443 + image_registry: + name: glance-registry + hosts: + default: glance-registry + public: glance-reg + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + api: + default: 9191 + public: 80 + cinder_oslo_messaging: + namespace: openstack + hosts: + default: cinder-rabbitmq + host_fqdn_override: + default: null + path: /cinder + scheme: rabbit + port: + amqp: + default: 5672 + http: + default: 15672 + cinder_rabbitmq_exporter: + namespace: openstack + hosts: + default: cinder-rabbitmq-exporter + host_fqdn_override: + default: null + path: + default: /metrics + scheme: + default: "http" + port: + metrics: + default: 9095 + volume: + name: cinder + hosts: + default: cinder-api + public: cinder + host_fqdn_override: + default: null + # public: + # host: volume.DOMAIN + path: + default: "/v1/%(tenant_id)s" + scheme: + default: "http" + # public: "https" + port: + api: + default: 8776 + # public: 443 + volumev2: + name: cinderv2 + hosts: + default: cinder-api + public: cinder + host_fqdn_override: + default: null + # public: + # host: volume.DOMAIN + path: + default: "/v2/%(tenant_id)s" + scheme: + default: "http" + # public: "https" + port: + api: + default: 8776 + # public: 443 + volumev3: + name: cinderv3 + hosts: + default: cinder-api + public: cinder + host_fqdn_override: + default: null + # public: + # host: volume.DOMAIN + path: + default: "/v3/%(tenant_id)s" + scheme: + default: "http" + # public: "https" + port: + api: + default: 8776 + # public: 443 + heat_oslo_messaging: + namespace: openstack + hosts: + default: heat-rabbitmq + host_fqdn_override: + default: null + path: /heat + scheme: rabbit + port: + amqp: + default: 5672 + http: + default: 15672 + heat_rabbitmq_exporter: + namespace: openstack + hosts: + default: heat-rabbitmq-exporter + host_fqdn_override: + default: null + path: + default: /metrics + scheme: + default: "http" + port: + metrics: + default: 9095 + orchestration: + name: heat + hosts: + default: heat-api + public: heat + host_fqdn_override: + default: null + # public: + # host: orchestration.DOMAIN + path: + default: "/v1/%(project_id)s" + scheme: + default: "http" + # public: "https" + port: + api: + default: 8004 + # public: 443 + cloudformation: + name: heat-cfn + hosts: + default: heat-cfn + public: cloudformation + host_fqdn_override: + default: null + # public: + # host: cloudformation.DOMAIN + path: + default: /v1 + scheme: + default: "http" + # public: "https" + port: + api: + default: 8000 + # public: 443 + cloudwatch: + name: heat-cloudwatch + hosts: + default: heat-cloudwatch + public: cloudwatch + host_fqdn_override: + default: null + path: + default: null + type: null + scheme: + default: "http" + port: + api: + default: 8003 + public: 80 + neutron_oslo_messaging: + namespace: openstack + hosts: + default: neutron-rabbitmq + host_fqdn_override: + default: null + path: /neutron + scheme: rabbit + port: + amqp: + default: 5672 + http: + default: 15672 + neutron_rabbitmq_exporter: + namespace: openstack + hosts: + default: neutron-rabbitmq-exporter + host_fqdn_override: + default: null + path: + default: /metrics + scheme: + default: "http" + port: + metrics: + default: 9095 + network: + name: neutron + hosts: + default: neutron-server + public: neutron + host_fqdn_override: + default: null + # public: + # host: network.DOMAIN + path: + default: null + scheme: + default: "http" + # public: "https" + port: + api: + default: 9696 + # public: 443 + nova_oslo_messaging: + namespace: openstack + hosts: + default: nova-rabbitmq + host_fqdn_override: + default: null + path: /nova + scheme: rabbit + port: + amqp: + default: 5672 + http: + default: 15672 + nova_rabbitmq_exporter: + namespace: openstack + hosts: + default: nova-rabbitmq-exporter + host_fqdn_override: + default: null + path: + default: /metrics + scheme: + default: "http" + port: + metrics: + default: 9095 + compute: + name: nova + hosts: + default: nova-api + public: nova + host_fqdn_override: + default: null + # public: + # host: compute.DOMAIN + path: + default: "/v2/%(tenant_id)s" + scheme: + default: "http" + # public: "https" + port: + api: + default: 8774 + # public: 443 + novncproxy: + default: 443 + compute_metadata: + name: nova + hosts: + default: nova-metadata + public: metadata + host_fqdn_override: + default: null + path: + default: / + scheme: + default: "http" + port: + metadata: + default: 8775 + public: 80 + compute_novnc_proxy: + name: nova + hosts: + default: nova-novncproxy + public: novncproxy + host_fqdn_override: + default: null + # public: + # host: nova-novncproxy.DOMAIN + path: + default: /vnc_auto.html + scheme: + default: "http" + # public: "https" + port: + novnc_proxy: + default: 6080 + # public: 443 + compute_spice_proxy: + name: nova + hosts: + default: nova-spiceproxy + host_fqdn_override: + default: null + path: + default: /spice_auto.html + scheme: + default: "http" + port: + spice_proxy: + default: 6082 + placement: + name: placement + hosts: + default: placement-api + public: placement + host_fqdn_override: + default: null + # public: + # host: placement.DOMAIN + path: + default: / + scheme: + default: "http" + # public: "https" + port: + api: + default: 8778 + # public: 443 + dashboard: + name: horizon + hosts: + default: horizon-int + public: horizon + host_fqdn_override: + default: null + # public: + # host: dashboard.DOMAIN + path: + default: null + scheme: + default: "http" + # public: "https" + port: + web: + default: 80 + # public: 443 +... +--- +schema: pegleg/EndpointCatalogue/v1 +metadata: + schema: metadata/Document/v1 + name: osh_infra_endpoints + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext + # substitutions: + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh_infra.kibana.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh_infra.grafana.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .dns.ingress_domain + # dest: + # path: .osh_infra.nagios.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh_infra.kibana.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh_infra.kibana.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh_infra.kibana.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh_infra.grafana.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh_infra.grafana.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh_infra.grafana.host_fqdn_override.public.tls.key + # - src: + # schema: deckhand/Certificate/v1 + # name: ingress-crt + # path: . + # dest: + # path: .osh_infra.nagios.host_fqdn_override.public.tls.crt + # - src: + # schema: deckhand/CertificateAuthority/v1 + # name: ingress-ca + # path: . + # dest: + # path: .osh_infra.nagios.host_fqdn_override.public.tls.ca + # - src: + # schema: deckhand/CertificateKey/v1 + # name: ingress-key + # path: . + # dest: + # path: .osh_infra.nagios.host_fqdn_override.public.tls.key + # path: .osh_infra.nagios.host_fqdn_override.public.tls.key + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .ldap.base_url + # dest: + # path: .osh_infra.ldap.host_fqdn_override.public.host + # pattern: DOMAIN + # - src: + # schema: pegleg/CommonAddresses/v1 + # name: common-addresses + # path: .ldap.auth_path + # dest: + # path: .osh_infra.ldap.path.default + # pattern: AUTH_PATH +data: + osh_infra: + elasticsearch: + name: elasticsearch + namespace: osh-infra + hosts: + data: elasticsearch-data + default: elasticsearch-logging + discovery: elasticsearch-discovery + public: elasticsearch + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + http: + default: 80 + prometheus_elasticsearch_exporter: + namespace: null + hosts: + default: elasticsearch-exporter + host_fqdn_override: + default: null + path: + default: /metrics + scheme: + default: "http" + port: + metrics: + default: 9108 + fluentd: + namespace: osh-infra + name: fluentd + hosts: + default: fluentd-logging + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + service: + default: 24224 + metrics: + default: 24220 + prometheus_fluentd_exporter: + namespace: osh-infra + hosts: + default: fluentd-exporter + host_fqdn_override: + default: null + path: + default: /metrics + scheme: + default: "http" + port: + metrics: + default: 9309 + oslo_db: + namespace: osh-infra + hosts: + default: mariadb + host_fqdn_override: + default: null + path: /DB_NAME + scheme: mysql+pymysql + port: + mysql: + default: 3306 + grafana: + name: grafana + namespace: osh-infra + hosts: + default: grafana-dashboard + public: grafana + host_fqdn_override: + default: null + # public: + # host: grafana.DOMAIN + path: + default: null + scheme: + default: "http" + # public: "https" + port: + grafana: + default: 3000 + # public: 443 + monitoring: + name: prometheus + namespace: osh-infra + hosts: + default: prom-metrics + public: prometheus + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + api: + default: 9090 + public: 80 + kibana: + name: kibana + namespace: osh-infra + hosts: + default: kibana-dash + public: kibana + host_fqdn_override: + default: null + # public: + # host: kibana.DOMAIN + path: + default: null + scheme: + default: "http" + # public: "https" + port: + kibana: + default: 5601 + # public: 443 + alerts: + name: alertmanager + namespace: osh-infra + hosts: + default: alerts-engine + public: alertmanager + discovery: alertmanager-discovery + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + api: + default: 9093 + public: 80 + mesh: + default: 6783 + kube_state_metrics: + namespace: kube-system + hosts: + default: kube-state-metrics + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + http: + default: 8080 + kube_scheduler: + scheme: + default: "http" + path: + default: /metrics + kube_controller_manager: + scheme: + default: "http" + path: + default: /metrics + node_metrics: + namespace: kube-system + hosts: + default: node-exporter + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + metrics: + default: 9100 + prometheus_port: + default: 9100 + prometheus_openstack_exporter: + namespace: openstack + hosts: + default: openstack-metrics + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + exporter: + default: 9103 + nagios: + name: nagios + namespace: osh-infra + hosts: + default: nagios-metrics + public: nagios + host_fqdn_override: + default: null + # public: + # host: nagios.DOMAIN + path: + default: null + scheme: + default: http + # public: https + port: + http: + default: 80 + # public: 443 + ldap: + hosts: + default: ldap + host_fqdn_override: + default: null + public: + host: DOMAIN + path: + default: /AUTH_PATH + scheme: + default: "ldap" + port: + ldap: + default: 389 +... diff --git a/site/hpgen10/software/config/service_accounts.yaml b/site/hpgen10/software/config/service_accounts.yaml new file mode 100644 index 0000000..4dbe82d --- /dev/null +++ b/site/hpgen10/software/config/service_accounts.yaml @@ -0,0 +1,413 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: pegleg/AccountCatalogue/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_service_accounts + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + ucp: + postgres: + admin: + username: postgres + oslo_db: + admin: + username: root + oslo_messaging: + admin: + username: rabbitmq + keystone: + admin: + region_name: RegionOne + username: admin + project_name: admin + user_domain_name: default + project_domain_name: default + oslo_messaging: + admin: + username: rabbitmq + keystone: + username: keystone + oslo_db: + username: keystone + database: keystone + promenade: + keystone: + region_name: RegionOne + role: admin + project_name: service + project_domain_name: default + user_domain_name: default + username: promenade + drydock: + keystone: + region_name: RegionOne + role: admin + project_name: service + project_domain_name: default + user_domain_name: default + username: drydock + postgres: + username: drydock + database: drydock + shipyard: + keystone: + region_name: RegionOne + role: admin + project_name: service + project_domain_name: default + user_domain_name: default + username: shipyard + postgres: + username: shipyard + database: shipyard + airflow: + postgres: + username: airflow + database: airflow + oslo_messaging: + username: rabbitmq + maas: + admin: + username: admin + email: none@none + postgres: + username: maas + database: maasdb + barbican: + keystone: + region_name: RegionOne + role: admin + project_name: service + project_domain_name: default + user_domain_name: default + username: barbican + oslo_db: + username: barbican + database: barbican + oslo_messaging: + admin: + username: rabbitmq + keystone: + username: keystone + armada: + keystone: + project_domain_name: default + user_domain_name: default + project_name: service + region_name: RegionOne + role: admin + user_domain_name: default + username: armada + deckhand: + keystone: + region_name: RegionOne + role: admin + project_name: service + project_domain_name: default + user_domain_name: default + username: deckhand + postgres: + username: deckhand + database: deckhand + ceph: + swift: + keystone: + role: admin + region_name: RegionOne + username: swift + project_name: service + user_domain_name: default + project_domain_name: default +... +--- +schema: pegleg/AccountCatalogue/v1 +metadata: + schema: metadata/Document/v1 + name: osh_service_accounts + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext + substitutions: + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.keystone.admin.region_name + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.cinder.cinder.region_name + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.glance.glance.region_name + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.heat.heat.region_name + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.heat.heat_trustee.region_name + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.heat.heat_stack_user.region_name + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.swift.keystone.region_name + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.neutron.neutron.region_name + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.nova.nova.region_name + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.nova.placement.region_name + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.barbican.barbican.region_name + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.barbican.barbican.region_name +data: + osh: + keystone: + admin: + username: admin + project_name: admin + user_domain_name: default + project_domain_name: default + oslo_db: + username: keystone + database: keystone + oslo_messaging: + admin: + username: keystone-rabbitmq-admin + keystone: + username: keystone-rabbitmq-user + ldap: + username: "user@example-ldap.com" + cinder: + cinder: + role: admin + username: cinder + project_name: service + user_domain_name: default + project_domain_name: default + oslo_db: + username: cinder + database: cinder + oslo_messaging: + admin: + username: cinder-rabbitmq-admin + cinder: + username: cinder-rabbitmq-user + glance: + glance: + role: admin + username: glance + project_name: service + user_domain_name: default + project_domain_name: default + oslo_db: + username: glance + database: glance + oslo_messaging: + admin: + username: glance-rabbitmq-admin + glance: + username: glance-rabbitmq-user + ceph_object_store: + username: glance + heat: + heat: + role: admin + username: heat + project_name: service + user_domain_name: default + project_domain_name: default + heat_trustee: + role: admin + username: heat-trust + project_name: service + user_domain_name: default + project_domain_name: default + heat_stack_user: + role: admin + username: heat-domain + domain_name: heat + oslo_db: + username: heat + database: heat + oslo_messaging: + admin: + username: heat-rabbitmq-admin + heat: + username: heat-rabbitmq-user + swift: + keystone: + role: admin + username: swift + project_name: service + user_domain_name: default + project_domain_name: default + oslo_db: + admin: + username: root + neutron: + neutron: + role: admin + username: neutron + project_name: service + user_domain_name: default + project_domain_name: default + oslo_db: + username: neutron + database: neutron + oslo_messaging: + admin: + username: neutron-rabbitmq-admin + neutron: + username: neutron-rabbitmq-user + nova: + nova: + role: admin + username: nova + project_name: service + user_domain_name: default + project_domain_name: default + placement: + role: admin + username: placement + project_name: service + user_domain_name: default + project_domain_name: default + oslo_db: + username: nova + database: nova + oslo_db_api: + username: nova + database: nova_api + oslo_db_cell0: + username: nova + database: "nova_cell0" + oslo_messaging: + admin: + username: nova-rabbitmq-admin + nova: + username: nova-rabbitmq-user + horizon: + oslo_db: + username: horizon + database: horizon + barbican: + barbican: + role: admin + username: barbican + project_name: service + user_domain_name: default + project_domain_name: default + oslo_db: + username: barbican + database: barbican + oslo_messaging: + admin: + username: barbican-rabbitmq-admin + barbican: + username: barbican-rabbitmq-user +... +--- +schema: pegleg/AccountCatalogue/v1 +metadata: + schema: metadata/Document/v1 + name: osh_infra_service_accounts + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + osh_infra: + grafana: + admin: + username: grafana + oslo_db: + username: grafana + database: grafana + oslo_db_session: + username: grafana_session + database: grafana_session + elasticsearch: + admin: + username: elasticsearch + kibana: + admin: + username: kibana + oslo_db: + admin: + username: root + prometheus_openstack_exporter: + user: + username: prometheus-openstack-exporter + project_name: service + user_domain_name: default + nagios: + admin: + username: nagios + ldap: + admin: + # NEWSITE-CHANGEME: Replace with the site's LDAP account used to + # authenticate to the active directory backend to validate keystone + # users. + bind: "test@ldap.example.com" +... diff --git a/site/hpgen10/software/manifests/full-site.yaml b/site/hpgen10/software/manifests/full-site.yaml new file mode 100644 index 0000000..0bf3dd6 --- /dev/null +++ b/site/hpgen10/software/manifests/full-site.yaml @@ -0,0 +1,69 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: armada/Manifest/v1 +metadata: + schema: metadata/Document/v1 + name: full-site + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: full-site-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + release_prefix: airship + chart_groups: + - kubernetes-proxy + - kubernetes-container-networking + - kubernetes-dns + - kubernetes-etcd + - kubernetes-haproxy + - kubernetes-core + - ingress-kube-system + - ucp-ceph-update + - ucp-ceph-config + - ucp-core + - ucp-keystone + - ucp-divingbell + - ucp-armada + - ucp-deckhand + - ucp-drydock + - ucp-promenade + - ucp-shipyard + - osh-infra-ingress-controller + - osh-infra-ceph-config + - osh-infra-logging + - osh-infra-monitoring + - osh-infra-mariadb + - osh-infra-dashboards + - openstack-ingress-controller + - openstack-ceph-config + - openstack-mariadb + - openstack-memcached + - openstack-keystone + - openstack-radosgw + - openstack-glance + - openstack-cinder + - openstack-compute-kit + - openstack-heat + - osh-infra-prometheus-openstack-exporter + - openstack-horizon +... diff --git a/site/site30/software/charts/osh/openstack-compute-kit/nova.yaml b/site/site30/software/charts/osh/openstack-compute-kit/nova.yaml deleted file mode 100644 index 1cce35b..0000000 --- a/site/site30/software/charts/osh/openstack-compute-kit/nova.yaml +++ /dev/null @@ -1,45 +0,0 @@ ---- -############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: nova - labels: - component: nova - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: nova-global - actions: - - method: merge - path: . - storagePolicy: cleartext -data: - values: - conf: - nova: - libvirt: - virt_type: kvm - DEFAULT: - vcpu_pin_set: "4-23,28-47" - pci: - alias: '{"name": "numa0", "capability_type": "pci", "product_id": "154c", "vendor_id": "8086", "device_type": "type-PCI", "numa_policy": "required"}' - passthrough_whitelist: | - [{"address": "0000:08:10.0", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:10.2", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:12.4", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:12.6", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:13.0", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:13.2", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:13.4", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:13.6", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:14.0", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:14.2", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:14.4", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:14.6", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:10.4", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:15.0", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:15.2", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:15.4", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:15.6", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:16.0", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:16.2", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:16.4", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:16.6", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:17.0", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:17.2", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:10.6", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:17.4", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:17.6", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:11.0", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:11.2", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:11.4", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:11.6", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:12.0", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:12.2", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:10.1", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:10.3", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:12.5", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:12.7", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:13.1", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:13.3", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:13.5", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:13.7", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:14.1", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:14.3", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:14.5", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:14.7", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:10.5", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:15.1", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:15.3", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:15.5", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:15.7", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:16.1", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:16.3", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:16.5", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:16.7", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:17.1", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:17.3", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:10.7", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:17.5", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:17.7", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:11.1", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:11.3", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:11.5", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:11.7", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:12.1", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:12.3", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:81:10.0", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:10.2", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:12.4", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:12.6", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:13.0", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:13.2", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:13.4", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:13.6", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:14.0", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:14.2", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:14.4", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:14.6", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:10.4", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:15.0", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:15.2", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:15.4", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:15.6", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:16.0", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:16.2", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:16.4", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:16.6", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:17.0", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:17.2", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:10.6", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:17.4", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:17.6", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:11.0", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:11.2", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:11.4", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:11.6", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:12.0", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:12.2", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:10.1", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:10.3", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:12.5", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:12.7", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:13.1", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:13.3", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:13.5", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:13.7", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:14.1", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:14.3", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:14.5", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:14.7", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:10.5", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:15.1", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:15.3", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:15.5", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:15.7", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:16.1", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:16.3", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:16.5", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:16.7", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:17.1", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:17.3", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:10.7", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:17.5", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:17.7", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:11.1", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:11.3", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:11.5", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:11.7", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:12.1", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:12.3", "physical_network": "sriovnet4", "trusted": "true"}] -... diff --git a/site/site30/software/config/endpoints.yaml b/site/site30/software/config/endpoints.yaml deleted file mode 100644 index d620941..0000000 --- a/site/site30/software/config/endpoints.yaml +++ /dev/null @@ -1,1069 +0,0 @@ ---- -############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -schema: pegleg/EndpointCatalogue/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_endpoints - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .domain.url - dest: - path: .ucp.identity.host_fqdn_override.public - pattern: DOMAIN - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .domain.url - dest: - path: .ucp.shipyard.host_fqdn_override.public - pattern: DOMAIN -data: - ucp: - identity: - namespace: ucp - name: keystone - hosts: - default: keystone-api - public: keystone - host_fqdn_override: - default: null - public: iam.DOMAIN - path: - default: /v3 - scheme: - default: http - port: - admin: - default: 35357 - api: - default: 80 - armada: - name: armada - hosts: - default: armada-api - public: armada - port: - api: - default: 8000 - path: - default: /api/v1.0 - scheme: - default: http - host_fqdn_override: - default: null - deckhand: - name: deckhand - hosts: - default: deckhand-int - public: deckhand-api - port: - api: - default: 9000 - path: - default: /api/v1.0 - scheme: - default: http - host_fqdn_override: - default: null - postgresql: - name: postgresql - hosts: - default: postgresql - path: /DB_NAME - scheme: postgresql+psycopg2 - port: - postgresql: - default: 5432 - host_fqdn_override: - default: null - postgresql_airflow_celery: - name: postgresql_airflow_celery_db - hosts: - default: postgresql - path: /DB_NAME - scheme: db+postgresql - port: - postgresql: - default: 5432 - host_fqdn_override: - default: null - oslo_db: - hosts: - default: mariadb - discovery: mariadb-discovery - host_fqdn_override: - default: null - path: /DB_NAME - scheme: mysql+pymysql - port: - mysql: - default: 3306 - wsrep: - default: 4567 - key_manager: - name: barbican - hosts: - default: barbican-api - public: barbican - host_fqdn_override: - default: null - path: - default: /v1 - scheme: - default: http - port: - api: - default: 9311 - public: 80 - oslo_messaging: - namespace: null - hosts: - default: rabbitmq - host_fqdn_override: - default: null - path: /openstack - scheme: rabbit - port: - amqp: - default: 5672 - oslo_cache: - hosts: - default: memcached - host_fqdn_override: - default: null - port: - memcache: - default: 11211 - physicalprovisioner: - name: drydock - hosts: - default: drydock-api - port: - api: - default: 9000 - nodeport: 31900 - path: - default: /api/v1.0 - scheme: - default: http - host_fqdn_override: - default: null - maas_region_ui: - name: maas-region-ui - hosts: - default: maas-region-ui - public: maas - path: - default: /MAAS - scheme: - default: "http" - port: - region_ui: - default: 80 - public: 80 - host_fqdn_override: - default: null - kubernetesprovisioner: - name: promenade - hosts: - default: promenade-api - port: - api: - default: 80 - path: - default: /api/v1.0 - scheme: - default: http - host_fqdn_override: - default: null - shipyard: - name: shipyard - hosts: - default: shipyard-int - public: shipyard-api - port: - api: - default: 9000 - public: 80 - path: - default: /api/v1.0 - scheme: - default: http - host_fqdn_override: - default: null - public: shipyard.DOMAIN - airflow_web: - name: airflow-web - hosts: - default: airflow-web-int - public: airflow-web - port: - airflow_web: - default: 8080 - path: - default: / - scheme: - default: http - host_fqdn_override: - default: null - airflow_flower: - name: airflow-flower - hosts: - default: airflow-flower - port: - airflow_flower: - default: 5555 - path: - default: / - scheme: - default: http - host_fqdn_override: - default: null - ceph: - object_store: - name: swift - namespace: ceph - hosts: - default: ceph-rgw - host_fqdn_override: - default: null - path: - default: /swift/v1 - scheme: - default: http - port: - api: - default: 8088 - ceph_mon: - namespace: ceph - hosts: - default: ceph-mon - discovery: ceph-mon-discovery - host_fqdn_override: - default: null - port: - mon: - default: 6789 - ceph_mgr: - namespace: ceph - hosts: - default: ceph-mgr - host_fqdn_override: - default: null - port: - mgr: - default: 7000 - scheme: - default: http -... ---- -schema: pegleg/EndpointCatalogue/v1 -metadata: - schema: metadata/Document/v1 - name: osh_endpoints - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .domain.url - dest: - path: .osh.image.host_fqdn_override.public - pattern: DOMAIN - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .domain.url - dest: - path: .osh.cloudformation.host_fqdn_override.public - pattern: DOMAIN - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .domain.url - dest: - path: .osh.orchestration.host_fqdn_override.public - pattern: DOMAIN - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .domain.url - dest: - path: .osh.compute.host_fqdn_override.public - pattern: DOMAIN - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .domain.url - dest: - path: .osh.compute_novnc_proxy.host_fqdn_override.public - pattern: DOMAIN - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .domain.url - dest: - path: .osh.network.host_fqdn_override.public - pattern: DOMAIN - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .domain.url - dest: - path: .osh.identity.host_fqdn_override.public - pattern: DOMAIN - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .domain.url - dest: - path: .osh.dashboard.host_fqdn_override.public - pattern: DOMAIN - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .domain.url - dest: - path: .osh.volume.host_fqdn_override.public - pattern: DOMAIN - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .domain.url - dest: - path: .osh.volumev2.host_fqdn_override.public - pattern: DOMAIN - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .domain.url - dest: - path: .osh.volumev3.host_fqdn_override.public - pattern: DOMAIN -data: - osh: - oslo_db: - hosts: - default: mariadb - discovery: mariadb-discovery - host_fqdn_override: - default: null - path: /DB_NAME - scheme: mysql+pymysql - port: - mysql: - default: 3306 - wsrep: - default: 4567 - keystone_oslo_messaging: - namespace: openstack - hosts: - default: keystone-rabbitmq - host_fqdn_override: - default: null - path: /keystone - scheme: rabbit - port: - amqp: - default: 5672 - http: - default: 15672 - keystone_rabbitmq_exporter: - namespace: openstack - hosts: - default: keystone-rabbitmq-exporter - host_fqdn_override: - default: null - path: - default: /metrics - scheme: - default: "http" - port: - metrics: - default: 9095 - oslo_cache: - namespace: openstack - hosts: - default: memcached - host_fqdn_override: - default: null - port: - memcache: - default: 11211 - identity: - namespace: openstack - name: keystone - hosts: - default: keystone-api - public: keystone - host_fqdn_override: - default: null - public: keystone.DOMAIN - path: - default: /v3 - scheme: - default: "http" - port: - admin: - default: 35357 - api: - default: 80 - glance_oslo_messaging: - namespace: openstack - hosts: - default: glance-rabbitmq - host_fqdn_override: - default: null - path: /glance - scheme: rabbit - port: - amqp: - default: 5672 - http: - default: 15672 - glance_rabbitmq_exporter: - namespace: openstack - hosts: - default: glance-rabbitmq-exporter - host_fqdn_override: - default: null - path: - default: /metrics - scheme: - default: "http" - port: - metrics: - default: 9095 - image: - name: glance - hosts: - default: glance-api - public: glance - host_fqdn_override: - default: null - public: image.DOMAIN - path: - default: null - scheme: - default: "http" - port: - api: - default: 9292 - public: 80 - image_registry: - name: glance-registry - hosts: - default: glance-registry - public: glance-reg - host_fqdn_override: - default: null - path: - default: null - scheme: - default: "http" - port: - api: - default: 9191 - public: 80 - cinder_oslo_messaging: - namespace: openstack - hosts: - default: cinder-rabbitmq - host_fqdn_override: - default: null - path: /cinder - scheme: rabbit - port: - amqp: - default: 5672 - http: - default: 15672 - cinder_rabbitmq_exporter: - namespace: openstack - hosts: - default: cinder-rabbitmq-exporter - host_fqdn_override: - default: null - path: - default: /metrics - scheme: - default: "http" - port: - metrics: - default: 9095 - volume: - name: cinder - hosts: - default: cinder-api - public: cinder - host_fqdn_override: - default: null - public: volume.DOMAIN - path: - default: "/v1/%(tenant_id)s" - scheme: - default: "http" - port: - api: - default: 8776 - public: 80 - volumev2: - name: cinderv2 - hosts: - default: cinder-api - public: cinder - host_fqdn_override: - default: null - public: volume.DOMAIN - path: - default: "/v2/%(tenant_id)s" - scheme: - default: "http" - port: - api: - default: 8776 - public: 80 - volumev3: - name: cinderv3 - hosts: - default: cinder-api - public: cinder - host_fqdn_override: - default: null - public: volume.DOMAIN - path: - default: "/v3/%(tenant_id)s" - scheme: - default: "http" - port: - api: - default: 8776 - public: 80 - ceph_object_store: - name: radosgw - namespace: ceph - hosts: - default: ceph-rgw - host_fqdn_override: - default: null - path: - default: /auth/v1.0 - scheme: - default: "http" - port: - api: - default: 8088 - heat_oslo_messaging: - namespace: openstack - hosts: - default: heat-rabbitmq - host_fqdn_override: - default: null - path: /heat - scheme: rabbit - port: - amqp: - default: 5672 - http: - default: 15672 - heat_rabbitmq_exporter: - namespace: openstack - hosts: - default: heat-rabbitmq-exporter - host_fqdn_override: - default: null - path: - default: /metrics - scheme: - default: "http" - port: - metrics: - default: 9095 - orchestration: - name: heat - hosts: - default: heat-api - public: heat - host_fqdn_override: - default: null - public: orchestration.DOMAIN - path: - default: "/v1/%(project_id)s" - scheme: - default: "http" - port: - api: - default: 8004 - public: 80 - cloudformation: - name: heat-cfn - hosts: - default: heat-cfn - public: cloudformation - host_fqdn_override: - default: null - public: cloudformation.DOMAIN - path: - default: /v1 - scheme: - default: "http" - port: - api: - default: 8000 - public: 80 - cloudwatch: - name: heat-cloudwatch - hosts: - default: heat-cloudwatch - public: cloudwatch - host_fqdn_override: - default: null - path: - default: null - type: null - scheme: - default: "http" - port: - api: - default: 8003 - public: 80 - neutron_oslo_messaging: - namespace: openstack - hosts: - default: neutron-rabbitmq - host_fqdn_override: - default: null - path: /neutron - scheme: rabbit - port: - amqp: - default: 5672 - http: - default: 15672 - neutron_rabbitmq_exporter: - namespace: openstack - hosts: - default: neutron-rabbitmq-exporter - host_fqdn_override: - default: null - path: - default: /metrics - scheme: - default: "http" - port: - metrics: - default: 9095 - network: - name: neutron - hosts: - default: neutron-server - public: neutron - host_fqdn_override: - default: null - public: network.DOMAIN - path: - default: null - scheme: - default: "http" - port: - api: - default: 9696 - public: 80 - nova_oslo_messaging: - namespace: openstack - hosts: - default: nova-rabbitmq - host_fqdn_override: - default: null - path: /nova - scheme: rabbit - port: - amqp: - default: 5672 - http: - default: 15672 - nova_rabbitmq_exporter: - namespace: openstack - hosts: - default: nova-rabbitmq-exporter - host_fqdn_override: - default: null - path: - default: /metrics - scheme: - default: "http" - port: - metrics: - default: 9095 - compute: - name: nova - hosts: - default: nova-api - public: nova - host_fqdn_override: - default: null - public: compute.DOMAIN - path: - default: "/v2/%(tenant_id)s" - scheme: - default: "http" - port: - api: - default: 8774 - public: 80 - novncproxy: - default: 6080 - compute_metadata: - name: nova - hosts: - default: nova-metadata - public: metadata - host_fqdn_override: - default: null - path: - default: / - scheme: - default: "http" - port: - metadata: - default: 8775 - public: 80 - compute_novnc_proxy: - name: nova - hosts: - default: nova-novncproxy - public: novncproxy - host_fqdn_override: - default: null - public: nova-novncproxy.DOMAIN - path: - default: /vnc_auto.html - scheme: - default: "http" - port: - novnc_proxy: - default: 6080 - compute_spice_proxy: - name: nova - hosts: - default: nova-spiceproxy - host_fqdn_override: - default: null - path: - default: /spice_auto.html - scheme: - default: "http" - port: - spice_proxy: - default: 6082 - placement: - name: placement - hosts: - default: placement-api - public: placement - host_fqdn_override: - default: null - path: - default: / - scheme: - default: "http" - port: - api: - default: 8778 - public: 80 - dashboard: - name: horizon - hosts: - default: horizon-int - public: horizon - host_fqdn_override: - default: null - public: dashboard.DOMAIN - path: - default: null - scheme: - default: "http" - port: - web: - default: 80 - barbican_oslo_messaging: - namespace: openstack - hosts: - default: barbican-rabbitmq - host_fqdn_override: - default: null - path: /barbican - scheme: rabbit - port: - amqp: - default: 5672 - http: - default: 15672 - barbican_rabbitmq_exporter: - namespace: openstack - hosts: - default: barbican-rabbitmq-exporter - host_fqdn_override: - default: null - path: - default: /metrics - scheme: - default: "http" - port: - metrics: - default: 9095 - key_manager: - name: barbican - hosts: - default: barbican-api - public: barbican - host_fqdn_override: - default: null - path: - default: /v1 - scheme: - default: "http" - port: - api: - default: 9311 - public: 80 -... ---- -schema: pegleg/EndpointCatalogue/v1 -metadata: - schema: metadata/Document/v1 - name: osh_infra_endpoints - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .domain.url - dest: - path: .osh_infra.kibana.host_fqdn_override.public - pattern: DOMAIN - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .domain.url - dest: - path: .osh_infra.grafana.host_fqdn_override.public - pattern: DOMAIN -data: - osh_infra: - elasticsearch: - name: elasticsearch - namespace: osh-infra - hosts: - data: elasticsearch-data - default: elasticsearch-logging - discovery: elasticsearch-discovery - public: elasticsearch - host_fqdn_override: - default: null - path: - default: null - scheme: - default: "http" - port: - http: - default: 80 - prometheus_elasticsearch_exporter: - namespace: null - hosts: - default: elasticsearch-exporter - host_fqdn_override: - default: null - path: - default: /metrics - scheme: - default: "http" - port: - metrics: - default: 9108 - fluentd: - namespace: osh-infra - name: fluentd - hosts: - default: fluentd-logging - host_fqdn_override: - default: null - path: - default: null - scheme: - default: "http" - port: - service: - default: 24224 - metrics: - default: 24220 - prometheus_fluentd_exporter: - namespace: osh-infra - hosts: - default: fluentd-exporter - host_fqdn_override: - default: null - path: - default: /metrics - scheme: - default: "http" - port: - metrics: - default: 9309 - oslo_db: - namespace: osh-infra - hosts: - default: mariadb - host_fqdn_override: - default: null - path: /DB_NAME - scheme: mysql+pymysql - port: - mysql: - default: 3306 - grafana: - name: grafana - namespace: osh-infra - hosts: - default: grafana-dashboard - public: grafana - host_fqdn_override: - default: null - public: grafana.DOMAIN - path: - default: null - scheme: - default: "http" - port: - grafana: - default: 3000 - monitoring: - name: prometheus - namespace: osh-infra - hosts: - default: prom-metrics - public: prometheus - host_fqdn_override: - default: null - path: - default: null - scheme: - default: "http" - port: - api: - default: 9090 - public: 80 - kibana: - name: kibana - namespace: osh-infra - hosts: - default: kibana-dash - public: kibana - host_fqdn_override: - default: null - public: kibana.DOMAIN - path: - default: null - scheme: - default: "http" - port: - kibana: - default: 5601 - alerts: - name: alertmanager - namespace: osh-infra - hosts: - default: alerts-engine - public: alertmanager - discovery: alertmanager-discovery - host_fqdn_override: - default: null - path: - default: null - scheme: - default: "http" - port: - api: - default: 9093 - public: 80 - mesh: - default: 6783 - kube_state_metrics: - namespace: kube-system - hosts: - default: kube-state-metrics - host_fqdn_override: - default: null - path: - default: null - scheme: - default: "http" - port: - http: - default: 8080 - kube_scheduler: - scheme: - default: "http" - path: - default: /metrics - kube_controller_manager: - scheme: - default: "http" - path: - default: /metrics - node_metrics: - namespace: kube-system - hosts: - default: node-exporter - host_fqdn_override: - default: null - path: - default: null - scheme: - default: "http" - port: - metrics: - default: 9100 - prometheus_port: - default: 9100 - prometheus_openstack_exporter: - namespace: openstack - hosts: - default: openstack-metrics - host_fqdn_override: - default: null - path: - default: null - scheme: - default: "http" - port: - exporter: - default: 9103 -... diff --git a/site30.yaml b/site30.yaml deleted file mode 100644 index 2bdb18b..0000000 --- a/site30.yaml +++ /dev/null @@ -1,282 +0,0 @@ ---- -############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -site_name: hp_akraino -ipmi_admin_password: Admin123 -networks: - bonded: yes - primary: bond0 - slaves: - - name: ens3f0 - - name: ens3f1 - oob: - vlan: 40 - interface: - cidr: 192.168.41.0/24 - routes: - gateway: 192.168.41.1 - ranges: - reserved: - start: 192.168.41.2 - end: 192.168.41.4 - static: - start: 192.168.41.5 - end: 192.168.41.254 - host: - vlan: 41 - interface: bond0.41 - cidr: 192.168.2.0/24 - routes: - gateway: 192.168.2.85 - ranges: - reserved: - start: 192.168.2.84 - end: 192.168.2.86 - static: - start: 192.168.2.1 - end: 192.168.2.83 - storage: - vlan: 42 - interface: bond0.42 - cidr: 172.31.1.0/24 - ranges: - reserved: - start: 172.31.1.1 - end: 172.31.1.10 - static: - start: 172.31.1.11 - end: 172.31.1.254 - pxe: - vlan: - interface: eno1 - cidr: 172.30.1.0/24 - gateway: 172.30.1.1 - ranges: - reserved: - start: 172.30.1.2 - end: 172.30.1.10 - static: - start: 172.30.1.11 - end: 172.30.1.200 - dhcp: - start: 172.30.1.201 - end: 172.30.1.254 - ksn: - vlan: 44 - interface: bond0.44 - cidr: 172.29.1.0/24 - local_asnumber: 65531 - ranges: - static: - start: 172.29.1.5 - end: 172.29.1.254 - additional_cidrs: - - 172.29.1.136/29 - ingress_cidr: 172.29.1.137/32 - peers: - - ip: 172.29.1.1 - scope: global - asnumber: 65001 - vrrp_ip: 172.29.1.1 # keep peers ip address in case of only peer. - neutron: - vlan: 45 - interface: bond0.45 - cidr: 10.0.101.0/24 - ranges: - reserved: - start: 10.0.101.1 - end: 10.0.101.10 - static: - start: 10.0.101.11 - end: 10.0.101.254 -sriovnets: -- physical: sriovnet1 - interface: ens6f0 - vlan_start: 100 - vlan_end: 4000 - whitelists: - "0000:af:02.0": "enp175s2" - "0000:af:02.1": "enp175s2f1" - "0000:af:03.2": "enp175s3f2" - "0000:af:03.3": "enp175s3f3" - "0000:af:03.4": "enp175s3f4" - "0000:af:03.5": "enp175s3f5" - "0000:af:03.6": "enp175s3f6" - "0000:af:03.7": "enp175s3f7" - "0000:af:04.0": "enp175s4" - "0000:af:04.1": "enp175s4f1" - "0000:af:04.2": "enp175s4f2" - "0000:af:04.3": "enp175s4f3" - "0000:af:02.2": "enp175s2f2" - "0000:af:04.4": "enp175s4f4" - "0000:af:04.5": "enp175s4f5" - "0000:af:04.6": "enp175s4f6" - "0000:af:04.7": "enp175s4f7" - "0000:af:05.0": "enp175s5" - "0000:af:05.1": "enp175s5f1" - "0000:af:05.2": "enp175s5f2" - "0000:af:05.3": "enp175s5f3" - "0000:af:05.4": "enp175s5f4" - "0000:af:05.5": "enp175s5f5" - "0000:af:02.3": "enp175s2f3" - "0000:af:05.6": "enp175s5f6" - "0000:af:05.7": "enp175s5f7" - "0000:af:02.4": "enp175s2f4" - "0000:af:02.5": "enp175s2f5" - "0000:af:02.6": "enp175s2f6" - "0000:af:02.7": "enp175s2f7" - "0000:af:03.0": "enp175s3" - "0000:af:03.1": "enp175s3f1" -- physical: sriovnet2 - interface: ens6f1 - vlan_start: 100 - vlan_end: 4000 - whitelists: - "0000:af:0a.0": "enp175s10" - "0000:af:0a.1": "enp175s10f1" - "0000:af:0b.2": "enp175s11f2" - "0000:af:0b.3": "enp175s11f3" - "0000:af:0b.4": "enp175s11f4" - "0000:af:0b.5": "enp175s11f5" - "0000:af:0b.6": "enp175s11f6" - "0000:af:0b.7": "enp175s11f7" - "0000:af:0c.0": "enp175s12" - "0000:af:0c.1": "enp175s12f1" - "0000:af:0c.2": "enp175s12f2" - "0000:af:0c.3": "enp175s12f3" - "0000:af:0a.2": "enp175s10f2" - "0000:af:0c.4": "enp175s12f4" - "0000:af:0c.5": "enp175s12f5" - "0000:af:0c.6": "enp175s12f6" - "0000:af:0c.7": "enp175s12f7" - "0000:af:0d.0": "enp175s13" - "0000:af:0d.1": "enp175s13f1" - "0000:af:0d.2": "enp175s13f2" - "0000:af:0d.3": "enp175s13f3" - "0000:af:0d.4": "enp175s13f4" - "0000:af:0d.5": "enp175s13f5" - "0000:af:0a.3": "enp175s10f3" - "0000:af:0d.6": "enp175s13f6" - "0000:af:0d.7": "enp175s13f7" - "0000:af:0a.4": "enp175s10f4" - "0000:af:0a.5": "enp175s10f5" - "0000:af:0a.6": "enp175s10f6" - "0000:af:0a.7": "enp175s10f7" - "0000:af:0b.0": "enp175s11" - "0000:af:0b.1": "enp175s11f1" -storage: - osds: - - data: /dev/sdb - journal: /var/lib/openstack-helm/ceph/journal0/osd/journal-sdb - - data: /dev/sdc - journal: /var/lib/openstack-helm/ceph/journal1/osd/journal-sdc - - data: /dev/sdd - journal: /var/lib/openstack-helm/ceph/journal0/osd/journal-sdd - - data: /dev/sde - journal: /var/lib/openstack-helm/ceph/journal1/osd/journal-sde - - data: /dev/sdf - journal: /var/lib/openstack-helm/ceph/journal0/osd/journal-sdf - - data: /dev/sdg - journal: /var/lib/openstack-helm/ceph/journal1/osd/journal-sdg - - data: /dev/sdg - journal: /var/lib/openstack-helm/ceph/journal0/osd/journal-sdh - - data: /dev/sdi - journal: /var/lib/openstack-helm/ceph/journal1/osd/journal-sdi - - data: /dev/sdk - journal: /var/lib/openstack-helm/ceph/journal0/osd/journal-sdk - osd_count: 9 -genesis: - name: csonjrsv30 - oob: 192.168.41.30 - host: 192.168.2.30 - storage: 172.31.1.30 - pxe: 172.30.1.30 - ksn: 172.29.1.30 - neutron: 10.0.101.30 -masters: - - name : csonjrsv31 - - name : csonjrsv32 -workers: - - name : csonjrsv33 - - name : csonjrsv34 -servers: - - name : csonjrsv31 - oob: 192.168.41.31 - host: 192.168.2.31 - storage: 172.31.1.31 - pxe: 172.30.1.31 - ksn: 172.29.1.31 - neutron: 10.0.101.31 - - name : csonjrsv32 - oob: 192.168.41.32 - host: 192.168.2.32 - storage: 172.31.1.32 - pxe: 172.30.1.32 - ksn: 172.29.1.32 - neutron: 10.0.101.32 - - name : csonjrsv33 - oob: 192.168.41.33 - host: 192.168.2.33 - storage: 172.31.1.33 - pxe: 172.30.1.33 - ksn: 172.29.1.33 - neutron: 10.0.101.33 - - name : csonjrsv34 - oob: 192.168.41.34 - host: 192.168.2.34 - storage: 172.31.1.34 - pxe: 172.30.1.34 - ksn: 172.29.1.34 - neutron: 10.0.101.34 -hardware: - vendor: HP - generation: '10' - hw_version: '3' - bios_version: '2.8' -disks: - - name : sdj - labels: - bootdrive: 'true' - partitions: - - name: root - size: 20g - mountpoint: / - - name: boot - size: 1g - mountpoint: /boot - - name: var - size: 100g - mountpoint: /var - - name : sdb - partitions: - - name: cephj0 - size: 100g - mountpoint: /var/lib/openstack-helm/ceph/journal0 - - name : sdc - partitions: - - name: cephj1 - size: 100g - mountpoint: /var/lib/openstack-helm/ceph/journal1 -genesis_ssh_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/n4mNLAj3XKG2fcm+8eVe0NUlNH0g8DA8KJ53rSLKccm8gm4UgLmGOJyBfUloQZMuOpU6a+hexN4ECCliqI7+KUmgJgsvLkJ3OUMNTEVu9tDX5mdXeffsufaqFkAdmbJ/9PMPiPQ3/UqbbtyEcqoZAwUWf4ggAWSp00SGE1Okg+skPSbDzPVHb4810eXZT1yoIg29HAenJNNrsVxvnMT2kw2OYmLfxgEUh1Ev4c5LnUog4GXBDHQtHAwaIoTu9s/q8VIvGav62RJVFn3U1D0jkiwDLSIFn8ezORQ4YkSidwdSrtqsqa2TJ0E5w/n5h5IVGO9neY8YlXrgynLd4Y+7 root@pocnjrsv132" -kubernetes: - api_service_ip: 10.96.0.1 - etcd_service_ip: 10.96.0.2 - pod_cidr: 10.99.0.0/16 - service_cidr: 10.96.0.0/15 -regional_server: - ip: 135.16.101.85 -... diff --git a/templates/aic-clcp-manifests/software/charts/kubernetes/container-networking/calico.j2 b/templates/aic-clcp-manifests/software/charts/kubernetes/container-networking/calico.j2 deleted file mode 100644 index 485d487..0000000 --- a/templates/aic-clcp-manifests/software/charts/kubernetes/container-networking/calico.j2 +++ /dev/null @@ -1,163 +0,0 @@ ---- -############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-calico - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: kubernetes-calico-global - actions: - - method: delete - path: .values.calico - - method: delete - path: .values.etcd - - method: merge - path: . - storagePolicy: cleartext - substitutions: - # IP addresses - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .calico.etcd.service_ip - dest: - path: .values.endpoints.etcd.host_fqdn_override.default - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.pod_cidr - dest: - path: .values.networking.podSubnet - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.api_service_ip - dest: - path: .values.conf.policy_controller.K8S_API - pattern: SUB_KUBERNETES_IP - - # Other site-specific configuration - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .calico.ip_autodetection_method - dest: - path: .values.conf.node.IP_AUTODETECTION_METHOD - - # Certificates - - - src: - schema: deckhand/CertificateAuthority/v1 - name: calico-etcd - path: . - dest: - path: .values.endpoints.etcd.auth.client.tls.ca - - - src: - schema: deckhand/Certificate/v1 - name: calico-node - path: . - dest: - path: .values.endpoints.etcd.auth.client.tls.crt - - - src: - schema: deckhand/CertificateKey/v1 - name: calico-node - path: . - dest: - path: .values.endpoints.etcd.auth.client.tls.key -data: - chart_name: calico - release: calico - namespace: kube-system - timeout: 600 - upgrade: - no_hooks: true - values: - conf: - cni_network_config: - name: k8s-pod-network - cniVersion: 0.1.0 - type: calico - etcd_endpoints: __ETCD_ENDPOINTS__ - etcd_ca_cert_file: /etc/calico/pki/ca - etcd_cert_file: /etc/calico/pki/crt - etcd_key_file: /etc/calico/pki/key - log_level: info - mtu: 1500 - ipam: - type: calico-ipam - policy: - type: k8s - k8s_api_root: https://__KUBERNETES_SERVICE_HOST__:__KUBERNETES_SERVICE_PORT__ - k8s_auth_token: __SERVICEACCOUNT_TOKEN__ - - policy_controller: - K8S_API: "https://SUB_KUBERNETES_IP:443" - - node: - CALICO_STARTUP_LOGLEVEL: INFO - CLUSTER_TYPE: - - k8s - - bgp - WAIT_FOR_STORAGE: "true" - - endpoints: - etcd: - hosts: - default: calico-etcd - scheme: - default: https - - networking: - mtu: 1500 - settings: - mesh: "off" - ippool: - ipip: - enabled: "false" - mode: "cross-subnet" - bgp: - asnumber: {{yaml.networks.ksn.local_asnumber}} - ipv4: - additional_cidrs: -{% for add_cidr in yaml.networks.ksn.additional_cidrs %} - - {{add_cidr}} -{% endfor %} - peers: -{% for peer in yaml.networks.ksn.peers %} - - apiVersion: v1 - kind: bgpPeer - metadata: - peerIP: {{peer.ip}} - scope: {{peer.scope}} - spec: - asnumber: {{peer.asnumber}} -{% endfor %} - manifests: - daemonset_calico_etcd: false - job_image_repo_sync: false - service_calico_etcd: false -... diff --git a/templates/aic-clcp-manifests/software/charts/ucp/ceph/promenade/promenade.j2 b/templates/aic-clcp-manifests/software/charts/ucp/ceph/promenade/promenade.j2 deleted file mode 100644 index 743fc84..0000000 --- a/templates/aic-clcp-manifests/software/charts/ucp/ceph/promenade/promenade.j2 +++ /dev/null @@ -1,48 +0,0 @@ ---- -############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-promenade - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: ucp-promenade-global - actions: - - method: merge - path: . - storagePolicy: cleartext -data: - values: - pod: - env: - promenade_api: - - name: http_proxy - value: http://one.proxy.att.com:8888 - - name: https_proxy - value: http://one.proxy.att.com:8888 - - name: no_proxy - value: {{yaml.genesis.pxe}},{{yaml.kubernetes.api_service_ip}},.cluster.local - - name: HTTP_PROXY - value: http://one.proxy.att.com:8888 - - name: HTTPS_PROXY - value: http://one.proxy.att.com:8888 - - name: NO_PROXY - value: {{yaml.genesis.pxe}},{{yaml.kubernetes.api_service_ip}},.cluster.local -... diff --git a/templates/aic-clcp-security-manifests/secrets/passphrases/ipmi_admin_password.j2 b/templates/aic-clcp-security-manifests/secrets/passphrases/ipmi_admin_password.j2 deleted file mode 100644 index 9a3aa97..0000000 --- a/templates/aic-clcp-security-manifests/secrets/passphrases/ipmi_admin_password.j2 +++ /dev/null @@ -1,27 +0,0 @@ ---- -############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ipmi_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: {{yaml.ipmi_admin_password}} -... diff --git a/templates/aic-clcp-security-manifests/site-definition.j2 b/templates/aic-clcp-security-manifests/site-definition.j2 deleted file mode 100644 index 92c7e87..0000000 --- a/templates/aic-clcp-security-manifests/site-definition.j2 +++ /dev/null @@ -1,27 +0,0 @@ ---- -############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -data: - revision: v4.0 - site_type: 5ec -metadata: - layeringDefinition: {abstract: false, layer: site} - name: {{yaml.site_name}} - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: pegleg/SiteDefinition/v1 -... diff --git a/templates/baremetal/bootaction-sriov-blacklist.j2 b/templates/baremetal/bootaction-sriov-blacklist.j2 new file mode 100644 index 0000000..2ad6637 --- /dev/null +++ b/templates/baremetal/bootaction-sriov-blacklist.j2 @@ -0,0 +1,42 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: 'drydock/BootAction/v1' +metadata: + schema: 'metadata/Document/v1' + name: i40evf_blacklist + storagePolicy: 'cleartext' + layeringDefinition: + abstract: false + layer: site + labels: + application: 'drydock' +data: + signaling: false + node_filter: + filter_set_type: 'union' + filter_set: + - filter_type: 'union' + assets: + - path: /etc/modprobe.d/sriov_blacklist.conf + type: file + permissions: '644' + data_pipeline: + - utf8_decode + data: | + blacklist i40evf +... diff --git a/templates/aic-clcp-manifests/baremetal/bootaction.j2 b/templates/baremetal/calico-ip-rules.j2 similarity index 71% rename from templates/aic-clcp-manifests/baremetal/bootaction.j2 rename to templates/baremetal/calico-ip-rules.j2 index 6b63344..328a1b6 100644 --- a/templates/aic-clcp-manifests/baremetal/bootaction.j2 +++ b/templates/baremetal/calico-ip-rules.j2 @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -15,50 +15,6 @@ # limitations under the License. # ############################################################################## -schema: 'drydock/BootAction/v1' -metadata: - schema: 'metadata/Document/v1' - name: promjoin - storagePolicy: 'cleartext' - layeringDefinition: - abstract: false - layer: site - labels: - application: 'drydock' -data: - node_filter: - filter_set_type: 'union' - filter_set: - - filter_type: 'union' - node_names: -{% for server in yaml.servers %} - - '{{server.name}}' -{% endfor %} -{% raw %} # TODO(alanmeadows) move what is global about this document - everything except nodenames to global - assets: - - path: /opt/promjoin.sh - type: file - permissions: '555' - # TODO(alanmeadows) You must replace the ip= parameter below with the appropriate MaaS network name of the network - # you should use to contact kubernetes in the case below, this is cab24_mgmt - location: promenade+http://promenade-api.ucp.svc.cluster.local/api/v1.0/join-scripts?design_ref={{ action.design_ref | urlencode }}&hostname={{ node.hostname }}{% if 'ksn' in node.network %}&ip={{ node.network.ksn.ip }}{% endif %}{% for k, v in node.labels.items() %}&labels.dynamic={{ k }}={{ v }}{% endfor %} - location_pipeline: - - template - data_pipeline: - - utf8_decode - - path: /lib/systemd/system/promjoin.service - type: unit - permissions: '600' - data: |- - W1VuaXRdCkRlc2NyaXB0aW9uPVByb21lbmFkZSBJbml0aWFsaXphdGlvbiBTZXJ2aWNlCkFmdGVy - PW5ldHdvcmstb25saW5lLnRhcmdldCBsb2NhbC1mcy50YXJnZXQKQ29uZGl0aW9uUGF0aEV4aXN0 - cz0hL3Zhci9saWIvcHJvbS5kb25lCgpbU2VydmljZV0KVHlwZT1zaW1wbGUKRXhlY1N0YXJ0PS9v - cHQvcHJvbWpvaW4uc2gKCltJbnN0YWxsXQpXYW50ZWRCeT1tdWx0aS11c2VyLnRhcmdldAo= - data_pipeline: - - base64_decode - - utf8_decode -{% endraw %} ---- schema: 'drydock/BootAction/v1' metadata: schema: 'metadata/Document/v1' @@ -201,24 +157,4 @@ data: lookup "${TABLE}" \ pref 10100 fi ---- -schema: 'drydock/BootAction/v1' -metadata: - schema: 'metadata/Document/v1' - name: i40evf_blacklist - storagePolicy: 'cleartext' - layeringDefinition: - abstract: false - layer: site - labels: - application: 'drydock' -data: - assets: - - path: /etc/modprobe.d/sriov_blacklist.conf - type: file - permissions: '644' - data_pipeline: - - utf8_decode - data: | - blacklist i40evf ... diff --git a/templates/baremetal/promjoin.j2 b/templates/baremetal/promjoin.j2 new file mode 100644 index 0000000..c28363d --- /dev/null +++ b/templates/baremetal/promjoin.j2 @@ -0,0 +1,65 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: 'drydock/BootAction/v1' +metadata: + schema: 'metadata/Document/v1' + name: promjoin + storagePolicy: 'cleartext' + layeringDefinition: + abstract: false + layer: site + labels: + application: 'drydock' +data: + signaling: false + node_filter: + filter_set_type: 'union' + filter_set: + - filter_type: 'union' + node_names: +{% for server in yaml.masters %} + - '{{server.name}}' +{% endfor %} +{% for server in yaml.workers %} + - '{{server.name}}' +{% endfor %} +{% raw %} # TODO(alanmeadows) move what is global about this document - everything except nodenames to global + assets: + - path: /opt/promjoin.sh + type: file + permissions: '555' + # TODO(alanmeadows) You must replace the ip= parameter below with the appropriate MaaS network name of the network + # you should use to contact kubernetes in the case below, this is cab24_mgmt + location: promenade+http://promenade-api.ucp.svc.cluster.local/api/v1.0/join-scripts?design_ref={{ action.design_ref | urlencode }}&hostname={{ node.hostname }}&ip={{ node.network.calico.ip }}{% for k, v in node.labels.items() %}&labels.dynamic={{ k }}={{ v }}{% endfor %} + location_pipeline: + - template + data_pipeline: + - utf8_decode + - path: /lib/systemd/system/promjoin.service + type: unit + permissions: '600' + data: |- + W1VuaXRdCkRlc2NyaXB0aW9uPVByb21lbmFkZSBJbml0aWFsaXphdGlvbiBTZXJ2aWNlCkFmdGVy + PW5ldHdvcmstb25saW5lLnRhcmdldCBsb2NhbC1mcy50YXJnZXQKQ29uZGl0aW9uUGF0aEV4aXN0 + cz0hL3Zhci9saWIvcHJvbS5kb25lCgpbU2VydmljZV0KVHlwZT1zaW1wbGUKRXhlY1N0YXJ0PS9v + cHQvcHJvbWpvaW4uc2gKCltJbnN0YWxsXQpXYW50ZWRCeT1tdWx0aS11c2VyLnRhcmdldAo= + data_pipeline: + - base64_decode + - utf8_decode +{% endraw %} +... diff --git a/templates/aic-clcp-manifests/baremetal/rack.j2 b/templates/baremetal/rack.j2 similarity index 62% rename from templates/aic-clcp-manifests/baremetal/rack.j2 rename to templates/baremetal/rack.j2 index 22f0039..b6e6620 100644 --- a/templates/aic-clcp-manifests/baremetal/rack.j2 +++ b/templates/baremetal/rack.j2 @@ -1,5 +1,7 @@ +{% for server in yaml.masters %} +--- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -13,9 +15,6 @@ # See the License for the specific language governing permissions and # # limitations under the License. # ############################################################################## - -{% for server in yaml.servers %} ---- schema: 'drydock/BaremetalNode/v1' metadata: schema: 'metadata/Document/v1' @@ -25,30 +24,65 @@ metadata: layer: site storagePolicy: cleartext data: - host_profile: MyControlPlane_HP + host_profile: ControlPlane # the hostname for a server, could be used in multiple DNS domains to # represent different interfaces addressing: # Which network the address applies to. If a network appears in addressing # that isn't assigned to an interface, design validation will fail + - network: oob + address: {{server.oob}} - network: pxe # The address assigned. Either a explicit IPv4 or IPv6 address # or dhcp or slaac address: {{server.pxe}} - network: oam address: {{server.host}} - - network: ksn - address: {{server.ksn}} - network: storage address: {{server.storage}} - network: overlay address: {{server.neutron}} + - network: calico + address: {{server.ksn}} + metadata: + rack: RACK01 + tags: + - 'masters' +{% endfor %} +{% for server in yaml.workers %} +--- +schema: 'drydock/BaremetalNode/v1' +metadata: + schema: 'metadata/Document/v1' + name: {{server.name}} + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + host_profile: ComputePlane + # the hostname for a server, could be used in multiple DNS domains to + # represent different interfaces + addressing: + # Which network the address applies to. If a network appears in addressing + # that isn't assigned to an interface, design validation will fail - network: oob address: {{server.oob}} + - network: pxe + # The address assigned. Either a explicit IPv4 or IPv6 address + # or dhcp or slaac + address: {{server.pxe}} + - network: oam + address: {{server.host}} + - network: storage + address: {{server.storage}} + - network: overlay + address: {{server.neutron}} + - network: calico + address: {{server.ksn}} metadata: - rack: rack01 + rack: RACK01 tags: - - 'masters' + - 'workers' {% endfor %} ... - diff --git a/templates/aic-clcp-manifests/networks/common-addresses.j2 b/templates/networks/common-addresses.j2 similarity index 71% rename from templates/aic-clcp-manifests/networks/common-addresses.j2 rename to templates/networks/common-addresses.j2 index 2f00c5f..c38ca28 100644 --- a/templates/aic-clcp-manifests/networks/common-addresses.j2 +++ b/templates/networks/common-addresses.j2 @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -33,11 +33,11 @@ data: cluster_domain: cluster.local service_ip: 10.96.0.10 upstream_servers: - - 135.37.9.16 - - 135.38.244.16 - - 135.188.34.84 - upstream_servers_joined: 135.37.9.16,135.38.244.16,135.53.34.84 - +{% for server in yaml.dns.upstream_servers %} + - {{server}} +{% endfor %} + upstream_servers_joined: '{{yaml.dns.upstream_servers_joined}}' + ingress_domain: {{yaml.dns.ingress_domain}} genesis: hostname: {{yaml.genesis.name}} ip: {{yaml.genesis.ksn}} @@ -52,7 +52,7 @@ data: service_cidr: {{yaml.kubernetes.service_cidr}} apiserver_port: 6443 haproxy_port: 6553 - service_node_port_range: 30000-35357 + service_node_port_range: 30000-32767 etcd: container_port: 2379 @@ -63,25 +63,32 @@ data: - hostname: {{master.name}} {% endfor %} - workers: -{% for worker in yaml.workers %} - - hostname: {{worker.name}} -{% endfor %} - proxy: - http: http://one.proxy.att.com:8080 - https: http://one.proxy.att.com:8080 - no_proxy: '{{yaml.kubernetes.api_service_ip}},*.cluster.local,{{yaml.genesis.host}}{%for server in yaml.servers%},{{server.host}}{% endfor %}' + http: "" + https: "" + no_proxy: [] node_ports: drydock_api: 30000 maas_api: 30001 - maas_proxy: 31800 # hardcoded in maas + maas_proxy: 31800 # hardcoded in MAAS shipyard_api: 30003 airflow_web: 30004 ntp: - servers_joined: '135.25.154.100' + servers_joined: '0.ubuntu.pool.ntp.org,1.ubuntu.pool.ntp.org,2.ubuntu.pool.ntp.org' + + # Used for FQDN setup/definition + domain: + url: {{yaml.site_name}}.lab.akraino.org + + ldap: + base_url: 'its-a-ldap.example.com' + url: 'ldap://its-a-ldap.example.com' + auth_path: DC=test,DC=test,DC=com?sAMAccountName?sub?memberof=CN=test,OU=Application,OU=Groups,DC=test,DC=test,DC=com + common_name: AP-NC_Test_Users + subdomain: testitservices + domain: example storage: ceph: @@ -90,8 +97,8 @@ data: neutron: tunnel_device: '{{yaml.networks.neutron.interface}}' - external_iface: '{{yaml.networks.neutron.interface}}' + external_iface: '{{yaml.networks.primary}}' openvswitch: - external_iface: '{{yaml.networks.neutron.interface}}' + external_iface: '{{yaml.networks.primary}}' ... diff --git a/templates/aic-clcp-manifests/networks/physical/rack.j2 b/templates/networks/physical/rack.j2 similarity index 91% rename from templates/aic-clcp-manifests/networks/physical/rack.j2 rename to templates/networks/physical/rack.j2 index 86cb116..ff259a4 100644 --- a/templates/aic-clcp-manifests/networks/physical/rack.j2 +++ b/templates/networks/physical/rack.j2 @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -28,7 +28,7 @@ data: noconfig: enabled bonding: mode: disabled - mtu: 1500 + mtu: 9000 linkspeed: auto trunking: mode: disabled @@ -50,7 +50,6 @@ data: routes: - subnet: '0.0.0.0/0' gateway: {{yaml.networks.oob.routes.gateway}} - metric: 100 ranges: - type: static start: {{yaml.networks.oob.ranges.static.start}} @@ -86,8 +85,10 @@ metadata: layer: site storagePolicy: cleartext data: - routedomain: provisioning cidr: {{yaml.networks.pxe.cidr}} + routes: + - subnet: '0.0.0.0/0' + gateway: {{yaml.networks.pxe.routes.gateway}} ranges: - type: reserved start: {{yaml.networks.pxe.ranges.reserved.start}} @@ -98,6 +99,9 @@ data: - type: dhcp start: {{yaml.networks.pxe.ranges.dhcp.start}} end: {{yaml.networks.pxe.ranges.dhcp.end}} + dns: + domain: {{yaml.networks.pxe.dns.domain}} + servers: '{{yaml.networks.pxe.dns.servers}}' ... --- schema: 'drydock/NetworkLink/v1' @@ -128,7 +132,7 @@ data: - oam - storage - overlay - - ksn + - calico ... --- schema: 'drydock/Network/v1' @@ -141,11 +145,11 @@ metadata: storagePolicy: cleartext data: vlan: '{{yaml.networks.host.vlan}}' + mtu: 9000 cidr: {{yaml.networks.host.cidr}} routes: - subnet: '0.0.0.0/0' gateway: {{yaml.networks.host.routes.gateway}} - metric: 100 ranges: - type: reserved start: {{yaml.networks.host.ranges.reserved.start}} @@ -153,6 +157,9 @@ data: - type: static start: {{yaml.networks.host.ranges.static.start}} end: {{yaml.networks.host.ranges.static.end}} + dns: + domain: {{yaml.networks.host.dns.domain}} + servers: '{{yaml.networks.host.dns.servers}}' ... --- schema: 'drydock/Network/v1' @@ -168,9 +175,6 @@ data: mtu: 9000 cidr: {{yaml.networks.storage.cidr}} ranges: - - type: reserved - start: {{yaml.networks.storage.ranges.reserved.start}} - end: {{yaml.networks.storage.ranges.reserved.end}} - type: static start: {{yaml.networks.storage.ranges.static.start}} end: {{yaml.networks.storage.ranges.static.end}} @@ -179,38 +183,35 @@ data: schema: 'drydock/Network/v1' metadata: schema: 'metadata/Document/v1' - name: ksn + name: overlay layeringDefinition: abstract: false layer: site storagePolicy: cleartext data: - vlan: '44' + vlan: '{{yaml.networks.neutron.vlan}}' mtu: 9000 - cidr: {{yaml.networks.ksn.cidr}} + cidr: {{yaml.networks.neutron.cidr}} ranges: - type: static - start: {{yaml.networks.ksn.ranges.static.start}} - end: {{yaml.networks.ksn.ranges.static.end}} + start: {{yaml.networks.neutron.ranges.static.start}} + end: {{yaml.networks.neutron.ranges.static.end}} ... --- schema: 'drydock/Network/v1' metadata: schema: 'metadata/Document/v1' - name: overlay + name: calico layeringDefinition: abstract: false layer: site storagePolicy: cleartext data: - vlan: '{{yaml.networks.neutron.vlan}}' + vlan: '{{yaml.networks.ksn.vlan}}' mtu: 9000 - cidr: {{yaml.networks.neutron.cidr}} + cidr: {{yaml.networks.ksn.cidr}} ranges: - - type: reserved - start: {{yaml.networks.neutron.ranges.reserved.start}} - end: {{yaml.networks.neutron.ranges.reserved.end}} - type: static - start: {{yaml.networks.neutron.ranges.static.start}} - end: {{yaml.networks.neutron.ranges.static.end}} + start: {{yaml.networks.ksn.ranges.static.start}} + end: {{yaml.networks.ksn.ranges.static.end}} ... diff --git a/templates/aic-clcp-manifests/pki/pki-catalog.j2 b/templates/pki/pki-catalog.j2 similarity index 87% rename from templates/aic-clcp-manifests/pki/pki-catalog.j2 rename to templates/pki/pki-catalog.j2 index b6dd258..17e18f1 100644 --- a/templates/aic-clcp-manifests/pki/pki-catalog.j2 +++ b/templates/pki/pki-catalog.j2 @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -43,7 +43,7 @@ data: - {{yaml.genesis.name}} - {{yaml.genesis.host}} - {{yaml.genesis.ksn}} - - {{yaml.genesis.storage}} + - {{yaml.genesis.pxe}} groups: - system:nodes - document_name: kubelet-{{yaml.genesis.name}} @@ -52,17 +52,28 @@ data: - {{yaml.genesis.name}} - {{yaml.genesis.host}} - {{yaml.genesis.ksn}} - - {{yaml.genesis.storage}} + - {{yaml.genesis.pxe}} groups: - system:nodes -{% for server in yaml.servers %} +{% for server in yaml.masters %} - document_name: kubelet-{{ server.name }} common_name: system:node:{{ server.name }} hosts: - {{server.name}} - {{server.host}} - {{server.ksn}} - - {{server.storage}} + - {{server.pxe}} + groups: + - system:nodes +{% endfor %} +{% for server in yaml.workers %} + - document_name: kubelet-{{ server.name }} + common_name: system:node:{{ server.name }} + hosts: + - {{server.name}} + - {{server.host}} + - {{server.ksn}} + - {{server.pxe}} groups: - system:nodes {% endfor %} @@ -96,7 +107,7 @@ data: - {{yaml.genesis.name}} - {{yaml.genesis.host}} - {{yaml.genesis.ksn}} - - {{yaml.genesis.storage}} + - {{yaml.genesis.pxe}} - 127.0.0.1 - localhost - kubernetes-etcd.kube-system.svc.cluster.local @@ -107,19 +118,19 @@ data: - {{yaml.genesis.name}} - {{yaml.genesis.host}} - {{yaml.genesis.ksn}} - - {{yaml.genesis.storage}} + - {{yaml.genesis.pxe}} - 127.0.0.1 - localhost - kubernetes-etcd.kube-system.svc.cluster.local - {{yaml.kubernetes.etcd_service_ip}} -{% for server in yaml.servers %} +{% for server in yaml.masters %} - document_name: kubernetes-etcd-{{ server.name }} common_name: kubernetes-etcd-{{ server.name }} hosts: - {{ server.name }} - {{server.host}} - {{server.ksn}} - - {{server.storage}} + - {{server.pxe}} - 127.0.0.1 - localhost - kubernetes-etcd.kube-system.svc.cluster.local @@ -133,7 +144,7 @@ data: - {{yaml.genesis.name}} - {{yaml.genesis.host}} - {{yaml.genesis.ksn}} - - {{yaml.genesis.storage}} + - {{yaml.genesis.pxe}} - 127.0.0.1 - localhost - kubernetes-etcd.kube-system.svc.cluster.local @@ -144,19 +155,19 @@ data: - {{yaml.genesis.name}} - {{yaml.genesis.host}} - {{yaml.genesis.ksn}} - - {{yaml.genesis.storage}} + - {{yaml.genesis.pxe}} - 127.0.0.1 - localhost - kubernetes-etcd.kube-system.svc.cluster.local - {{yaml.kubernetes.etcd_service_ip}} -{% for server in yaml.servers %} +{% for server in yaml.masters %} - document_name: kubernetes-etcd-{{server.name}}-peer common_name: kubernetes-etcd-{{server.name}}-peer hosts: - {{server.name}} - {{server.host}} - {{server.ksn}} - - {{server.storage}} + - {{server.pxe}} - 127.0.0.1 - localhost - kubernetes-etcd.kube-system.svc.cluster.local @@ -174,18 +185,18 @@ data: - {{yaml.genesis.name}} - {{yaml.genesis.host}} - {{yaml.genesis.ksn}} - - {{yaml.genesis.storage}} + - {{yaml.genesis.pxe}} - 127.0.0.1 - localhost - 10.96.232.136 -{% for server in yaml.servers %} +{% for server in yaml.masters %} - document_name: calico-etcd-{{server.name}} common_name: calico-etcd-{{server.name}} hosts: - {{server.name}} - {{server.host}} - {{server.ksn}} - - {{server.storage}} + - {{server.pxe}} - 127.0.0.1 - localhost - 10.96.232.136 @@ -201,22 +212,24 @@ data: - {{yaml.genesis.name}} - {{yaml.genesis.host}} - {{yaml.genesis.ksn}} - - {{yaml.genesis.storage}} + - {{yaml.genesis.pxe}} - 127.0.0.1 - localhost - 10.96.232.136 -{% for server in yaml.servers %} +{% for server in yaml.masters %} - document_name: calico-etcd-{{server.name}}-peer common_name: calico-etcd-{{server.name}}-peer hosts: - {{server.name}} - {{server.host}} - {{server.ksn}} - - {{server.storage}} + - {{server.pxe}} - 127.0.0.1 - localhost - 10.96.232.136 {% endfor %} + - document_name: calico-node-peer + common_name: calcico-node-peer keypairs: - name: service-account description: Service account signing key for use by Kubernetes controller-manager. diff --git a/templates/aic-clcp-manifests/profiles/hardware/generic.j2 b/templates/profiles/hardware/generic.j2 similarity index 95% rename from templates/aic-clcp-manifests/profiles/hardware/generic.j2 rename to templates/profiles/hardware/generic.j2 index 1317f4a..78ae3e2 100644 --- a/templates/aic-clcp-manifests/profiles/hardware/generic.j2 +++ b/templates/profiles/hardware/generic.j2 @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/templates/profiles/host/compute-r01.j2 b/templates/profiles/host/compute-r01.j2 new file mode 100644 index 0000000..be609de --- /dev/null +++ b/templates/profiles/host/compute-r01.j2 @@ -0,0 +1,113 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: drydock/HostProfile/v1 +metadata: + schema: metadata/Document/v1 + name: ComputePlane + storagePolicy: cleartext + labels: + hosttype: ComputePlane + layeringDefinition: + abstract: false + layer: site + substitutions: + - dest: + path: .oob.credential + src: + schema: deckhand/Passphrase/v1 + name: ipmi_admin_password + path: . +data: + hardware_profile: DELL_HP_Generic + oob: + type: 'ipmi' + network: 'oob' + account: '{{yaml.ipmi_admin.username}}' + primary_network: 'oam' + hardware_profile: DELL_HP_Generic + interfaces: + pxe: + device_link: pxe + slaves: + - '{{yaml.networks.pxe.interface}}' + networks: + - 'pxe' + bond0: + device_link: bond0 + slaves: +{% for slave in yaml.networks.slaves %} + - '{{ slave.name }}' +{% endfor %} + networks: + - 'oam' + - 'storage' + - 'overlay' + - 'calico' + p1p1: + slaves: + - 'sriov_nic01' + sriov: + vf_count: 32 # Currently ignored + trustedmode: false + p3p2: + slaves: + - 'sriov_nic02' + sriov: + vf_count: 32 # Currently ignored + trustedmode: false + storage: + physical_devices: +{% for disk in yaml.disks_compute %} + {{disk.name}}: + {% if disk.labels %} + labels: + {% for key, value in disk.labels.items() %} + {{key}}: '{{value}}' + {% endfor %} + {% endif %} + partitions: + {% for p in disk.partitions %} + - name: '{{p.name}}' + size: '{{p.size}}' + filesystem: + mountpoint: '{{p.mountpoint}}' + fstype: 'ext4' + mount_options: 'defaults' + {% endfor %} +{% endfor %} + platform: + image: 'xenial' + kernel: 'hwe-16.04' + kernel_params: + console: 'ttyS1,115200n8' + intel_iommu: 'on' + iommu: 'pt' + amd_iommu: 'on' + transparent_hugepage: 'never' + hugepagesz: 'hardwareprofile:hugepages.dpdk.size' + hugepages: 'hardwareprofile:hugepages.dpdk.count' + default_hugepagesz: 'hardwareprofile:hugepages.dpdk.size' + isolcpus: 'hardwareprofile:cpuset.kvm' + metadata: + owner_data: + openstack-nova-compute: enabled + openvswitch: enabled + openstack-libvirt: kernel + sriov: enabled + beta.kubernetes.io/fluentd-ds-ready: 'true' +... diff --git a/templates/aic-clcp-manifests/profiles/host/mycontrolplane_hp.j2 b/templates/profiles/host/cp-r01.j2 similarity index 82% rename from templates/aic-clcp-manifests/profiles/host/mycontrolplane_hp.j2 rename to templates/profiles/host/cp-r01.j2 index 822e2b4..e59df91 100644 --- a/templates/aic-clcp-manifests/profiles/host/mycontrolplane_hp.j2 +++ b/templates/profiles/host/cp-r01.j2 @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -18,10 +18,10 @@ schema: drydock/HostProfile/v1 metadata: schema: metadata/Document/v1 - name: MyControlPlane_HP + name: ControlPlane storagePolicy: cleartext labels: - hosttype: MyControlPlane_HP + hosttype: ControlPlane layeringDefinition: abstract: false layer: site @@ -36,14 +36,14 @@ data: oob: type: 'ipmi' network: 'oob' - account: 'administrator' + account: '{{yaml.ipmi_admin.username}}' primary_network: 'oam' hardware_profile: DELL_HP_Generic interfaces: pxe: device_link: pxe slaves: - - 'eno1' + - '{{yaml.networks.pxe.interface}}' networks: - 'pxe' bond0: @@ -56,7 +56,19 @@ data: - 'oam' - 'storage' - 'overlay' - - 'ksn' + - 'calico' + p1p1: + slaves: + - 'sriov_nic01' + sriov: + vf_count: 32 # Currently ignored + trustedmode: false + p3p2: + slaves: + - 'sriov_nic02' + sriov: + vf_count: 32 # Currently ignored + trustedmode: false storage: physical_devices: {% for disk in yaml.disks %} @@ -82,6 +94,14 @@ data: kernel: 'hwe-16.04' kernel_params: console: 'ttyS1,115200n8' + intel_iommu: 'on' + iommu: 'pt' + amd_iommu: 'on' + transparent_hugepage: 'never' + hugepagesz: 'hardwareprofile:hugepages.dpdk.size' + hugepages: 'hardwareprofile:hugepages.dpdk.count' + default_hugepagesz: 'hardwareprofile:hugepages.dpdk.size' + isolcpus: 'hardwareprofile:cpuset.kvm' metadata: owner_data: control-plane: enabled @@ -101,11 +121,13 @@ data: openstack-cinder-control: enabled openstack-cinder-volume: control openstack-neutron: enabled + openstack-libvirt: kernel openvswitch: enabled - sriov: enabled + openstack-nova-compute: enabled ucp-barbican: enabled ceph-bootstrap: enabled ceph-mon: enabled + ceph-mgr: enabled ceph-osd: enabled ceph-mds: enabled ceph-rgw: enabled diff --git a/templates/aic-clcp-manifests/profiles/region.j2 b/templates/profiles/region.j2 similarity index 94% rename from templates/aic-clcp-manifests/profiles/region.j2 rename to templates/profiles/region.j2 index 7b9767b..eaf838f 100644 --- a/templates/aic-clcp-manifests/profiles/region.j2 +++ b/templates/profiles/region.j2 @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -34,4 +34,3 @@ data: tag_definitions: [] authorized_keys: [] ... - diff --git a/templates/aic-clcp-manifests/secrets/passphrases/ipmi_admin_password.j2 b/templates/secrets/passphrases/ipmi_admin_password.j2 similarity index 91% rename from templates/aic-clcp-manifests/secrets/passphrases/ipmi_admin_password.j2 rename to templates/secrets/passphrases/ipmi_admin_password.j2 index 9a3aa97..1f0e8a2 100644 --- a/templates/aic-clcp-manifests/secrets/passphrases/ipmi_admin_password.j2 +++ b/templates/secrets/passphrases/ipmi_admin_password.j2 @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -23,5 +23,5 @@ metadata: abstract: false layer: site storagePolicy: cleartext -data: {{yaml.ipmi_admin_password}} +data: '{{yaml.ipmi_admin.password}}' ... diff --git a/templates/aic-clcp-manifests/secrets/publickey/localadmin_ssh_public_key.j2 b/templates/secrets/publickey/localadmin_ssh_public_key.j2 similarity index 94% rename from templates/aic-clcp-manifests/secrets/publickey/localadmin_ssh_public_key.j2 rename to templates/secrets/publickey/localadmin_ssh_public_key.j2 index e13be2e..2ab2001 100644 --- a/templates/aic-clcp-manifests/secrets/publickey/localadmin_ssh_public_key.j2 +++ b/templates/secrets/publickey/localadmin_ssh_public_key.j2 @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # diff --git a/templates/aic-clcp-manifests/site-definition.j2 b/templates/site-definition.j2 similarity index 87% rename from templates/aic-clcp-manifests/site-definition.j2 rename to templates/site-definition.j2 index 017202c..bf44d95 100644 --- a/templates/aic-clcp-manifests/site-definition.j2 +++ b/templates/site-definition.j2 @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -15,14 +15,15 @@ # limitations under the License. # ############################################################################## -data: - revision: v4.0 - site_type: 5ec +schema: pegleg/SiteDefinition/v1 metadata: - layeringDefinition: {abstract: false, layer: site} - name: {{yaml.site_name}} schema: metadata/Document/v1 + layeringDefinition: + abstract: false + layer: site + name: {{yaml.site_name}} storagePolicy: cleartext -schema: pegleg/SiteDefinition/v1 +data: + revision: v4.0 + site_type: foundry ... - diff --git a/site/site30/software/charts/ucp/promenade/promenade.yaml b/templates/software/charts/kubernetes/container-networking/calico.j2 similarity index 62% rename from site/site30/software/charts/ucp/promenade/promenade.yaml rename to templates/software/charts/kubernetes/container-networking/calico.j2 index 1072d22..6c80227 100644 --- a/site/site30/software/charts/ucp/promenade/promenade.yaml +++ b/templates/software/charts/kubernetes/container-networking/calico.j2 @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -18,23 +18,41 @@ schema: armada/Chart/v1 metadata: schema: metadata/Document/v1 - name: ucp-promenade + replacement: true + name: kubernetes-calico layeringDefinition: abstract: false layer: site parentSelector: - name: ucp-promenade-global + name: kubernetes-calico-global actions: - method: merge path: . storagePolicy: cleartext data: values: - pod: - env: - promenade_api: - - name: no_proxy - value: 172.30.1.30,10.96.0.1,.cluster.local,192.168.2.30,192.168.2.31,192.168.2.32,192.168.2.33,192.168.2.34,nexus3.att-akraino.org,hpgen10.lab.akraino.org,gcr.io,quay.io,lachlanevenson,docker.io,github.com,localhost,127.0.0.1 - - name: NO_PROXY - value: 172.30.1.30,10.96.0.1,.cluster.local,192.168.2.30,192.168.2.31,192.168.2.32,192.168.2.33,192.168.2.34,nexus3.att-akraino.org,hpgen10.lab.akraino.org,gcr.io,quay.io,lachlanevenson,docker.io,github.com,localhost,127.0.0.1 + networking: + settings: + mesh: "off" + ippool: + ipip: + enabled: "false" + mode: "cross-subnet" + bgp: + asnumber: {{yaml.networks.ksn.local_asnumber}} + ipv4: + additional_cidrs: +{% for add_cidr in yaml.networks.ksn.additional_cidrs %} + - {{add_cidr}} +{% endfor %} + peers: +{% for peer in yaml.networks.ksn.peers %} + - apiVersion: v1 + kind: bgpPeer + metadata: + peerIP: {{peer.ip}} + scope: {{peer.scope}} + spec: + asnumber: {{peer.asnumber}} +{% endfor %} ... diff --git a/templates/aic-clcp-manifests/software/charts/kubernetes/container-networking/etcd.j2 b/templates/software/charts/kubernetes/container-networking/etcd.j2 similarity index 72% rename from templates/aic-clcp-manifests/software/charts/kubernetes/container-networking/etcd.j2 rename to templates/software/charts/kubernetes/container-networking/etcd.j2 index 91f502d..d9b4f9b 100644 --- a/templates/aic-clcp-manifests/software/charts/kubernetes/container-networking/etcd.j2 +++ b/templates/software/charts/kubernetes/container-networking/etcd.j2 @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -29,93 +29,105 @@ metadata: path: . storagePolicy: cleartext substitutions: - # Node names -{% set count = [0] %} -{% for server in yaml.masters %} - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .masters[{{count[0]}}].hostname + + # Chart source + - src: + schema: pegleg/SoftwareVersions/v1 + name: software-versions + path: .charts.kubernetes.calico.etcd dest: - path: .values.nodes[{{count[0]}}].name - {% if count.append(count.pop() + 1) %}{% endif %} -{% endfor %} -{% for server in yaml.workers %} - - - src: + path: .source + + # Image versions + - src: + schema: pegleg/SoftwareVersions/v1 + name: software-versions + path: .images.calico.etcd + dest: + path: .values.images.tags + + # IP addresses + - src: schema: pegleg/CommonAddresses/v1 name: common-addresses - path: .masters[{{count[0]}}].hostname + path: .calico.etcd.service_ip dest: - path: .values.nodes[{{count[0]}}].name - {% if count.append(count.pop() + 1) %}{% endif %} -{% endfor %} - - - src: + path: .values.service.ip + - src: schema: pegleg/CommonAddresses/v1 name: common-addresses - path: .genesis.hostname + path: .calico.etcd.service_ip dest: - path: .values.nodes[{{count[0]}}].name -{% set count = [0] %} -{% for server in yaml.masters %} - # Server certs - - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-{{server.name}} + path: .values.anchor.etcdctl_endpoint + + # CAs + - src: + schema: deckhand/CertificateAuthority/v1 + name: calico-etcd path: . dest: - path: .values.nodes[{{count[0]}}].tls.client.cert - - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-{{server.name}} + path: .values.secrets.tls.client.ca + - src: + schema: deckhand/CertificateAuthority/v1 + name: calico-etcd-peer path: . dest: - path: .values.nodes[{{count[0]}}].tls.client.key - - - src: + path: .values.secrets.tls.peer.ca + + # Anchor client cert + - src: schema: deckhand/Certificate/v1 - name: calico-etcd-{{server.name}}-peer + name: calico-etcd-anchor path: . dest: - path: .values.nodes[{{count[0]}}].tls.peer.cert - - - src: + path: .values.secrets.anchor.tls.cert + - src: schema: deckhand/CertificateKey/v1 - name: calico-etcd-{{server.name}}-peer + name: calico-etcd-anchor path: . dest: - path: .values.nodes[{{count[0]}}].tls.peer.key - {% if count.append(count.pop() + 1) %}{% endif %} + path: .values.secrets.anchor.tls.key + + # Node names +{% set count = [0] %} +{% for server in yaml.masters %} + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .masters[{{count[0]}}].hostname + dest: + path: .values.nodes[{{count[0]}}].name + {% if count.append(count.pop() + 1) %}{% endif %} {% endfor %} -{% for server in yaml.workers %} - # Server certs - - - src: + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .genesis.hostname + dest: + path: .values.nodes[{{count[0]}}].name + + # Server certs +{% set count = [0] %} +{% for server in yaml.masters %} + - src: schema: deckhand/Certificate/v1 name: calico-etcd-{{server.name}} path: . dest: path: .values.nodes[{{count[0]}}].tls.client.cert - - - src: + - src: schema: deckhand/CertificateKey/v1 name: calico-etcd-{{server.name}} path: . dest: path: .values.nodes[{{count[0]}}].tls.client.key - - - src: + - src: schema: deckhand/Certificate/v1 name: calico-etcd-{{server.name}}-peer path: . dest: path: .values.nodes[{{count[0]}}].tls.peer.cert - - - src: + - src: schema: deckhand/CertificateKey/v1 name: calico-etcd-{{server.name}}-peer path: . @@ -125,34 +137,33 @@ metadata: {% endfor %} # NOTE(mb874d): Be sure we generate these certs for genesis. - - - src: + - src: schema: deckhand/Certificate/v1 name: calico-etcd-{{yaml.genesis.name}} path: . dest: path: .values.nodes[{{count[0]}}].tls.client.cert - - - src: + - src: schema: deckhand/CertificateKey/v1 name: calico-etcd-{{yaml.genesis.name}} path: . dest: path: .values.nodes[{{count[0]}}].tls.client.key - - - src: + - src: schema: deckhand/Certificate/v1 name: calico-etcd-{{yaml.genesis.name}}-peer path: . dest: path: .values.nodes[{{count[0]}}].tls.peer.cert - - - src: + - src: schema: deckhand/CertificateKey/v1 name: calico-etcd-{{yaml.genesis.name}}-peer path: . dest: path: .values.nodes[{{count[0]}}].tls.peer.key -data: {} +data: + values: + manifests: + test_etcd_health: false ... diff --git a/templates/aic-clcp-manifests/software/charts/kubernetes/etcd/etcd.j2 b/templates/software/charts/kubernetes/etcd/etcd.j2 similarity index 77% rename from templates/aic-clcp-manifests/software/charts/kubernetes/etcd/etcd.j2 rename to templates/software/charts/kubernetes/etcd/etcd.j2 index ad31545..9cc4322 100644 --- a/templates/aic-clcp-manifests/software/charts/kubernetes/etcd/etcd.j2 +++ b/templates/software/charts/kubernetes/etcd/etcd.j2 @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -29,63 +29,85 @@ metadata: path: . storagePolicy: cleartext substitutions: - # Node names -{% set count = [0] %} -{% for server in yaml.masters %} + + # Chart source - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .masters[{{count[0]}}].hostname + schema: pegleg/SoftwareVersions/v1 + name: software-versions + path: .charts.kubernetes.etcd dest: - path: .values.nodes[{{count[0]}}].name - {% if count.append(count.pop() + 1) %}{% endif %} -{% endfor %} -{% for server in yaml.workers %} + path: .source + + # Images + - src: + schema: pegleg/SoftwareVersions/v1 + name: software-versions + path: .images.kubernetes.etcd + dest: + path: .values.images.tags + + # IP addresses - src: schema: pegleg/CommonAddresses/v1 name: common-addresses - path: .masters[{{count[0]}}].hostname + path: .kubernetes.etcd_service_ip dest: - path: .values.nodes[{{count[0]}}].name - {% if count.append(count.pop() + 1) %}{% endif %} -{% endfor %} + path: .values.service.ip - src: schema: pegleg/CommonAddresses/v1 name: common-addresses - path: .genesis.hostname + path: .kubernetes.etcd_service_ip dest: - path: .values.nodes[{{count[0]}}].name + path: .values.anchor.etcdctl_endpoint - # Server certs -{% set count = [0] %} -{% for server in yaml.masters %} + # CAs - src: - schema: deckhand/Certificate/v1 - name: kubernetes-etcd-{{server.name}} + schema: deckhand/CertificateAuthority/v1 + name: kubernetes-etcd path: . dest: - path: .values.nodes[{{count[0]}}].tls.client.cert + path: .values.secrets.tls.client.ca - src: - schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-{{server.name}} + schema: deckhand/CertificateAuthority/v1 + name: kubernetes-etcd-peer path: . dest: - path: .values.nodes[{{count[0]}}].tls.client.key + path: .values.secrets.tls.peer.ca + - src: schema: deckhand/Certificate/v1 - name: kubernetes-etcd-{{server.name}}-peer + name: kubernetes-etcd-anchor path: . dest: - path: .values.nodes[{{count[0]}}].tls.peer.cert + path: .values.secrets.anchor.tls.cert - src: schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-{{server.name}}-peer + name: kubernetes-etcd-anchor path: . dest: - path: .values.nodes[{{count[0]}}].tls.peer.key + path: .values.secrets.anchor.tls.key + + # Node names +{% set count = [0] %} +{% for server in yaml.masters %} + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .masters[{{count[0]}}].hostname + dest: + path: .values.nodes[{{count[0]}}].name {% if count.append(count.pop() + 1) %}{% endif %} {% endfor %} -{% for server in yaml.workers %} + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .genesis.hostname + dest: + path: .values.nodes[{{count[0]}}].name + + # Server certs +{% set count = [0] %} +{% for server in yaml.masters %} - src: schema: deckhand/Certificate/v1 name: kubernetes-etcd-{{server.name}} @@ -140,5 +162,4 @@ metadata: path: .values.nodes[{{count[0]}}].tls.peer.key data: {} - ... diff --git a/templates/aic-clcp-manifests/software/charts/kubernetes/ingress/ingress.j2 b/templates/software/charts/kubernetes/ingress/ingress.j2 similarity index 86% rename from templates/aic-clcp-manifests/software/charts/kubernetes/ingress/ingress.j2 rename to templates/software/charts/kubernetes/ingress/ingress.j2 index dfe50d1..d7121cb 100644 --- a/templates/aic-clcp-manifests/software/charts/kubernetes/ingress/ingress.j2 +++ b/templates/software/charts/kubernetes/ingress/ingress.j2 @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -28,11 +28,5 @@ metadata: - method: merge path: . storagePolicy: cleartext -data: - values: - network: - vip: - manage: true - interface: ingress0 - addr: {{yaml.networks.ksn.ingress_cidr}} +data: {} ... diff --git a/templates/aic-clcp-manifests/software/charts/osh/openstack-compute-kit/neutron.j2 b/templates/software/charts/osh/openstack-compute-kit/neutron.j2 similarity index 77% rename from templates/aic-clcp-manifests/software/charts/osh/openstack-compute-kit/neutron.j2 rename to templates/software/charts/osh/openstack-compute-kit/neutron.j2 index 8a8d913..1657cb5 100644 --- a/templates/aic-clcp-manifests/software/charts/osh/openstack-compute-kit/neutron.j2 +++ b/templates/software/charts/osh/openstack-compute-kit/neutron.j2 @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -19,22 +19,29 @@ schema: armada/Chart/v1 metadata: schema: metadata/Document/v1 name: neutron + replacement: true labels: component: neutron layeringDefinition: abstract: false layer: site parentSelector: - name: neutron-5ec + name: neutron-global actions: - method: merge path: . storagePolicy: cleartext data: values: + labels: + agent: + sriov: + node_selector_key: sriov + node_selector_value: enabled network: - auto_bridge_add: - br-bond0: bond0 + backend: + - openvswitch + - sriov interface: sriov: {% for sriovnet in yaml.sriovnets %} @@ -46,9 +53,12 @@ data: plugins: openvswitch_agent: ovs: - bridge_mappings: oam:br-bond0 + bridge_mappings: bond0:br-bond0 sriov_agent: + securitygroup: + firewall_driver: neutron.agent.firewall.NoopFirewallDriver sriov_nic: + exclude_devices: null physical_device_mappings: ' {%- for sriovnet in yaml.sriovnets -%} {%- if loop.index > 1 -%} @@ -57,8 +67,10 @@ data: {{sriovnet.physical}}:{{sriovnet.interface}} {%- endfor %}' ml2_conf: + ml2: + mechanism_drivers: l2population,openvswitch,sriovnicswitch ml2_type_vlan: - network_vlan_ranges: oam:100:4000 + network_vlan_ranges: bond0:46:300 {%- for sriovnet in yaml.sriovnets -%} ,{{sriovnet.physical}}:{{sriovnet.vlan_start}}:{{sriovnet.vlan_end}} {%- endfor %} diff --git a/templates/aic-clcp-manifests/software/charts/osh/openstack-compute-kit/nova.j2 b/templates/software/charts/osh/openstack-compute-kit/nova.j2 similarity index 65% rename from templates/aic-clcp-manifests/software/charts/osh/openstack-compute-kit/nova.j2 rename to templates/software/charts/osh/openstack-compute-kit/nova.j2 index 5555db4..5cd0e3e 100644 --- a/templates/aic-clcp-manifests/software/charts/osh/openstack-compute-kit/nova.j2 +++ b/templates/software/charts/osh/openstack-compute-kit/nova.j2 @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -25,31 +25,28 @@ metadata: abstract: false layer: site parentSelector: - name: nova-5ec + name: nova-global actions: - method: merge path: . storagePolicy: cleartext data: values: + network: + backend: + - openvswitch + - sriov conf: nova: + filter_scheduler: + enabled_filters: "RetryFilter, AvailabilityZoneFilter, RamFilter, ComputeFilter, ComputeCapabilitiesFilter, ImagePropertiesFilter, ServerGroupAntiAffinityFilter, ServerGroupAffinityFilter, PciPassthroughFilter, NUMATopologyFilter, DifferentHostFilter, SameHostFilter" libvirt: virt_type: kvm DEFAULT: - vcpu_pin_set: "4-23,28-47" + vcpu_pin_set: "4-21,26-43,48-65,72-87" + vif_plugging_is_fatal: False + vif_plugging_timeout: 30 pci: - alias: '{"name": "numa0", "capability_type": "pci", "product_id": "154c", "vendor_id": "8086", "device_type": "type-PCI", "numa_policy": "required"}' - passthrough_whitelist: | - [ -{%- for sriov in yaml.sriovnets -%} - {%set sriovloop = loop%} - {%- for whitelist in sriov.whitelists -%} - {%- if sriovloop.index > 1 or loop.index > 1 -%} - , - {%- endif -%} - {"address": "{{whitelist.address}}", "physical_network": "{{sriov.physical}}", "trusted": "true"} - {%- endfor -%} -{%- endfor -%} -] + alias: '{ "vendor_id":"10de", "product_id":"1db4", "name":"V100", "device_type":"type-PCI" }' + passthrough_whitelist: '{"vendor_id": "10de", "product_id": "1db4"}' ... diff --git a/templates/software/charts/ucp/ceph/ceph-client-update.j2 b/templates/software/charts/ucp/ceph/ceph-client-update.j2 new file mode 100644 index 0000000..8f09f97 --- /dev/null +++ b/templates/software/charts/ucp/ceph/ceph-client-update.j2 @@ -0,0 +1,37 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: ucp-ceph-client-update + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: ucp-ceph-client-update-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + conf: + pool: + target: + osd: {{yaml.storage.total_osd_count}} +... diff --git a/templates/software/charts/ucp/ceph/ceph-client.j2 b/templates/software/charts/ucp/ceph/ceph-client.j2 new file mode 100644 index 0000000..ec13391 --- /dev/null +++ b/templates/software/charts/ucp/ceph/ceph-client.j2 @@ -0,0 +1,37 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: ucp-ceph-client + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: ucp-ceph-client-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + conf: + pool: + target: + osd: {{yaml.storage.osd_count}} +... diff --git a/templates/aic-clcp-manifests/software/charts/ucp/ceph/ceph.j2 b/templates/software/charts/ucp/ceph/ceph-osd.j2 similarity index 89% rename from templates/aic-clcp-manifests/software/charts/ucp/ceph/ceph.j2 rename to templates/software/charts/ucp/ceph/ceph-osd.j2 index 3fb985c..ce786f3 100644 --- a/templates/aic-clcp-manifests/software/charts/ucp/ceph/ceph.j2 +++ b/templates/software/charts/ucp/ceph/ceph-osd.j2 @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -18,12 +18,12 @@ schema: armada/Chart/v1 metadata: schema: metadata/Document/v1 - name: ucp-ceph + name: ucp-ceph-osd layeringDefinition: abstract: false layer: site parentSelector: - name: ucp-ceph-global + name: ucp-ceph-osd-global actions: - method: replace path: .values.conf.storage.osd @@ -43,8 +43,4 @@ data: type: directory location: {{osd.journal}} {% endfor %} - pool: - target: - osd: {{yaml.storage.osd_count}} ... - diff --git a/templates/software/charts/ucp/promenade/promenade.j2 b/templates/software/charts/ucp/promenade/promenade.j2 new file mode 100644 index 0000000..3ba5671 --- /dev/null +++ b/templates/software/charts/ucp/promenade/promenade.j2 @@ -0,0 +1,40 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: ucp-promenade + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: ucp-promenade-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + pod: + env: + promenade_api: + - name: no_proxy + value: localhost,127.0.0.1,192.168.0.0/16,172.0.0.0/8,10.0.0.0/8 + - name: NO_PROXY + value: localhost,127.0.0.1,192.168.0.0/16,172.0.0.0/8,10.0.0.0/8 +... diff --git a/tools/0cleanup.sh b/tools/0cleanup.sh deleted file mode 100755 index 9328901..0000000 --- a/tools/0cleanup.sh +++ /dev/null @@ -1,99 +0,0 @@ -#!/usr/bin/env bash -############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - - -read -p "Are you sure you wish to continue? (y/n)" REPLY -if [ "$REPLY" != "y" ]; then - echo "Good Bye" - exit -fi - -set -x - -# Check that we are root -if [[ $(whoami) != "root" ]] -then - echo "Must be root to run $0" - exit -1 -fi - -export KUBECONFIG=/etc/kubernetes/admin/kubeconfig.yaml - -kubectl drain --delete-local-data --force $(hostname) -systemctl stop kubelet -df -lh | awk '{ print $6 }' | grep -i kubelet | xargs -I {} umount -f -l {} -df -lh | awk '{ print $6 }' | grep -i docker | grep -v "/var/lib" | xargs -I {} umount -f -l {} -umount -f -l /run/user/0 -mount -a -docker rm -fv $(docker ps -aq) - -#systemctl stop docker -apt-get remove --autoremove --purge -y docker-engine=1.13.1-0~ubuntu-xenial socat=1.7.3.1-1 -#Docker -rm -rf /dev/docker-data -rm -rf /var/lib/docker/* -rm -rf /etc/docker -rm -rf /etc/systemd/system/docker.service.d -rm -rf /var/lib/dockershim - -#Ceph -rm -rf /var/lib/openstack-helm -rm -rf /var/lib/ceph -dd if=/dev/zero of=/dev/sdb bs=512 count=1 conv=notrunc -dd if=/dev/zero of=/dev/sdc bs=512 count=1 conv=notrunc -rm -rf /var/lib/openstack-helm/ceph/journal0/* -rm -rf /var/lib/openstack-helm/ceph/journal1/* - -#Kubernetes -rm -rf /etc/kubernetes -rm -rf /usr/local/bin/kubectl -rm -rf /usr/local/bin/kubelet -rm -rf /var/lib/kubelet -rm -rf /etc/systemd/system/kubelet -rm -rf /etc/systemd/system/kubelet.service - -# apt-get install creates the following directory -rm -rf /etc/systemd/system/kubelet.service.d/ -rm -rf /var/log/pods -rm -rf /var/log/containers - -#etcd -rm -rf /var/lib/auxiliary-etcd-0 -rm -rf /var/lib/auxiliary-etcd-1 -rm -rf /var/lib/auxiliary-calico-etcd-0 -rm -rf /var/lib/auxiliary-calico-etcd-1 -rm -rf /var/lib/calico-etcd -rm -rf /var/lib/kube-etcd - -#nova -rm -rf /var/lib/nova/* - -#ONAP -rm -rf /dockerdata-nfs/onap/ -rm -rf /etc/dnsmasq.d -rm -rf /opt/cni -rm -rf /usr/local/bin/bootstrap -rm -rf /usr/local/bin/helm -rm -rf /var/lib/prom.done - -# Remove files generated by Promenade -rm -rf /etc/cni -rm -rf /etc/coredns -rm -rf /etc/etcd -rm -rf /etc/genesis -rm -rf /var/lib/etcd -rm -rf /var/lib/kubelet/pods diff --git a/tools/1prom-gen.sh b/tools/1prom-gen.sh index 6aef8ba..2665e87 100755 --- a/tools/1prom-gen.sh +++ b/tools/1prom-gen.sh @@ -138,9 +138,7 @@ ENDKEY systemctl restart docker || true } -cleanup() { - rm -rf ./tars/$SITE/configs/promenade - rm -rf ./tars/$SITE/configs/promenade-bundle +create_directories() { mkdir -p ./tars/$SITE/configs/promenade mkdir -p ./tars/$SITE/configs/promenade-bundle } @@ -186,7 +184,7 @@ prepare_tar(){ } #install_docker -cleanup +create_directories get_site_config gen_certs gen_bundle diff --git a/tools/2genesis.sh b/tools/2genesis.sh index 40e3f97..0b70cd4 100644 --- a/tools/2genesis.sh +++ b/tools/2genesis.sh @@ -1,6 +1,6 @@ #!/bin/bash ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -15,29 +15,45 @@ # limitations under the License. # ############################################################################## +set -x +TIMESTAMP=$(date +"%Y%m%d%H%M") +echo "Logging to /var/log/yaml_builds/2genesis_$TIMESTAMP.log" +exec > /var/log/yaml_builds/2genesis_$TIMESTAMP.log +exec 2>&1 source $(dirname $0)/setenv.sh if [ -z "$1" ] then - echo "Plese pass site name as command line argument" + echo "Please pass site name as command line argument" exit -2 else SITE=${SITE:-$1} echo "SITE=$SITE" fi +if [ -z "$YAML_BUILDS" ] +then + echo "Please set YAML_BUILDS" + exit -3 +fi + source $(dirname $0)/env_$SITE.sh -scp $AIC_CLCP_MANIFESTS/tools/promenade-bundle.tar $GENESIS_HOST:/tmp/ +cd $YAML_BUILDS +# Install OS on Genesis +python $YAML_BUILDS/scripts/jcopy.py $SITE.yaml $YAML_BUILDS/tools/j2/serverrc.j2 $YAML_BUILDS/tools/"$GENESIS_NAME"rc +/opt/akraino/tools/install_server_os.sh --rc /opt/akraino/yaml_builds/tools/"$GENESIS_NAME"rc --skip-confirm + +scp $YAML_BUILDS/tars/promenade-bundle-$SITE.tar $GENESIS_HOST:/tmp/ ssh $GENESIS_HOST << EOF - mkdir -p /opt/sitename/aic-clcp-manifests/tools - cp /tmp/promenade-bundle.tar /opt/sitename/aic-clcp-manifests/tools/ - cd /opt/sitename/aic-clcp-manifests/tools/ - tar -xmf promenade-bundle.tar - mkdir configs/promenade - cp configs/promenade-bundle/*.yaml configs/promenade/ - bash /opt/sitename/aic-clcp-manifests/tools/configs/promenade-bundle/genesis.sh + # TODO avoid following hard coding$ + route add -net 192.168.41.0/24 gw 192.168.2.1 bond0.41 + mkdir -p /root/akraino + cp /tmp/promenade-bundle-$SITE.tar /root/akraino/ + cd /root/akraino/ + tar -xmf promenade-bundle-$SITE.tar EOF - +# Update BIOS Setting +python $YAML_BUILDS/scripts/update_bios_settings.py $SITE.yaml diff --git a/tools/3deploy_site.sh b/tools/3deploy_site.sh index 7436496..5f30f0e 100644 --- a/tools/3deploy_site.sh +++ b/tools/3deploy_site.sh @@ -1,6 +1,6 @@ #!/bin/bash ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -22,7 +22,7 @@ source $(dirname $0)/setenv.sh if [ -z "$1" ] then - echo "Plese pass site name as command line argument" + echo "Please pass site name as command line argument" exit -2 else SITE=${SITE:-$1} @@ -31,21 +31,14 @@ fi source $(dirname $0)/env_$SITE.sh -KEYSTONE_IMAGE=$(grep "keystone_db_sync" $AIC_CLCP_MANIFESTS/global/v4.0/software/config/versions.yaml | uniq | awk '{print $2}') -SHIPYARD_IMAGE=$(grep "shipyard_db_sync" $AIC_CLCP_MANIFESTS/global/v4.0/software/config/versions.yaml | uniq | awk '{print $2}') - -DRYDOCK_PASSWORD=$(grep "^data:" $AIC_CLCP_MANIFESTS/site/$SITE/secrets/passphrases/ucp_drydock_keystone_password.yaml | awk '{print $2}') -SHIPYARD_PASSWORD=$(grep "^data:" $AIC_CLCP_MANIFESTS/site/$SITE/secrets/passphrases/ucp_shipyard_keystone_password.yaml | awk '{print $2}') -REGION_NAME=$SITE - -mkdir -p $YAML_BUILDS/tools/$SITE -cp $YAML_BUILDS/tools/deploy_site.sh $YAML_BUILDS/tools/$SITE/ -sed -i -e "s,KEYSTONE_IMAGE=,KEYSTONE_IMAGE=$KEYSTONE_IMAGE,g" $YAML_BUILDS/tools/$SITE/deploy_site.sh -sed -i -e "s,SHIPYARD_IMAGE=,SHIPYARD_IMAGE=$SHIPYARD_IMAGE,g" $YAML_BUILDS/tools/$SITE/deploy_site.sh -sed -i -e "s/DRYDOCK_PASSWORD=/DRYDOCK_PASSWORD=$DRYDOCK_PASSWORD/g" $YAML_BUILDS/tools/$SITE/deploy_site.sh -sed -i -e "s/SHIPYARD_PASSWORD=/SHIPYARD_PASSWORD=$SHIPYARD_PASSWORD/g" $YAML_BUILDS/tools/$SITE/deploy_site.sh -sed -i -e "s/REGION_NAME=/REGION_NAME=$REGION_NAME/g" $YAML_BUILDS/tools/$SITE/deploy_site.sh -sed -i -e "s/{{yaml.genesis.host}}/$GENESIS_HOST/g" $YAML_BUILDS/tools/$SITE/deploy_site.sh - -scp $YAML_BUILDS/tools/$SITE/deploy_site.sh $GENESIS_HOST:/opt/sitename/aic-clcp-manifests/tools/ -ssh $GENESIS_HOST 'bash /opt/sitename/aic-clcp-manifests/tools/deploy_site.sh' +ssh $GENESIS_HOST << EOF + cd /root/akraino + bash configs/promenade-bundle/genesis.sh + # Shipyard takes time to really come up and start responding. + date + sleep 900 + # Following is a workaround, tested on dell servers. + # TODO to be removed when not required. + bash update_iptables.sh + bash deploy_site.sh +EOF diff --git a/tools/aknode30rc b/tools/aknode30rc new file mode 100644 index 0000000..5330e71 --- /dev/null +++ b/tools/aknode30rc @@ -0,0 +1,91 @@ +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +# Add proxy settings if required for your environment +# export http_proxy=http://your.proxy.com:8080/ +# export https_proxy=http://your.proxy.com:8080/ +# + +# host name for server +SRV_NAME=aknode30 + +# server oem - Dell or HPE (case sensitive) +SRV_OEM=HPE + +# out of band interface information for server (idrac/ilo/etc) +SRV_OOB_IP=192.168.41.130 +SRV_OOB_USR=Administrator +SRV_OOB_PWD=Admin123 + +# mac address of server to be used during the build - not required for Dell servers +SRV_MAC=3c:fd:fe:aa:90:b0 + +# name of network interface used during build when ipxe.efi is booted and when os is booted +# ipxe numbers ports from 0-n in pci bus order. +# the netx value will depend on how many nics are in the server +# and which pci device number is assigned to the slot +SRV_IPXE_INF=net4 + +# the build interface is the nic used by the Ubuntu installed to load the OS +SRV_BLD_INF=ens3f0 + +# the boot device is the device name on which the OS will be loaded +SRV_BOOT_DEVICE=sdj +SRV_CEPH_DEVICE=sdk + +# ipxe script to use - based on the os version and kernel to install +# valid options are script-hwe-16.04.4-amd64.ipxe or script-16.04.4-amd64.ipxe +SRV_BLD_SCRIPT=script-hwe-16.04.5-amd64.ipxe + +# template xml file to set bios and raid configuration settings +SRV_BIOS_TEMPLATE=hpe_dl380_g10_uefi_base.json.template +SRV_BOOT_TEMPLATE=hpe_dl380_g10_uefi_httpboot.json.template +SRV_HTTP_BOOT_DEV=NIC.Slot.3-1-1 + +# tempalte to run to configure OS after first boot +# current options are: firstboot.sh.template, firstboot-genesis.sh.tempate or firstboot-airship-iab.sh.template +SRV_FIRSTBOOT_TEMPLATE=firstboot-genesis.sh.template + +# VLAN to use during build and for final network configuration +SRV_VLAN=41 +SRV_STORAGE_VLAN=42 +SRV_CALICO_VLAN=44 +SRV_NEUTRON_VLAN=45 +SRV_PXE_INF=eno1 + +# basic network information for dhcp config and final server network settings +SRV_MTU=9000 +SRV_IP=192.168.2.30 +SRV_STORAGE_IP=172.31.1.30 +SRV_CALICO_IP=172.29.1.30 +SRV_NEUTRON_IP=10.0.101.30 +SRV_PXE_IP=172.30.1.30 +SRV_SUBNET=192.168.2.0 +SRV_NETMASK=255.255.255.0 +SRV_GATEWAY=192.168.2.200 +SRV_DNS="192.168.2.85 8.8.8.8 8.8.4.4" +SRV_DOMAIN=lab.akraino.org +SRV_DNSSEARCH=lab.akraino.org +SRV_NTP=ntp.ubuntu.org + +# root password for server being built +SRV_PWD=akraino,d + +# network bond information +SRV_BOND=bond0 +SRV_SLAVE1=ens3f0 +SRV_SLAVE2=ens3f1 + diff --git a/tools/aknode40rc b/tools/aknode40rc new file mode 100644 index 0000000..6b79c88 --- /dev/null +++ b/tools/aknode40rc @@ -0,0 +1,91 @@ +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +# Add proxy settings if required for your environment +# export http_proxy=http://your.proxy.com:8080/ +# export https_proxy=http://your.proxy.com:8080/ +# + +# host name for server +SRV_NAME=aknode40 + +# server oem - Dell or HPE (case sensitive) +SRV_OEM=Dell + +# out of band interface information for server (idrac/ilo/etc) +SRV_OOB_IP=192.168.41.40 +SRV_OOB_USR=root +SRV_OOB_PWD=calvin + +# mac address of server to be used during the build - not required for Dell servers +SRV_MAC= + +# name of network interface used during build when ipxe.efi is booted and when os is booted +# ipxe numbers ports from 0-n in pci bus order. +# the netx value will depend on how many nics are in the server +# and which pci device number is assigned to the slot +SRV_IPXE_INF=net4 + +# the build interface is the nic used by the Ubuntu installed to load the OS +SRV_BLD_INF=enp94s0f0 + +# the boot device is the device name on which the OS will be loaded +SRV_BOOT_DEVICE=sdg +SRV_CEPH_DEVICE=sdh + +# ipxe script to use - based on the os version and kernel to install +# valid options are script-hwe-16.04.4-amd64.ipxe or script-16.04.4-amd64.ipxe +SRV_BLD_SCRIPT=script-hwe-16.04.5-amd64.ipxe + +# template xml file to set bios and raid configuration settings +SRV_BIOS_TEMPLATE=dell_r740_g14_uefi_base.xml.template +SRV_BOOT_TEMPLATE=dell_r740_g14_uefi_httpboot.xml.template +SRV_HTTP_BOOT_DEV=NIC.Slot.2-1-1 + +# tempalte to run to configure OS after first boot +# current options are: firstboot.sh.template, firstboot-genesis.sh.tempate or firstboot-airship-iab.sh.template +SRV_FIRSTBOOT_TEMPLATE=firstboot-genesis.sh.template + +# VLAN to use during build and for final network configuration +SRV_VLAN=41 +SRV_STORAGE_VLAN=42 +SRV_CALICO_VLAN=44 +SRV_NEUTRON_VLAN=45 +SRV_PXE_INF=eno3 + +# basic network information for dhcp config and final server network settings +SRV_MTU=9000 +SRV_IP=192.168.2.40 +SRV_STORAGE_IP=172.31.2.40 +SRV_CALICO_IP=172.29.1.40 +SRV_NEUTRON_IP=10.0.102.40 +SRV_PXE_IP=172.30.2.40 +SRV_SUBNET=192.168.2.0 +SRV_NETMASK=255.255.255.0 +SRV_GATEWAY=192.168.2.200 +SRV_DNS="192.168.2.85 8.8.8.8 8.8.4.4" +SRV_DOMAIN=lab.akraino.org +SRV_DNSSEARCH=lab.akraino.org +SRV_NTP=ntp.ubuntu.org + +# root password for server being built +SRV_PWD=akraino,d + +# network bond information +SRV_BOND=bond0 +SRV_SLAVE1=enp94s0f0 +SRV_SLAVE2=enp94s0f1 + diff --git a/tools/cleanup.sh b/tools/cleanup.sh new file mode 100755 index 0000000..6af99a4 --- /dev/null +++ b/tools/cleanup.sh @@ -0,0 +1,153 @@ +#!/bin/bash +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +set -eux + +log () { +printf "$(date)\t%s\n" "${1}" +} + + +TO_RM=( +"/etc/apt/apt.conf.d/20-proxy.conf" +"/etc/apt/sources.list.d/promenade-sources.list" +"/etc/cni" +"/etc/coredns" +"/etc/docker/daemon.json" +"/etc/etcd" +"/etc/genesis" +"/etc/kubernetes" +"/etc/logrotate.d/json-logrotate" +"/etc/systemd/system/kubelet.service" +"/etc/systemd/system/docker.service.d/http-proxy.conf" +"/home/ceph" +"/usr/local/bin/armada" +"/usr/local/bin/helm" +"/usr/local/bin/kubectl" +"/usr/local/bin/promenade-teardown" +"/var/lib/anchor/calico-etcd-bootstrap" +"/var/lib/etcd" +"/var/lib/kubelet/pods" +"/var/lib/openstack-helm" +"/var/log/armada" +"/var/log/containers" +"/var/log/pods" +) + +TO_LEAVE=( +"/etc/hosts" +"/etc/resolv.conf" +) + +prune_docker() { +log "Docker prune" +docker volume prune -f +docker system prune -a -f +} + +remove_containers() { +log "Remove all Docker containers" +docker ps -aq 2> /dev/null | xargs --no-run-if-empty docker rm -fv +} + +remove_files() { +for item in "${TO_RM[@]}"; do +log "Removing ${item}" +rm -rf "${item}" +done +} + +leave_files() { +for item in "${TO_LEAVE[@]}"; do +log "WARNING: === ${item} === has been modified, but we didn't revert changes." +done +} + +reset_docker() { +log "Remove all local Docker images" +docker images -qa | xargs --no-run-if-empty docker rmi -f + +log "Remove remaining Docker files" +systemctl stop docker +if ! rm -rf /var/lib/docker/*; then +log "Failed to cleanup some files in /var/lib/docker" +find /var/lib/docker +fi +systemctl start docker +} + +stop_kubelet() { +log "Stop Kubelet and clean pods" +systemctl stop kubelet || true + +# Issue with orhan PODS +# https://github.com/kubernetes/kubernetes/issues/38498 +find var/lib/kubelet/pods 2> dev/null | while read orphan_pod; do +if [[ ${orphan_pod} == io~secret ]] || [[ ${orphan_pod} == empty-dir ]]; then +umount "${orphan_pod}" || true +rm -rf "${orphan_pod}" +fi +done +} + + +FORCE=0 +RESET_DOCKER=0 + +while getopts "fk" opt; do +case "${opt}" in +f) +FORCE=1 +;; +k) +RESET_DOCKER=1 +;; +*) +echo "Unknown option" +exit 1 +;; +esac +done + +if [[ $FORCE == "0" ]]; then +echo Warning: This cleanup script is very aggressive. Run with -f to avoid this prompt. +while true; do +read -p "Are you sure you wish to proceed with aggressive cleanup?" yn +case $yn in +[Yy]*) +RESET_DOCKER=1 +break +;; +*) +echo Exiting. +exit 1 +esac +done +fi + +stop_kubelet +remove_containers +remove_files +prune_docker + +systemctl daemon-reload + +if [[ $RESET_DOCKER == "1" ]]; then +reset_docker +fi + +leave_files diff --git a/tools/deploy_site.sh b/tools/deploy_site.sh index 2db8214..26ce52a 100755 --- a/tools/deploy_site.sh +++ b/tools/deploy_site.sh @@ -1,6 +1,6 @@ #!/bin/bash ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -17,6 +17,10 @@ set -x +TIMESTAMP=$(date +"%Y%m%d%H%M") +echo "logging to /var/log/deploy_site_$TIMESTAMP.log" +exec > /var/log/deploy_site_$TIMESTAMP.log +exec 2>&1 # Regional Server specific variables KEYSTONE_IMAGE= @@ -67,13 +71,14 @@ getactions(){ sleep 5 } -#clean_configdocs -#create_configdocs -#commit_configdocs +sleep 900 +clean_configdocs +create_configdocs +commit_configdocs renderedconfigdocs -#deploy_site -getactions +deploy_site +#getactions #update_site ## diff --git a/tools/j2/serverrc.j2 b/tools/j2/serverrc.j2 new file mode 100644 index 0000000..873442a --- /dev/null +++ b/tools/j2/serverrc.j2 @@ -0,0 +1,91 @@ +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +# Add proxy settings if required for your environment +# export http_proxy=http://your.proxy.com:8080/ +# export https_proxy=http://your.proxy.com:8080/ +# + +# host name for server +SRV_NAME={{yaml.genesis.name}} + +# server oem - Dell or HPE (case sensitive) +SRV_OEM={{yaml.genesis.oem}} + +# out of band interface information for server (idrac/ilo/etc) +SRV_OOB_IP={{yaml.genesis.oob}} +SRV_OOB_USR={{yaml.ipmi_admin.username}} +SRV_OOB_PWD={{yaml.ipmi_admin.password}} + +# mac address of server to be used during the build - not required for Dell servers +SRV_MAC={{yaml.genesis.mac_address}} + +# name of network interface used during build when ipxe.efi is booted and when os is booted +# ipxe numbers ports from 0-n in pci bus order. +# the netx value will depend on how many nics are in the server +# and which pci device number is assigned to the slot +SRV_IPXE_INF={{yaml.networks.pxe.inf}} + +# the build interface is the nic used by the Ubuntu installed to load the OS +SRV_BLD_INF={{yaml.networks.slaves[0].name}} + +# the boot device is the device name on which the OS will be loaded +SRV_BOOT_DEVICE={{yaml.disks[0].name}} +SRV_CEPH_DEVICE={{yaml.disks[1].name}} + +# ipxe script to use - based on the os version and kernel to install +# valid options are script-hwe-16.04.4-amd64.ipxe or script-16.04.4-amd64.ipxe +SRV_BLD_SCRIPT=script-hwe-16.04.5-amd64.ipxe + +# template xml file to set bios and raid configuration settings +SRV_BIOS_TEMPLATE={{yaml.genesis.bios_template}} +SRV_BOOT_TEMPLATE={{yaml.genesis.boot_template}} +SRV_HTTP_BOOT_DEV={{yaml.genesis.http_boot_device}} + +# tempalte to run to configure OS after first boot +# current options are: firstboot.sh.template, firstboot-genesis.sh.tempate or firstboot-airship-iab.sh.template +SRV_FIRSTBOOT_TEMPLATE=firstboot-genesis.sh.template + +# VLAN to use during build and for final network configuration +SRV_VLAN={{yaml.networks.host.vlan}} +SRV_STORAGE_VLAN={{yaml.networks.storage.vlan}} +SRV_CALICO_VLAN={{yaml.networks.ksn.vlan}} +SRV_NEUTRON_VLAN={{yaml.networks.neutron.vlan}} +SRV_PXE_INF={{yaml.networks.pxe.interface}} + +# basic network information for dhcp config and final server network settings +SRV_MTU=9000 +SRV_IP={{yaml.genesis.host}} +SRV_STORAGE_IP={{yaml.genesis.storage}} +SRV_CALICO_IP={{yaml.genesis.ksn}} +SRV_NEUTRON_IP={{yaml.genesis.neutron}} +SRV_PXE_IP={{yaml.genesis.pxe}} +SRV_SUBNET={{yaml.networks.host.subnet}} +SRV_NETMASK={{yaml.networks.host.netmask}} +SRV_GATEWAY={{yaml.networks.host.routes.gateway}} +SRV_DNS="{{yaml.networks.host.dns.servers}}" +SRV_DOMAIN={{yaml.networks.host.dns.domain}} +SRV_DNSSEARCH={{yaml.networks.host.dns.domain}} +SRV_NTP=ntp.ubuntu.org + +# root password for server being built +SRV_PWD={{yaml.genesis.root_password}} + +# network bond information +SRV_BOND={{yaml.networks.primary}} +{% for slave in yaml.networks.slaves %} +SRV_SLAVE{{loop.index}}={{slave.name}} +{% endfor %} diff --git a/tools/j2/serverrc_raid.j2 b/tools/j2/serverrc_raid.j2 new file mode 100644 index 0000000..f7d2975 --- /dev/null +++ b/tools/j2/serverrc_raid.j2 @@ -0,0 +1,30 @@ +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +# Add proxy settings if required for your environment +# export http_proxy=http://your.proxy.com:8080/ +# export https_proxy=http://your.proxy.com:8080/ +# +# Set the ip and port to use when creating the web server +BUILD_WEBIP=192.168.2.5 + +# host name for server +SRV_NAME={{yaml.name}} + +# out of band interface information for server (idrac/ilo/etc) +SRV_OOB_IP={{yaml.oob}} +SRV_OOB_USR={{yaml.oob_user}} +SRV_OOB_PWD={{yaml.oob_password}} diff --git a/templates/yaml_builds/set_site_env.sh b/tools/j2/set_site_env.sh similarity index 78% rename from templates/yaml_builds/set_site_env.sh rename to tools/j2/set_site_env.sh index b420961..1639808 100644 --- a/templates/yaml_builds/set_site_env.sh +++ b/tools/j2/set_site_env.sh @@ -1,6 +1,6 @@ #!/bin/bash ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -15,10 +15,11 @@ # limitations under the License. # ############################################################################## - export GENESIS_HOST={{yaml.genesis.host}} echo GENESIS_HOST=$GENESIS_HOST -export GENESIS_PXE={{yaml.genesis.pxe}} -echo GENESIS_PXE=$GENESIS_PXE -export REGIONAL_SERVER_IP={{yaml.regional_server.ip}} -echo REGIONAL_SERVER_IP=$REGIONAL_SERVER_IP +export PXE_INTERFACE={{yaml.networks.pxe.interface}} +echo PXE_INTERFACE=$PXE_INTERFACE +export HOST_INTERFACE={{yaml.networks.host.interface}} +echo HOST_INTERFACE=$HOST_INTERFACE +export GENESIS_NAME={{yaml.genesis.name}} +echo GENESIS_NAME=$GENESIS_NAME diff --git a/tools/pegleg.sh b/tools/pegleg.sh new file mode 100755 index 0000000..b0fb2f6 --- /dev/null +++ b/tools/pegleg.sh @@ -0,0 +1,32 @@ +#!/usr/bin/env bash +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +set -x + +PEGLEG_IMAGE=${PEGLEG_IMAGE:-quay.io/airshipit/pegleg:09d85465827f1468d3469e5bbcf6b48f25338e7c} + +echo +echo "== NOTE: Workspace $WORKSPACE is available as /workspace in container context ==" +echo + +docker run --rm -t \ + --net=none \ + --workdir="/site" \ + -v "${WORKSPACE}:/site" \ + -v "${AIRSHIP_TREASUREMAP}:/global" \ + "${PEGLEG_IMAGE}" \ + pegleg "${@}" diff --git a/tools/setenv.sh b/tools/setenv.sh index 7e0e99d..f345e0d 100644 --- a/tools/setenv.sh +++ b/tools/setenv.sh @@ -1,6 +1,6 @@ #!/bin/bash ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -16,9 +16,7 @@ ############################################################################## -export YAML_BUILDS=/opt/yaml_builds +export YAML_BUILDS=/opt/akraino/yaml_builds echo YAML_BUILDS=$YAML_BUILDS -export AIC_CLCP_MANIFESTS=/opt/yaml_builds/aic-clcp-manifests -echo AIC_CLCP_MANIFESTS=$AIC_CLCP_MANIFESTS -export AIC_CLCP_SECURITY_MANIFESTS=/opt/yaml_builds/aic-clcp-security-manifests -echo AIC_CLCP_SECURITY_MANIFESTS=$AIC_CLCP_SECURITY_MANIFESTS +export AIRSHIP_TREASUREMAP=/root/airship-treasuremap +echo AIRSHIP_TREASUREMAP=$AIRSHIP_TREASUREMAP diff --git a/tools/single_step_deploy.sh b/tools/single_step_deploy.sh index 8fe225d..cc16b70 100644 --- a/tools/single_step_deploy.sh +++ b/tools/single_step_deploy.sh @@ -1,6 +1,6 @@ #!/bin/bash ############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -15,10 +15,11 @@ # limitations under the License. # ############################################################################## +set -x if [ -z "$1" ] then - echo "Plese pass site name as command line argument" + echo "Please pass site name as command line argument" exit -2 else export SITE=${SITE:-$1} diff --git a/tools/transfer.sh b/tools/transfer.sh new file mode 100644 index 0000000..d4993df --- /dev/null +++ b/tools/transfer.sh @@ -0,0 +1,54 @@ +#!/bin/bash +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +set -x +TIMESTAMP=$(date +"%Y%m%d%H%M") +echo "Logging to /var/log/yaml_builds/transfer_$TIMESTAMP.log" +exec > /var/log/yaml_builds/transfer_$TIMESTAMP.log +exec 2>&1 + +source $(dirname $0)/setenv.sh + +if [ -z "$1" ] +then + echo "Please pass site name as command line argument" + exit -2 +else + SITE=${SITE:-$1} + echo "SITE=$SITE" +fi + +if [ -z "$YAML_BUILDS" ] +then + echo "Please set YAML_BUILDS" + exit -3 +fi + + +source $(dirname $0)/env_$SITE.sh + +cd $YAML_BUILDS + +scp $YAML_BUILDS/tars/promenade-bundle-$SITE.tar $GENESIS_HOST:/tmp/ +ssh $GENESIS_HOST << EOF + # TODO avoid following hard coding$ + cp /tmp/promenade-bundle-$SITE.tar /root/akraino/ + cd /root/akraino/ + tar -xmf promenade-bundle-$SITE.tar +EOF +# Update BIOS Setting +python $YAML_BUILDS/scripts/update_bios_settings.py $SITE.yaml diff --git a/tools/update_iptables.sh b/tools/update_iptables.sh new file mode 100644 index 0000000..3abf9cc --- /dev/null +++ b/tools/update_iptables.sh @@ -0,0 +1,25 @@ +#!/bin/bash +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## + +HOST_INTERFACE= +PXE_INTERFACE= + +echo 1 > /proc/sys/net/ipv4/ip_forward +iptables -t nat -A POSTROUTING -o $HOST_INTERFACE -j MASQUERADE +iptables -A FORWARD -i $HOST_INTERFACE -o $PXE_INTERFACE -m state --state RELATED,ESTABLISHED -j ACCEPT +iptables -A FORWARD -i $PXE_INTERFACE -o $HOST_INTERFACE -j ACCEPT + diff --git a/version.properties b/version.properties index d997f6e..a91194b 100644 --- a/version.properties +++ b/version.properties @@ -14,4 +14,4 @@ # See the License for the specific language governing permissions and # limitations under the License. -export VERSION=0.0.1-SNAPSHOT +export VERSION=0.0.2-SNAPSHOT