From: davidplunkett Date: Tue, 29 Oct 2019 19:42:45 +0000 (+0000) Subject: updated templates and scripts for Airship 1.3 X-Git-Tag: 2.0.0-AKRAINO~29 X-Git-Url: https://gerrit.akraino.org/r/gitweb?a=commitdiff_plain;h=fbb206730195c6f03ded7658d08f1ef708ebf88b;hp=3395a537e26721ec33a80f66686ca932f9328722;p=yaml_builds.git updated templates and scripts for Airship 1.3 This is the first pass at updates to implement Unicycle SR-IOV with Airship treasuremap v1.3. These updates are not backward compatible with the treasuremap version for Akraino Release 1. Signed-off-by: davidplunkett Change-Id: I95224c8fa50281ea70689889ee1a385841c66635 --- diff --git a/dellgen10.yaml b/dellgen10-sriov-a13.yaml similarity index 66% rename from dellgen10.yaml rename to dellgen10-sriov-a13.yaml index 35d7f27..bfe58a8 100644 --- a/dellgen10.yaml +++ b/dellgen10-sriov-a13.yaml @@ -16,7 +16,7 @@ ############################################################################## site_name: dellgen10 -site_type: sriov +site_type: sriov-a13 ipmi_admin: username: root password: calvin @@ -51,7 +51,7 @@ networks: end: 192.168.2.86 static: start: 192.168.2.40 - end: 192.168.2.45 + end: 192.168.2.49 storage: vlan: 42 interface: bond0.42 @@ -84,19 +84,24 @@ networks: vlan: 44 interface: bond0.44 cidr: 172.29.1.0/24 + gateway: 172.29.1.1 local_asnumber: 65531 ranges: + reserved: + start: 172.29.1.1 + end: 172.29.1.10 static: - start: 172.29.1.5 + start: 172.29.1.11 end: 172.29.1.254 additional_cidrs: - 172.29.1.128/29 - ingress_cidr: 172.29.1.129/32 + ingress_vip: 172.29.1.129/32 peers: - ip: 172.29.1.1 scope: global asnumber: 65001 - vrrp_ip: 172.29.1.1 # keep peers ip address in case of only peer. + # keep peers ip address in case of only peer. + vrrp_ip: 172.29.1.1 neutron: vlan: 45 interface: bond0.45 @@ -140,91 +145,38 @@ sriov: vlan_start: 2001 vlan_end: 3000 whitelists: - - "address": "0000:87:02.0" - - "address": "0000:87:02.1" - - "address": "0000:87:03.2" - - "address": "0000:87:03.3" - - "address": "0000:87:03.4" - - "address": "0000:87:03.5" - - "address": "0000:87:03.6" - - "address": "0000:87:03.7" - - "address": "0000:87:04.0" - - "address": "0000:87:04.1" - - "address": "0000:87:04.2" - - "address": "0000:87:04.3" - - "address": "0000:87:02.2" - - "address": "0000:87:04.4" - - "address": "0000:87:04.5" - - "address": "0000:87:04.6" - - "address": "0000:87:04.7" - - "address": "0000:87:05.0" - - "address": "0000:87:05.1" - - "address": "0000:87:05.2" - - "address": "0000:87:05.3" - - "address": "0000:87:05.4" - - "address": "0000:87:05.5" - - "address": "0000:87:02.3" - - "address": "0000:87:05.6" - - "address": "0000:87:05.7" - - "address": "0000:87:02.4" - - "address": "0000:87:02.5" - - "address": "0000:87:02.6" - - "address": "0000:87:02.7" - - "address": "0000:87:03.0" - - "address": "0000:87:03.1" + - "address": "0000:87:02.*" + - "address": "0000:87:03.*" + - "address": "0000:87:04.*" + - "address": "0000:87:05.*" - physical: sriovnet2 interface: enp135s0f1 vlan_start: 2001 vlan_end: 3000 whitelists: - - "address": "0000:87:0a.0" - - "address": "0000:87:0a.1" - - "address": "0000:87:0b.2" - - "address": "0000:87:0b.3" - - "address": "0000:87:0b.4" - - "address": "0000:87:0b.5" - - "address": "0000:87:0b.6" - - "address": "0000:87:0b.7" - - "address": "0000:87:0c.0" - - "address": "0000:87:0c.1" - - "address": "0000:87:0c.2" - - "address": "0000:87:0c.3" - - "address": "0000:87:0a.2" - - "address": "0000:87:0c.4" - - "address": "0000:87:0c.5" - - "address": "0000:87:0c.6" - - "address": "0000:87:0c.7" - - "address": "0000:87:0d.0" - - "address": "0000:87:0d.1" - - "address": "0000:87:0d.2" - - "address": "0000:87:0d.3" - - "address": "0000:87:0d.4" - - "address": "0000:87:0d.5" - - "address": "0000:87:0a.3" - - "address": "0000:87:0d.6" - - "address": "0000:87:0d.7" - - "address": "0000:87:0a.4" - - "address": "0000:87:0a.5" - - "address": "0000:87:0a.6" - - "address": "0000:87:0a.7" - - "address": "0000:87:0b.0" - - "address": "0000:87:0b.1" + - "address": "0000:87:0a.*" + - "address": "0000:87:0b.*" + - "address": "0000:87:0c.*" + - "address": "0000:87:0d.*" storage: osds: - data: /dev/sda - journal: /var/lib/ceph/journal/journal-sda + journal: /dev/sdh1 - data: /dev/sdb - journal: /var/lib/ceph/journal/journal-sdb + journal: /dev/sdh2 - data: /dev/sdc - journal: /var/lib/ceph/journal/journal-sdc + journal: /dev/sdh3 + osd_count: 3 + total_osd_count: 9 +tenant_storage: + osds: - data: /dev/sdd - journal: /var/lib/ceph/journal/journal-sdd + journal: /dev/sdh4 - data: /dev/sde - journal: /var/lib/ceph/journal/journal-sde + journal: /dev/sdh5 - data: /dev/sdf - journal: /var/lib/ceph/journal/journal-sdf - osd_count: 6 - total_osd_count: 18 + journal: /dev/sdh6 + osd_count: 3 genesis: name: aknode40 oob: 192.168.41.40 @@ -242,6 +194,8 @@ masters: pxe: 172.30.2.41 ksn: 172.29.1.41 neutron: 10.0.102.41 + oob_user: root + oob_password: calvin - name : aknode42 oob: 192.168.41.42 host: 192.168.2.42 @@ -249,6 +203,8 @@ masters: pxe: 172.30.2.42 ksn: 172.29.1.42 neutron: 10.0.102.42 + oob_user: root + oob_password: calvin #workers: # - name : aknode43 # oob: 192.168.41.43 @@ -273,46 +229,90 @@ hardware: generation: '10' hw_version: '3' bios_version: '2.8' - bios_template: dell_r740_g14_uefi_base.xml.template + bios_template: boot_template: dell_r740_g14_uefi_httpboot.xml.template http_boot_device: NIC.Slot.2-1-1 + device_aliases: + ## network + - name: eno3 + key: pxe_nic01 + address: '0000:01:00.0' + dev_type: 'I350 Gigabit Network Connection' + bus_type: 'pci' + - name: enp94s0f0 + key: data_nic01 + address: '0000:5e:00.0' + dev_type: 'Ethernet 10G 2P X520 Adapter' + bus_type: 'pci' + - name: enp94s0f1 + key: data_nic02 + address: '0000:5e:00.1' + dev_type: 'Ethernet 10G 2P X520 Adapter' + bus_type: 'pci' + ## storage - use "dmesg | grep -Pe 'sd \d:\d'" to find address of drives + - name: /dev/sdg + key: bootdisk + address: '0:2.0.0' + dev_type: 'PERC H730P' + bus_type: 'scsi' + - name: /dev/sdh + key: cephjournal1 + address: '0:2.1.0' + dev_type: 'PERC H730P' + bus_type: 'scsi' + - name: /dev/sdi + key: cephjournal2 + address: '0:2.2.0' + dev_type: 'PERC H730P' + bus_type: 'scsi' + - name: /dev/sdj + key: ephemeral + address: '0:2.3.0' + dev_type: 'PERC H730P' + bus_type: 'scsi' + disks: - - name : sdg +# - name : sdg + - name : bootdisk labels: bootdrive: 'true' partitions: - name: root - size: 20g + size: 30g + bootable: true mountpoint: / - name: boot size: 1g mountpoint: /boot + - name: var_log + size: '100g' + mountpoint: /var/log - name: var - size: 100g + size: '>100g' mountpoint: /var - - name : sdh - partitions: - - name: ceph - size: 300g - mountpoint: /var/lib/ceph/journal disks_compute: - - name : sdg +# - name : sdg + - name : bootdisk labels: bootdrive: 'true' partitions: - name: root - size: 20g + size: 30g + bootable: true mountpoint: / - name: boot size: 1g mountpoint: /boot + - name: var_log + size: '100g' + mountpoint: /var/log - name: var - size: '>300g' + size: '>100g' mountpoint: /var - - name : sdh + - name : ephemeral partitions: - name: nova - size: '99%' + size: 99% mountpoint: /var/lib/nova genesis_ssh_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/n4mNLAj3XKG2fcm+8eVe0NUlNH0g8DA8KJ53rSLKccm8gm4UgLmGOJyBfUloQZMuOpU6a+hexN4ECCliqI7+KUmgJgsvLkJ3OUMNTEVu9tDX5mdXeffsufaqFkAdmbJ/9PMPiPQ3/UqbbtyEcqoZAwUWf4ggAWSp00SGE1Okg+skPSbDzPVHb4810eXZT1yoIg29HAenJNNrsVxvnMT2kw2OYmLfxgEUh1Ev4c5LnUog4GXBDHQtHAwaIoTu9s/q8VIvGav62RJVFn3U1D0jkiwDLSIFn8ezORQ4YkSidwdSrtqsqa2TJ0E5w/n5h5IVGO9neY8YlXrgynLd4Y+7 root@pocnjrsv132" kubernetes: diff --git a/hpgen10.yaml b/hpgen10.yaml deleted file mode 100644 index cfe1596..0000000 --- a/hpgen10.yaml +++ /dev/null @@ -1,325 +0,0 @@ ---- -############################################################################## -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -site_name: hpgen10 -site_type: sriov -ipmi_admin: - username: Administrator - password: Admin123 -networks: - bonded: yes - primary: bond0 - slaves: - - name: ens3f0 - - name: ens3f1 - oob: - vlan: 40 - interface: - cidr: 192.168.41.0/24 - routes: - gateway: 192.168.41.1 - ranges: - reserved: - start: 192.168.41.2 - end: 192.168.41.4 - static: - start: 192.168.41.5 - end: 192.168.41.254 - host: - vlan: 41 - interface: bond0.41 - cidr: 192.168.2.0/24 - routes: - gateway: 192.168.2.200 - ranges: - reserved: - start: 192.168.2.84 - end: 192.168.2.86 - static: - start: 192.168.2.1 - end: 192.168.2.83 - storage: - vlan: 42 - interface: bond0.42 - cidr: 172.31.1.0/24 - ranges: - static: - start: 172.31.1.2 - end: 172.31.1.254 - pxe: - vlan: - interface: eno1 - cidr: 172.30.1.0/24 - gateway: 172.30.1.1 - routes: - gateway: 172.30.1.30 - ranges: - reserved: - start: 172.30.1.1 - end: 172.30.1.10 - static: - start: 172.30.1.11 - end: 172.30.1.200 - dhcp: - start: 172.30.1.201 - end: 172.30.1.254 - ksn: - vlan: 44 - interface: bond0.44 - cidr: 172.29.1.0/24 - local_asnumber: 65531 - ranges: - static: - start: 172.29.1.5 - end: 172.29.1.254 - additional_cidrs: - - 172.29.1.136/29 - ingress_cidr: 172.29.1.137/32 - peers: - - ip: 172.29.1.1 - scope: global - asnumber: 65001 - vrrp_ip: 172.29.1.1 # keep peers ip address in case of only peer. - neutron: - vlan: 45 - interface: bond0.45 - cidr: 10.0.101.0/24 - ranges: - static: - start: 10.0.101.2 - end: 10.0.101.254 -dns: - upstream_servers: - - 192.168.2.85 - - 8.8.8.8 - - 8.8.8.8 - ingress_domain: hpgen10.akraino.org - domain: lab.akraino.org -gpu: - alias: - - name: "P4" - product_id: "1bb2" - vendor_id: "10de" - - name: "P40" - product_id: "1b38" - vendor_id: "10de" - - name: "P100" - product_id: "15f8" - vendor_id: "10de" - - name: "V100" - product_id: "1db4" - vendor_id: "10de" -sriov: - alias: - - name: "numa0" - product_id: "158b" - vendor_id: "8086" - nets: - - physical: sriovnet1 - interface: ens6f0 - vlan_start: 2001 - vlan_end: 3000 - whitelists: - - "address": "0000:af:02.0" - - "address": "0000:af:02.1" - - "address": "0000:af:02.2" - - "address": "0000:af:02.3" - - "address": "0000:af:02.4" - - "address": "0000:af:02.5" - - "address": "0000:af:02.6" - - "address": "0000:af:02.7" - - "address": "0000:af:03.0" - - "address": "0000:af:03.1" - - "address": "0000:af:03.2" - - "address": "0000:af:03.3" - - "address": "0000:af:03.4" - - "address": "0000:af:03.5" - - "address": "0000:af:03.6" - - "address": "0000:af:03.7" - - "address": "0000:af:04.0" - - "address": "0000:af:04.1" - - "address": "0000:af:04.2" - - "address": "0000:af:04.3" - - "address": "0000:af:04.4" - - "address": "0000:af:04.5" - - "address": "0000:af:04.6" - - "address": "0000:af:04.7" - - "address": "0000:af:05.0" - - "address": "0000:af:05.1" - - "address": "0000:af:05.2" - - "address": "0000:af:05.3" - - "address": "0000:af:05.4" - - "address": "0000:af:05.5" - - "address": "0000:af:05.6" - - "address": "0000:af:05.7" - - physical: sriovnet2 - interface: ens6f1 - vlan_start: 2001 - vlan_end: 3000 - whitelists: - - "address": "0000:af:0a.0" - - "address": "0000:af:0a.1" - - "address": "0000:af:0a.2" - - "address": "0000:af:0a.3" - - "address": "0000:af:0a.4" - - "address": "0000:af:0a.5" - - "address": "0000:af:0a.6" - - "address": "0000:af:0a.7" - - "address": "0000:af:0b.0" - - "address": "0000:af:0b.1" - - "address": "0000:af:0b.2" - - "address": "0000:af:0b.3" - - "address": "0000:af:0b.4" - - "address": "0000:af:0b.5" - - "address": "0000:af:0b.6" - - "address": "0000:af:0b.7" - - "address": "0000:af:0c.0" - - "address": "0000:af:0c.1" - - "address": "0000:af:0c.2" - - "address": "0000:af:0c.3" - - "address": "0000:af:0c.4" - - "address": "0000:af:0c.5" - - "address": "0000:af:0c.6" - - "address": "0000:af:0c.7" - - "address": "0000:af:0d.0" - - "address": "0000:af:0d.1" - - "address": "0000:af:0d.2" - - "address": "0000:af:0d.3" - - "address": "0000:af:0d.4" - - "address": "0000:af:0d.5" - - "address": "0000:af:0d.6" - - "address": "0000:af:0d.7" -storage: - osds: - - data: /dev/sdb - journal: /var/lib/ceph/journal/journal-sdb - - data: /dev/sdc - journal: /var/lib/ceph/journal/journal-sdc - - data: /dev/sdd - journal: /var/lib/ceph/journal/journal-sdd - - data: /dev/sde - journal: /var/lib/ceph/journal/journal-sde - - data: /dev/sdf - journal: /var/lib/ceph/journal/journal-sdf - - data: /dev/sdg - journal: /var/lib/ceph/journal/journal-sdg - - data: /dev/sdh - journal: /var/lib/ceph/journal/journal-sdh - - data: /dev/sdi - journal: /var/lib/ceph/journal/journal-sdi - osd_count: 8 - total_osd_count: 24 -genesis: - name: aknode30 - oob: 192.168.41.130 - host: 192.168.2.30 - storage: 172.31.1.30 - pxe: 172.30.1.30 - ksn: 172.29.1.30 - neutron: 10.0.101.30 - root_password: akraino,d - mac_address: 3c:fd:fe:aa:90:b0 -masters: - - name : aknode31 - oob: 192.168.41.131 - host: 192.168.2.31 - storage: 172.31.1.31 - pxe: 172.30.1.31 - ksn: 172.29.1.31 - neutron: 10.0.101.31 - - name : aknode32 - oob: 192.168.41.132 - host: 192.168.2.32 - storage: 172.31.1.32 - pxe: 172.30.1.32 - ksn: 172.29.1.32 - neutron: 10.0.101.32 -#workers: -# - name : aknode33 -# oob: 192.168.41.133 -# host: 192.168.2.33 -# storage: 172.31.1.33 -# pxe: 172.30.1.33 -# ksn: 172.29.1.33 -# neutron: 10.0.101.33 -platform: - vcpu_pin_set: "4-21,26-43,48-65,72-87" - kernel_params: - hugepagesz: '1G' - hugepages: 32 -# default_hugepagesz: '1G' - transparent_hugepage: 'never' - iommu: 'pt' - intel_iommu: 'on' - amd_iommu: 'on' -# console: 'ttyS1,115200n8' -hardware: - vendor: HP - generation: '10' - hw_version: '3' - bios_version: '2.8' - bios_template: hpe_dl380_g10_uefi_base.json.template - boot_template: hpe_dl380_g10_uefi_httpboot.json.template - http_boot_device: NIC.Slot.3-1-1 -disks: - - name : sdj - labels: - bootdrive: 'true' - partitions: - - name: root - size: 20g - mountpoint: / - - name: boot - size: 1g - mountpoint: /boot - - name: var - size: '>300g' - mountpoint: /var - - name : sdk - partitions: - - name: ceph - size: 300g - mountpoint: /var/lib/ceph/journal -disks_compute: - - name : sdj - labels: - bootdrive: 'true' - partitions: - - name: root - size: 20g - mountpoint: / - - name: boot - size: 1g - mountpoint: /boot - - name: var - size: '>300g' - mountpoint: /var - - name : sdk - partitions: - - name: nova - size: '99%' - mountpoint: /var/lib/nova -genesis_ssh_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/n4mNLAj3XKG2fcm+8eVe0NUlNH0g8DA8KJ53rSLKccm8gm4UgLmGOJyBfUloQZMuOpU6a+hexN4ECCliqI7+KUmgJgsvLkJ3OUMNTEVu9tDX5mdXeffsufaqFkAdmbJ/9PMPiPQ3/UqbbtyEcqoZAwUWf4ggAWSp00SGE1Okg+skPSbDzPVHb4810eXZT1yoIg29HAenJNNrsVxvnMT2kw2OYmLfxgEUh1Ev4c5LnUog4GXBDHQtHAwaIoTu9s/q8VIvGav62RJVFn3U1D0jkiwDLSIFn8ezORQ4YkSidwdSrtqsqa2TJ0E5w/n5h5IVGO9neY8YlXrgynLd4Y+7 root@pocnjrsv132" -kubernetes: - api_service_ip: 10.96.0.1 - etcd_service_ip: 10.96.0.2 - pod_cidr: 10.99.0.0/16 - service_cidr: 10.96.0.0/14 -regional_server: - ip: 135.16.101.85 -... - diff --git a/site_type/sriov-a13/templates/baremetal/bootactions/calico-ip-rules.j2 b/site_type/sriov-a13/templates/baremetal/bootactions/calico-ip-rules.j2 new file mode 100644 index 0000000..4f78f4b --- /dev/null +++ b/site_type/sriov-a13/templates/baremetal/bootactions/calico-ip-rules.j2 @@ -0,0 +1,85 @@ +--- +############################################################################## +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); you may # +# not use this file except in compliance with the License. # +# # +# You may obtain a copy of the License at # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +############################################################################## +# This file defines a boot action for MaaS to deploy the calico-ip-rules script +# to nodes, register with systemd, and runs the script on all PXE booted nodes. +# On the genesis node, this is a manual step detailed in deployment documentation. + +# NOTE: This is a copy from `aic-clcp-manifests/type/cruiser/v4.0/`, because +# this is an upstream manifest based on airship-treasuremap, which does not +# have bgp VIP configuration scripts. +schema: 'drydock/BootAction/v1' +metadata: + schema: 'metadata/Document/v1' + name: calico-ip-rules + storagePolicy: 'cleartext' + layeringDefinition: + abstract: false + layer: site + labels: + application: 'drydock' + substitutions: + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .calico.ip_rule.gateway + dest: + path: .assets[0].data + pattern: DH_SUB_GATEWAY_IP + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .kubernetes.pod_cidr + dest: + path: .assets[0].data + pattern: DH_SUB_POD_CIDR + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .calico.bgp.ipv4.public_service_cidr + dest: + path: .assets[0].data + pattern: DH_SUB_INGRESS_CIDR + # Substitution of the configure-ip-rules script into this bootaction + - src: + schema: pegleg/Script/v1 + name: configure-ip-rules + path: . + dest: + path: .assets[1].data +data: + signaling: false + assets: + - path: /etc/systemd/system/configure-ip-rules.service + type: unit + permissions: '444' + data: |- + [Unit] + Description=IP Rules Initialization Service + After=network-online.target local-fs.target + [Service] + Type=simple + ExecStart=/opt/configure-ip-rules.sh -g DH_SUB_GATEWAY_IP -c DH_SUB_POD_CIDR -s DH_SUB_INGRESS_CIDR + [Install] + WantedBy=multi-user.target + data_pipeline: + - utf8_decode + - path: /opt/configure-ip-rules.sh + type: file + permissions: '700' + data_pipeline: + - utf8_decode +... diff --git a/site_type/sriov-a13/templates/baremetal/nodes.j2 b/site_type/sriov-a13/templates/baremetal/nodes.j2 new file mode 100644 index 0000000..e786d86 --- /dev/null +++ b/site_type/sriov-a13/templates/baremetal/nodes.j2 @@ -0,0 +1,211 @@ +--- +# # Drydock BaremetalNode resources for a specific rack are stored in this file. +# # +# # NOTE: For new sites, you should complete the networks/physical/networks.yaml +# # file before working on this file. +# # +# # In this file, you should make the number of `drydock/BaremetalNode/v1` +# # resources equal the number of bare metal nodes you have, either by deleting +# # excess BaremetalNode definitions (if there are too many), or by copying and +# # pasting the last BaremetalNode in the file until you have the correct number +# # of baremetal nodes (if there are too few). +# # +# # Then in each file, address all additional NEWSITE-CHANGEME markers to update +# # the data in these files with the right values for your new site. +# # +# # *NOTE: The Genesis node is counted as one of the control plane nodes. Note +# # that the Genesis node does not appear on this bare metal list, because the +# # procedure to reprovision the Genesis host with MaaS has not yet been +# # implemented. Therefore there will be only three bare metal nodes in this file +# # with the 'masters' tag, as the genesis roles are assigned in a difference +# # place (profiles/genesis.yaml). +# # NOTE: The host profiles for the control plane are further divided into two +# # variants: primary and secondary. The only significance this has is that the +# # "primary" nodes are active Ceph nodes, whereas the "secondary" nodes are Ceph +# # standby nodes. For Ceph quorum, this means that the control plane split will +# # be 3 primary + 1 standby host profile, and the Genesis node counts toward one +# # of the 3 primary profiles. Other control plane services are not affected by +# # primary vs secondary designation. +# # +# # TODO: Include the hostname naming convention +# # +# schema: 'drydock/BaremetalNode/v1' +# metadata: + # schema: 'metadata/Document/v1' + # # NEWSITE-CHANGEME: Replace with the hostname of the first node in the rack, + # # after (excluding) genesis. + # name: cab23-r720-12 + # layeringDefinition: + # abstract: false + # layer: site + # storagePolicy: cleartext +# data: + # # NEWSITE-CHANGEME: The IPv4 address assigned to each logical network on this + # # node. In the reference Airship deployment, this is all logical Networks defined + # # in networks/physical/networks.yaml. IP addresses are manually assigned, by-hand. + # # (what could possibly go wrong!) The instructions differ for each logical + # # network, which are laid out below. + # addressing: + # # The iDrac/iLo IP of the node. It's important that this match up with the + # # node's hostname above, so that the rack number and node position encoded + # # in the hostname are accurate and matching the node that IPMI operations + # # will be performed against (for poweron, poweroff, PXE boot to wipe disk or + # # reconfigure identity, etc - very important to get right for these reasons). + # # These addresses should already be assigned to nodes racked and stacked in + # # the environment; these are not addresses which MaaS assigns. + # - network: oob + # address: 10.23.104.12 + # # The IP of the node on the PXE network. Refer to the static IP range + # # defined for the PXE network in networks/physical/networks.yaml. Begin allocating + # # IPs from this network, starting with the second IP (inclusive) from the + # # allocation range of this subnet (Genesis node will have the first IP). + # # Ex: If the start IP for the PXE "static" network is 10.23.20.11, then + # # genesis will have 10.23.20.11, this node will have 10.23.20.12, and + # # so on with incrementing IP addresses with each additional node. + # - network: pxe + # address: 10.23.20.12 + # # Genesis node gets first IP, all other nodes increment IPs from there + # # within the allocation range defined for the network in + # # networks/physical/networks.yaml + # - network: oam + # address: 10.23.21.12 + # # Genesis node gets first IP, all other nodes increment IPs from there + # # within the allocation range defined for the network in + # # networks/physical/networks.yaml + # - network: storage + # address: 10.23.23.12 + # # Genesis node gets first IP, all other nodes increment IPs from there + # # within the allocation range defined for the network in + # # networks/physical/networks.yaml + # - network: overlay + # address: 10.23.24.12 + # # Genesis node gets first IP, all other nodes increment IPs from there + # # within the allocation range defined for the network in + # # networks/physical/networks.yaml + # - network: calico + # address: 10.23.22.12 + # # NEWSITE-CHANGEME: Set the host profile for the node. + # # Note that there are different host profiles depending if this is a control + # # plane vs data plane node, and different profiles that map to different types + # # hardware. Control plane host profiles are further broken down into "primary" + # # and "secondary" profiles (refer to the Notes section at the top of this doc). + # # Select the host profile that matches up to your type of + # # hardware and function. E.g., the r720 here refers to Dell R720 hardware, the + # # 'cp' refers to a control plane profile, and the "primary" means it will be + # # an active member in the ceph quorum. Refer to profiles/host/ for the list + # # of available host profiles specific to this site (otherwise, you may find + # # a general set of host profiles at the "type" or "global" layers/folders. + # # If you have hardware that is not on this list of profiles, you may need to + # # create a new host profile for that hardware. + # # Regarding control plane vs other data plane profiles, refer to the notes at + # # the beginning of this file. There should be one control plane node per rack, + # # including Genesis. Note Genesis won't actually be listed in this file as a + # # BaremetalNode, but the rest are. + # # This is the second "primary" control plane node after Genesis. + # host_profile: cp_r720-primary + # metadata: + # tags: + # # NEWSITE-CHANGEME: See previous comment. Apply 'masters' tag for control + # # plane node, and 'workers' tag for data plane hosts. + # - 'masters' + # # NEWSITE-CHANGEME: Refer to site engineering package or other supporting + # # documentation for the specific rack name. This should be a rack name that + # # is meaningful to data center personnel (i.e. a rack they could locate if + # # you gave them this rack designation). + # rack: cab23 +# ... +{% for server in yaml.masters %} +{% if loop.index > 1 %} +--- +{% endif %} +schema: 'drydock/BaremetalNode/v1' +metadata: + schema: 'metadata/Document/v1' + # NEWSITE-CHANGEME: The next node's hostname + name: {{server.name}} + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + # NEWSITE-CHANGEME: The next node's IPv4 addressing + addressing: + - network: oob + address: {{server.oob}} + - network: pxe + address: {{server.pxe}} + - network: oam + address: {{server.host}} + - network: storage + address: {{server.storage}} + - network: overlay + address: {{server.neutron}} + - network: calico + address: {{server.ksn}} + # NEWSITE-CHANGEME: The next node's host profile + host_profile: cp_r720-primary + metadata: + # NEWSITE-CHANGEME: The next node's rack designation + rack: cab23 + # NEWSITE-CHANGEME: The next node's role desigatnion + tags: + - 'masters' +{% if 'platform' in yaml %} + platform: + kernel_params: +{% for key, value in yaml.platform.kernel_params.items() %} + {{key}}: '{{value}}' +{% endfor %} +{% if 'vcpu_pin_set' in yaml.platform %} + isolcpus: '{{yaml.platform.vcpu_pin_set}}' +{% endif %} +{% endif %} +... +{% endfor %} +{% if 'workers' in yaml %}{% for server in yaml.workers %} +--- +schema: 'drydock/BaremetalNode/v1' +metadata: + schema: 'metadata/Document/v1' + # NEWSITE-CHANGEME: The next node's hostname + name: cab23-r720-14 + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + # NEWSITE-CHANGEME: The next node's IPv4 addressing + addressing: + - network: oob + address: {{server.oob}} + - network: pxe + address: {{server.pxe}} + - network: oam + address: {{server.host}} + - network: storage + address: {{server.storage}} + - network: overlay + address: {{server.neutron}} + - network: calico + address: {{server.ksn}} + # NEWSITE-CHANGEME: The next node's host profile + # This is the third "primary" control plane profile after genesis + host_profile: dp_r720 + metadata: + # NEWSITE-CHANGEME: The next node's rack designation + rack: cab23 + # NEWSITE-CHANGEME: The next node's role desigatnion + tags: + - 'workers' +{% if 'platform' in yaml %} + platform: + kernel_params: +{% for key, value in yaml.platform.kernel_params.items() %} + {{key}}: '{{value}}' +{% endfor %} +{% if 'vcpu_pin_set' in yaml.platform %} + isolcpus: '{{yaml.platform.vcpu_pin_set}}' +{% endif %} +{% endif %} +... +{% endfor %}{% endif %} diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/networks/common-addresses.yaml b/site_type/sriov-a13/templates/networks/common-addresses.j2 similarity index 78% rename from site_type/sriov/airship-treasuremap/site/airship-seaworthy/networks/common-addresses.yaml rename to site_type/sriov-a13/templates/networks/common-addresses.j2 index 89188a6..b738f5d 100644 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/networks/common-addresses.yaml +++ b/site_type/sriov-a13/templates/networks/common-addresses.j2 @@ -21,10 +21,25 @@ data: # bond and VLAN number specified in networks/physical/networks.yaml for the Calico # network. E.g. VLAN 22 for the calico network as a member of bond0, you # would set "interface=bond0.22" as shown here. - ip_autodetection_method: interface=bond0.22 + ip_autodetection_method: interface={{yaml.networks.ksn.interface}} etcd: # etcd service IP address service_ip: 10.96.232.136 + ip_rule: + gateway: {{yaml.networks.ksn.gateway }} + bgp: + ipv4: + public_service_cidr: {{yaml.networks.ksn.additional_cidrs[0]}} + ingress_vip: {{yaml.networks.ksn.ingress_vip}} +{% if ('peers' in yaml.networks.ksn and yaml.networks.ksn.peers is not none and yaml.networks.ksn.peers is iterable ) %} + peers: +{% for peer in yaml.networks.ksn.peers %} + - {{peer.ip}} +{% endfor %} +{% endif %} + vip: + ingress_vip: '{{yaml.networks.host.ranges.static.end}}/32' + maas_vip: '{{yaml.networks.host.ranges.static.end}}/32' dns: # Kubernetes cluster domain. Do not change. This is internal to the cluster. @@ -34,16 +49,16 @@ data: # List of upstream DNS forwards. Verify you can reach them from your # environment. If so, you should not need to change them. upstream_servers: - - 8.8.8.8 - - 8.8.4.4 - - 208.67.222.222 +{% for server in yaml.dns.upstream_servers %} + - {{server}} +{% endfor %} # Repeat the same values as above, but formatted as a common separated # string - upstream_servers_joined: 8.8.8.8,8.8.4.4,208.67.222.222 + upstream_servers_joined: '{{yaml.dns.upstream_servers|batch(2)|first|join(',')}}' # NEWSITE-CHANGEME: FQDN for ingress (i.e. "publicly facing" access point) # Choose FQDN according to the ingress/public FQDN naming conventions at # the top of this document. - ingress_domain: airship-seaworthy.atlantafoundry.com + ingress_domain: {{yaml.dns.ingress_domain}} genesis: # NEWSITE-CHANGEME: Update with the hostname for the node which will take on @@ -51,25 +66,25 @@ data: # networks/physical/networks.yaml # NOTE: Ensure that the genesis node is manually configured with this # hostname before running `genesis.sh` on the node. - hostname: cab23-r720-11 + hostname: {{yaml.genesis.name}} # NEWSITE-CHANGEME: Calico IP of the Genesis node. Use the "start" value for # the calico network defined in networks/physical/networks.yaml for this IP. - ip: 10.23.22.11 + ip: {{yaml.genesis.ksn}} bootstrap: # NEWSITE-CHANGEME: Update with the "start" value/IP of the static range # defined for the pxe network in networks/physical/networks.yaml - ip: 10.23.20.11 + ip: {{yaml.genesis.pxe}} kubernetes: # K8s API service IP - api_service_ip: 10.96.0.1 + api_service_ip: {{yaml.kubernetes.api_service_ip}} # etcd service IP - etcd_service_ip: 10.96.0.2 + etcd_service_ip: {{yaml.kubernetes.etcd_service_ip}} # k8s pod CIDR (network which pod traffic will traverse) - pod_cidr: 10.97.0.0/16 + pod_cidr: {{yaml.kubernetes.pod_cidr}} # k8s service CIDR (network which k8s API traffic will traverse) - service_cidr: 10.96.0.0/16 + service_cidr: {{yaml.kubernetes.service_cidr}} # misc k8s port settings apiserver_port: 6443 haproxy_port: 6553 @@ -84,9 +99,9 @@ data: # control plane servers. Ensure that this matches the nodes with the 'masters' # tags applied in baremetal/nodes.yaml masters: - - hostname: cab23-r720-12 - - hostname: cab23-r720-13 - - hostname: cab23-r720-14 +{% for master in yaml.masters %} + - hostname: {{master.name}} +{% endfor %} # NEWSITE-CHANGEME: Environment proxy information. # NOTE: Reference Airship sites do not deploy behind a proxy, so this proxy section @@ -103,8 +118,6 @@ data: drydock_api: 30000 maas_api: 30001 maas_proxy: 31800 # hardcoded in MAAS - shipyard_api: 30003 - airflow_web: 30004 ntp: # comma separated NTP server list. Verify that these upstream NTP servers are @@ -136,22 +149,22 @@ data: ceph: # NEWSITE-CHANGEME: CIDRs for Ceph. Update to match the network CIDR # used for the `storage` network in networks/physical/networks.yaml - public_cidr: '10.23.23.0/24' - cluster_cidr: '10.23.23.0/24' + public_cidr: '{{yaml.networks.storage.cidr}}' + cluster_cidr: '{{yaml.networks.storage.cidr}}' neutron: # NEWSITE-CHANGEME: Overlay network for VM traffic. Ensure the bond name and # VLAN number are consistent with what's defined for the bond and the overlay # network in networks/physical/networks.yaml - tunnel_device: 'bond0.24' + tunnel_device: '{{yaml.networks.neutron.interface}}' # bond which the overlay is a member of. Ensure the bond name is consistent # with the bond assigned to the overlay network in # networks/physical/networks.yaml - external_iface: 'bond0' + external_iface: '{{yaml.networks.primary}}' openvswitch: # bond which the overlay is a member of. Ensure the bond name is consistent # with the bond assigned to the overlay network in # networks/physical/networks.yaml - external_iface: 'bond0' + external_iface: '{{yaml.networks.primary}}' ... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/networks/physical/networks.yaml b/site_type/sriov-a13/templates/networks/physical/networks.j2 similarity index 77% rename from site_type/sriov/airship-treasuremap/site/airship-seaworthy/networks/physical/networks.yaml rename to site_type/sriov-a13/templates/networks/physical/networks.j2 index 98853fd..22b8682 100644 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/networks/physical/networks.yaml +++ b/site_type/sriov-a13/templates/networks/physical/networks.j2 @@ -58,11 +58,11 @@ metadata: storagePolicy: cleartext data: # NEWSITE-CHANGEME: Update with the site's out-of-band CIDR - cidr: 10.23.104.0/24 + cidr: {{yaml.networks.oob.cidr}} routes: # NEWSITE-CHANGEME: Update with the site's out-of-band gateway IP - subnet: '0.0.0.0/0' - gateway: 10.23.104.1 + gateway: {{yaml.networks.oob.routes.gateway}} metric: 100 # NEWSITE-CHANGEME: Update with the site's out-of-band IP allocation range # FIXME: Is this IP range actually used/allocated for anything? The HW already @@ -70,8 +70,8 @@ data: # network either, as they should be routable via the default gw on OAM network ranges: - type: static - start: 10.23.104.11 - end: 10.23.104.21 + start: {{yaml.networks.oob.ranges.static.start}} + end: {{yaml.networks.oob.ranges.static.end}} ... --- schema: 'drydock/NetworkLink/v1' @@ -105,11 +105,11 @@ metadata: data: # NEWSITE-CHANGEME: Update with the site's PXE network CIDR # NOTE: The CIDR minimum size = (number of nodes * 2) + 10 - cidr: 10.23.20.0/24 + cidr: {{yaml.networks.pxe.cidr}} routes: - subnet: 0.0.0.0/0 # NEWSITE-CHANGEME: Set the OAM network gateway IP address - gateway: 10.23.20.1 + gateway: {{yaml.networks.pxe.routes.gateway}} metric: 100 # NOTE: The first 10 IPs in the subnet are reserved for network infrastructure. # The remainder of the range is divided between two subnets of equal size: @@ -122,27 +122,29 @@ data: ranges: # NEWSITE-CHANGEME: Update to the first 10 IPs in the CIDR - type: reserved - start: 10.23.20.1 - end: 10.23.20.10 + start: {{yaml.networks.pxe.ranges.reserved.start}} + end: {{yaml.networks.pxe.ranges.reserved.end}} # NEWSITE-CHANGEME: Update to the first half of the remaining range after # excluding the 10 reserved IPs. - type: static - start: 10.23.20.11 - end: 10.23.20.21 + start: {{yaml.networks.pxe.ranges.static.start}} + end: {{yaml.networks.pxe.ranges.static.end}} # NEWSITE-CHANGEME: Update to the second half of the remaining range after # excluding the 10 reserved IPs. - type: dhcp - start: 10.23.20.121 - end: 10.23.20.131 + start: {{yaml.networks.pxe.ranges.dhcp.start}} + end: {{yaml.networks.pxe.ranges.dhcp.end}} dns: # NEWSITE-CHANGEME: FQDN for bare metal nodes. # Choose FQDN according to the node FQDN naming conventions at the top of # this document. - domain: airship-seaworthy.atlantafoundry.com + domain: {% if 'dns' in yaml.networks.pxe and 'domain' in yaml.networks.pxe.dns %}{{yaml.networks.pxe.dns.domain}} + {% else %}{{yaml.dns.domain}} + {% endif %} # List of upstream DNS forwards. Verify you can reach them from your # environment. If so, you should not need to change them. # TODO: This should be populated via substitution from common-addresses - servers: '8.8.8.8,8.8.4.4,208.67.222.222' + servers: '{% if 'dns' in yaml.networks.pxe %}{{yaml.networks.pxe.dns.servers}}{% else %}{{yaml.dns.upstream_servers|join(' ')}}{% endif %}' ... --- schema: 'drydock/NetworkLink/v1' @@ -155,18 +157,22 @@ metadata: storagePolicy: cleartext data: bonding: +{% if yaml.networks.bonded %} mode: 802.3ad hash: layer3+4 peer_rate: fast mon_rate: 100 up_delay: 1000 down_delay: 3000 +{% else %} + mode: disabled +{% endif %} # NEWSITE-CHANGEME: Ensure the network switches in the environment are # configured for this MTU or greater. Even if switches are configured for or # can support a slightly higher MTU, there is no need (and negliable benefit) # to squeeze every last byte into the MTU (e.g., 9216 vs 9100). Leave MTU at # 9100 for maximum compatibility. - mtu: 9100 + mtu: 9000 linkspeed: auto trunking: mode: 802.1q @@ -187,35 +193,37 @@ metadata: storagePolicy: cleartext data: # NEWSITE-CHANGEME: Set the VLAN ID which the OAM network is on - vlan: '21' - mtu: 9100 + vlan: '{{yaml.networks.host.vlan}}' + mtu: 9000 # NEWSITE-CHANGEME: Set the CIDR for the OAM network # NOTE: The CIDR minimum size = number of nodes + 10 - cidr: 10.23.21.0/24 + cidr: {{yaml.networks.host.cidr}} routes: - subnet: 0.0.0.0/0 # NEWSITE-CHANGEME: Set the OAM network gateway IP address - gateway: 10.23.21.1 + gateway: {{yaml.networks.host.routes.gateway}} metric: 100 ranges: # NEWSITE-CHANGEME: Update to the first 10 IPs in the CIDR - type: reserved - start: 10.23.21.1 - end: 10.23.21.10 + start: {{yaml.networks.host.ranges.reserved.start}} + end: {{yaml.networks.host.ranges.reserved.end}} # NEWSITE-CHANGEME: Update to the remaining range after excluding the 10 # 10 reserved IPs. - type: static - start: 10.23.21.11 - end: 10.23.21.21 + start: {{yaml.networks.host.ranges.static.start}} + end: {{yaml.networks.host.ranges.static.end}} dns: # NEWSITE-CHANGEME: FQDN for bare metal nodes. # Choose FQDN according to the node FQDN naming conventions at the top of # this document. - domain: airship-seaworthy.atlantafoundry.com + domain: {% if 'dns' in yaml.networks.host and 'domain' in yaml.networks.host.dns %}{{yaml.networks.host.dns.domain}} + {% else %}{{yaml.dns.domain}} + {% endif %} # List of upstream DNS forwards. Verify you can reach them from your # environment. If so, you should not need to change them. # TODO: This should be populated via substitution from common-addresses - servers: '8.8.8.8,8.8.4.4,208.67.222.222' + servers: '{% if 'dns' in yaml.networks.host %}{{yaml.networks.host.dns.servers}}{% else %}{{yaml.dns.upstream_servers|join(' ')}}{% endif %}' ... --- schema: 'drydock/Network/v1' @@ -228,21 +236,21 @@ metadata: storagePolicy: cleartext data: # NEWSITE-CHANGEME: Set the VLAN ID which the storage network is on - vlan: '23' - mtu: 9100 + vlan: '{{yaml.networks.storage.vlan}}' + mtu: 9000 # NEWSITE-CHANGEME: Set the CIDR for the storage network # NOTE: The CIDR minimum size = number of nodes + 10 - cidr: 10.23.23.0/24 + cidr: {{yaml.networks.storage.cidr}} ranges: # NEWSITE-CHANGEME: Update to the first 10 IPs in the CIDR - type: reserved - start: 10.23.23.1 - end: 10.23.23.10 + start: {{yaml.networks.storage.ranges.reserved.start}} + end: {{yaml.networks.storage.ranges.reserved.end}} # NEWSITE-CHANGEME: Update to the remaining range after excluding the 10 # 10 reserved IPs. - type: static - start: 10.23.23.11 - end: 10.23.23.21 + start: {{yaml.networks.storage.ranges.static.start}} + end: {{yaml.networks.storage.ranges.static.end}} ... --- schema: 'drydock/Network/v1' @@ -255,21 +263,21 @@ metadata: storagePolicy: cleartext data: # NEWSITE-CHANGEME: Set the VLAN ID which the overlay network is on - vlan: '24' - mtu: 9100 + vlan: '{{yaml.networks.neutron.vlan}}' + mtu: 9000 # NEWSITE-CHANGEME: Set the CIDR for the overlay network # NOTE: The CIDR minimum size = number of nodes + 10 - cidr: 10.23.24.0/24 + cidr: {{yaml.networks.neutron.cidr}} ranges: # NEWSITE-CHANGEME: Update to the first 10 IPs in the CIDR - type: reserved - start: 10.23.24.1 - end: 10.23.24.10 + start: {{yaml.networks.neutron.ranges.reserved.start}} + end: {{yaml.networks.neutron.ranges.reserved.end}} # NEWSITE-CHANGEME: Update to the remaining range after excluding the 10 # 10 reserved IPs. - type: static - start: 10.23.24.11 - end: 10.23.24.21 + start: {{yaml.networks.neutron.ranges.static.start}} + end: {{yaml.networks.neutron.ranges.static.end}} ... --- schema: 'drydock/Network/v1' @@ -282,19 +290,19 @@ metadata: storagePolicy: cleartext data: # NEWSITE-CHANGEME: Set the VLAN ID which the calico network is on - vlan: '22' - mtu: 9100 + vlan: '{{yaml.networks.ksn.vlan}}' + mtu: 9000 # NEWSITE-CHANGEME: Set the CIDR for the calico network # NOTE: The CIDR minimum size = number of nodes + 10 - cidr: 10.23.22.0/24 + cidr: {{yaml.networks.ksn.cidr}} ranges: # NEWSITE-CHANGEME: Update to the first 10 IPs in the CIDR - type: reserved - start: 10.23.22.1 - end: 10.23.22.10 + start: {{yaml.networks.ksn.ranges.reserved.start}} + end: {{yaml.networks.ksn.ranges.reserved.end}} # NEWSITE-CHANGEME: Update to the remaining range after excluding the 10 # 10 reserved IPs. - type: static - start: 10.23.22.11 - end: 10.23.22.21 + start: {{yaml.networks.ksn.ranges.static.start}} + end: {{yaml.networks.ksn.ranges.static.end}} ... diff --git a/site_type/sriov/templates/pki/pki-catalog.j2 b/site_type/sriov-a13/templates/pki/pki-catalog.j2 similarity index 62% rename from site_type/sriov/templates/pki/pki-catalog.j2 rename to site_type/sriov-a13/templates/pki/pki-catalog.j2 index ae5ab0b..bea8a7d 100644 --- a/site_type/sriov/templates/pki/pki-catalog.j2 +++ b/site_type/sriov-a13/templates/pki/pki-catalog.j2 @@ -1,20 +1,9 @@ --- -############################################################################## -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - +# The purpose of this file is to define the PKI certificates for the environment +# +# NOTE: When deploying a new site, this file should not be configured until +# baremetal/nodes.yaml is complete. +# schema: promenade/PKICatalog/v1 metadata: schema: metadata/Document/v1 @@ -34,16 +23,33 @@ data: hosts: - localhost - 127.0.0.1 + # FIXME: Repetition of api_service_ip in common-addresses; use + # substitution - {{yaml.kubernetes.api_service_ip}} kubernetes_service_names: - kubernetes.default.svc.cluster.local + + # NEWSITE-CHANGEME: The following should be a list of all the nodes in + # the environment (genesis, control plane, data plane, everything). + # Add/delete from this list as necessary until all nodes are listed. + # For each node, the `hosts` list should be comprised of: + # 1. The node's hostname, as already defined in baremetal/nodes.yaml + # 2. The node's oam IP address, as already defined in baremetal/nodes.yaml + # 3. The node's Calico IP address, as already defined in baremetal/nodes.yaml + # NOTE: This list also needs to include the Genesis node, which is not + # listed in baremetal/nodes.yaml, but by convention should be allocated + # the first non-reserved IP in each logical network allocation range + # defined in networks/physical/networks.yaml + # NOTE: The genesis node needs to be defined twice (the first two entries + # on this list) with all of the same paramters except the document_name. + # In the first case the document_name is `kubelet-genesis`, and in the + # second case the document_name format is `kubelete-YOUR_GENESIS_HOSTNAME`. - document_name: kubelet-genesis common_name: system:node:{{yaml.genesis.name}} hosts: - {{yaml.genesis.name}} - {{yaml.genesis.host}} - {{yaml.genesis.ksn}} - - {{yaml.genesis.pxe}} groups: - system:nodes - document_name: kubelet-{{yaml.genesis.name}} @@ -52,7 +58,6 @@ data: - {{yaml.genesis.name}} - {{yaml.genesis.host}} - {{yaml.genesis.ksn}} - - {{yaml.genesis.pxe}} groups: - system:nodes {% for server in yaml.masters %} @@ -62,7 +67,6 @@ data: - {{server.name}} - {{server.host}} - {{server.ksn}} - - {{server.pxe}} groups: - system:nodes {% endfor %} @@ -73,10 +77,10 @@ data: - {{server.name}} - {{server.host}} - {{server.ksn}} - - {{server.pxe}} groups: - system:nodes {% endfor %}{% endif %} + # End node list - document_name: scheduler description: Service certificate for Kubernetes scheduler common_name: system:kube-scheduler @@ -97,17 +101,35 @@ data: - document_name: apiserver-etcd description: etcd client certificate for use by Kubernetes apiserver common_name: apiserver - # NOTE(mark-burnett): hosts not required for client certificates + # NOTE(mark-burnett): hosts not required for client certificates - document_name: kubernetes-etcd-anchor description: anchor common_name: anchor + # NEWSITE-CHANGEME: The following should be a list of the control plane + # nodes in the environment, including genesis. + # For each node, the `hosts` list should be comprised of: + # 1. The node's hostname, as already defined in baremetal/nodes.yaml + # 2. The node's oam IP address, as already defined in baremetal/nodes.yaml + # 3. The node's Calico IP address, as already defined in baremetal/nodes.yaml + # 4. 127.0.0.1 + # 5. localhost + # 6. kubernetes-etcd.kube-system.svc.cluster.local + # NOTE: This list also needs to include the Genesis node, which is not + # listed in baremetal/nodes.yaml, but by convention should be allocated + # the first non-reserved IP in each logical network allocation range + # defined in networks/physical/networks.yaml, except for the kubernetes + # service_cidr where it should start with the second IP in the range. + # NOTE: The genesis node is defined twice with the same `hosts` data: + # Once with its hostname in the common/document name, and once with + # `genesis` defined instead of the host. For now, this duplicated + # genesis definition is required. FIXME: Remove duplicate definition + # after Promenade addresses this issue. - document_name: kubernetes-etcd-genesis common_name: kubernetes-etcd-genesis hosts: - {{yaml.genesis.name}} - {{yaml.genesis.host}} - {{yaml.genesis.ksn}} - - {{yaml.genesis.pxe}} - 127.0.0.1 - localhost - kubernetes-etcd.kube-system.svc.cluster.local @@ -118,7 +140,6 @@ data: - {{yaml.genesis.name}} - {{yaml.genesis.host}} - {{yaml.genesis.ksn}} - - {{yaml.genesis.pxe}} - 127.0.0.1 - localhost - kubernetes-etcd.kube-system.svc.cluster.local @@ -127,24 +148,25 @@ data: - document_name: kubernetes-etcd-{{ server.name }} common_name: kubernetes-etcd-{{ server.name }} hosts: - - {{ server.name }} + - {{server.name}} - {{server.host}} - {{server.ksn}} - - {{server.pxe}} - 127.0.0.1 - localhost - kubernetes-etcd.kube-system.svc.cluster.local - {{yaml.kubernetes.etcd_service_ip}} {% endfor %} + # End node list kubernetes-etcd-peer: certificates: + # NEWSITE-CHANGEME: This list should be identical to the previous list, + # except that `-peer` has been appended to the document/common names. - document_name: kubernetes-etcd-genesis-peer common_name: kubernetes-etcd-genesis-peer hosts: - {{yaml.genesis.name}} - {{yaml.genesis.host}} - {{yaml.genesis.ksn}} - - {{yaml.genesis.pxe}} - 127.0.0.1 - localhost - kubernetes-etcd.kube-system.svc.cluster.local @@ -155,7 +177,6 @@ data: - {{yaml.genesis.name}} - {{yaml.genesis.host}} - {{yaml.genesis.ksn}} - - {{yaml.genesis.pxe}} - 127.0.0.1 - localhost - kubernetes-etcd.kube-system.svc.cluster.local @@ -167,25 +188,37 @@ data: - {{server.name}} - {{server.host}} - {{server.ksn}} - - {{server.pxe}} - 127.0.0.1 - localhost - kubernetes-etcd.kube-system.svc.cluster.local - {{yaml.kubernetes.etcd_service_ip}} {% endfor %} + # End node list calico-etcd: description: Certificates for Calico etcd client traffic certificates: - document_name: calico-etcd-anchor description: anchor common_name: anchor + # NEWSITE-CHANGEME: The following should be a list of the control plane + # nodes in the environment, including genesis. + # For each node, the `hosts` list should be comprised of: + # 1. The node's hostname, as already defined in baremetal/nodes.yaml + # 2. The node's oam IP address, as already defined in baremetal/nodes.yaml + # 3. The node's Calico IP address, as already defined in baremetal/nodes.yaml + # 4. 127.0.0.1 + # 5. localhost + # 6. The calico/etcd/service_ip defined in networks/common-addresses.yaml + # NOTE: This list also needs to include the Genesis node, which is not + # listed in baremetal/nodes.yaml, but by convention should be allocated + # the first non-reserved IP in each logical network allocation range + # defined in networks/physical/networks.yaml - document_name: calico-etcd-{{yaml.genesis.name}} common_name: calico-etcd-{{yaml.genesis.name}} hosts: - {{yaml.genesis.name}} - {{yaml.genesis.host}} - {{yaml.genesis.ksn}} - - {{yaml.genesis.pxe}} - 127.0.0.1 - localhost - 10.96.232.136 @@ -196,23 +229,24 @@ data: - {{server.name}} - {{server.host}} - {{server.ksn}} - - {{server.pxe}} - 127.0.0.1 - localhost - 10.96.232.136 {% endfor %} - document_name: calico-node common_name: calcico-node + # End node list calico-etcd-peer: description: Certificates for Calico etcd clients certificates: + # NEWSITE-CHANGEME: This list should be identical to the previous list, + # except that `-peer` has been appended to the document/common names. - document_name: calico-etcd-{{yaml.genesis.name}}-peer common_name: calico-etcd-{{yaml.genesis.name}}-peer hosts: - {{yaml.genesis.name}} - {{yaml.genesis.host}} - {{yaml.genesis.ksn}} - - {{yaml.genesis.pxe}} - 127.0.0.1 - localhost - 10.96.232.136 @@ -223,13 +257,13 @@ data: - {{server.name}} - {{server.host}} - {{server.ksn}} - - {{server.pxe}} - 127.0.0.1 - localhost - 10.96.232.136 {% endfor %} - document_name: calico-node-peer common_name: calcico-node-peer + # End node list keypairs: - name: service-account description: Service account signing key for use by Kubernetes controller-manager. diff --git a/site_type/sriov-a13/templates/profiles/hardware/dell_r720.j2 b/site_type/sriov-a13/templates/profiles/hardware/dell_r720.j2 new file mode 100644 index 0000000..4ed40d9 --- /dev/null +++ b/site_type/sriov-a13/templates/profiles/hardware/dell_r720.j2 @@ -0,0 +1,37 @@ +--- +schema: 'drydock/HardwareProfile/v1' +metadata: + schema: 'metadata/Document/v1' + name: dell_r720 + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + # Vendor of the server chassis + vendor: {{yaml.hardware.vendor}} + # Generation of the chassis model + generation: '{{yaml.hardware.generation}}' + # Version of the chassis model within its generation - not version of the hardware definition + hw_version: '{{yaml.hardware.hw_version}}' + # The certified version of the chassis BIOS + bios_version: '{{yaml.hardware.bios_version}}' + # Mode of the default boot of hardware - bios, uefi + boot_mode: bios + # Protocol of boot of the hardware - pxe, usb, hdd + bootstrap_protocol: pxe + # Which interface to use for network booting within the OOB manager, not OS device + pxe_interface: 0 + # Map hardware addresses to aliases/roles to allow a mix of hardware configs + # in a site to result in a consistent configuration + device_aliases: +{% if 'hardware' in yaml and 'device_aliases' in yaml.hardware %} +{% for device in yaml.hardware.device_aliases %} + # {{ device.name }} + {{ device.key }}: + address: '{{ device.address }}' + dev_type: '{{ device.dev_type }}' + bus_type: '{{ device.bus_type }}' +{% endfor %} +{% endif %} +... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/profiles/host/cp_r720.yaml b/site_type/sriov-a13/templates/profiles/host/cp_r720.j2 similarity index 64% rename from site_type/sriov/airship-treasuremap/site/airship-seaworthy/profiles/host/cp_r720.yaml rename to site_type/sriov-a13/templates/profiles/host/cp_r720.j2 index 3ace09a..b9ab3c9 100644 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/profiles/host/cp_r720.yaml +++ b/site_type/sriov-a13/templates/profiles/host/cp_r720.j2 @@ -21,24 +21,21 @@ metadata: - method: merge path: . data: - # TODO: fixup proper HW profiles - hardware_profile: DELL_HP_Generic + hardware_profile: dell_r720 primary_network: oam interfaces: pxe: device_link: pxe slaves: - - eno1 + - pxe_nic01 networks: - pxe bond0: device_link: data slaves: - - enp67s0f0 - - enp67s0f1 - - enp68s0f0 - - enp68s0f1 + - data_nic01 + - data_nic02 networks: - oam - storage @@ -47,48 +44,45 @@ data: storage: physical_devices: - sda: +{% for disk in yaml.disks %} + {{disk.name}}: + {% if 'labels' in disk %} labels: - bootdrive: 'true' + {% for key, value in disk.labels.items() %} + {{key}}: '{{value}}' + {% endfor %} + {% endif %} partitions: - - name: 'root' - size: '30g' - bootable: true + {% for p in disk.partitions %} + - name: '{{p.name}}' + size: '{{p.size}}' + {% if 'bootable' in p %} + bootable: {{p.bootable}} + {% endif %} filesystem: - mountpoint: '/' + mountpoint: '{{p.mountpoint}}' fstype: 'ext4' mount_options: 'defaults' - - name: 'boot' - size: '1g' - filesystem: - mountpoint: '/boot' - fstype: 'ext4' - mount_options: 'defaults' - - name: 'var_log' - size: '100g' - filesystem: - mountpoint: '/var/log' - fstype: 'ext4' - mount_options: 'defaults' - - name: 'var' - size: '>100g' - filesystem: - mountpoint: '/var' - fstype: 'ext4' - mount_options: 'defaults' - sdb: - partitions: - - name: 'cephj' - size: '100g' - filesystem: - mountpoint: '/var/lib/ceph/cp' - fstype: 'xfs' - mount_options: 'defaults' + {% endfor %} +{% endfor %} platform: kernel: 'hwe-16.04' kernel_params: +{% if 'platform' in yaml and 'kernel_params' in yaml.platform %} +{% for key, value in yaml.platform.kernel_params.items() %} + {{key}}: '{{value}}' +{% endfor %} +{% else %} console: 'ttyS1,115200n8' + intel_iommu: 'on' + iommu: 'pt' + amd_iommu: 'on' + transparent_hugepage: 'never' +{% endif %} +{% if 'platform' in yaml and 'vcpu_pin_set' in yaml.platform %} + isolcpus: '{{yaml.platform.vcpu_pin_set}}' +{% endif %} metadata: owner_data: @@ -115,24 +109,21 @@ metadata: - method: merge path: . data: - # TODO: fixup proper HW profiles - hardware_profile: DELL_HP_Generic + hardware_profile: dell_r720 primary_network: oam interfaces: pxe: device_link: pxe slaves: - - eno1 + - pxe_nic01 networks: - pxe bond0: device_link: data slaves: - - enp67s0f0 - - enp67s0f1 - - enp68s0f0 - - enp68s0f1 + - data_nic01 + - data_nic02 networks: - oam - storage @@ -141,48 +132,45 @@ data: storage: physical_devices: - sda: +{% for disk in yaml.disks %} + {{disk.name}}: + {% if 'labels' in disk %} labels: - bootdrive: 'true' + {% for key, value in disk.labels.items() %} + {{key}}: '{{value}}' + {% endfor %} + {% endif %} partitions: - - name: 'root' - size: '30g' - bootable: true + {% for p in disk.partitions %} + - name: '{{p.name}}' + size: '{{p.size}}' + {% if 'bootable' in p %} + bootable: {{p.bootable}} + {% endif %} filesystem: - mountpoint: '/' + mountpoint: '{{p.mountpoint}}' fstype: 'ext4' mount_options: 'defaults' - - name: 'boot' - size: '1g' - filesystem: - mountpoint: '/boot' - fstype: 'ext4' - mount_options: 'defaults' - - name: 'var_log' - size: '100g' - filesystem: - mountpoint: '/var/log' - fstype: 'ext4' - mount_options: 'defaults' - - name: 'var' - size: '>100g' - filesystem: - mountpoint: '/var' - fstype: 'ext4' - mount_options: 'defaults' - sdb: - partitions: - - name: 'cephj' - size: '100g' - filesystem: - mountpoint: '/var/lib/ceph/cp' - fstype: 'xfs' - mount_options: 'defaults' + {% endfor %} +{% endfor %} platform: kernel: 'hwe-16.04' kernel_params: +{% if 'platform' in yaml and 'kernel_params' in yaml.platform %} +{% for key, value in yaml.platform.kernel_params.items() %} + {{key}}: '{{value}}' +{% endfor %} +{% else %} console: 'ttyS1,115200n8' + intel_iommu: 'on' + iommu: 'pt' + amd_iommu: 'on' + transparent_hugepage: 'never' +{% endif %} +{% if 'platform' in yaml and 'vcpu_pin_set' in yaml.platform %} + isolcpus: '{{yaml.platform.vcpu_pin_set}}' +{% endif %} metadata: owner_data: @@ -205,7 +193,6 @@ data: openstack-neutron: enabled openvswitch: enabled ucp-barbican: enabled - ceph-bootstrap: enabled # ceph-mon: enabled ceph-mgr: enabled ceph-osd: enabled @@ -213,6 +200,10 @@ data: ceph-rgw: enabled ucp-maas: enabled kube-dns: enabled + tenant-ceph-control-plane: enabled + # tenant-ceph-mon: enabled + tenant-ceph-rgw: enabled + tenant-ceph-mgr: enabled kubernetes-apiserver: enabled kubernetes-controller-manager: enabled # kubernetes-etcd: enabled diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/profiles/host/dp_r720.yaml b/site_type/sriov-a13/templates/profiles/host/dp_r720.j2 similarity index 50% rename from site_type/sriov/airship-treasuremap/site/airship-seaworthy/profiles/host/dp_r720.yaml rename to site_type/sriov-a13/templates/profiles/host/dp_r720.j2 index d5014ad..b32c0e2 100644 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/profiles/host/dp_r720.yaml +++ b/site_type/sriov-a13/templates/profiles/host/dp_r720.j2 @@ -20,24 +20,21 @@ metadata: - method: merge path: . data: - # TODO: fixup proper HW profiles - hardware_profile: DELL_HP_Generic + hardware_profile: dell_r720 primary_network: oam interfaces: pxe: device_link: pxe slaves: - - eno1 + - pxe_nic01 networks: - pxe bond0: device_link: data slaves: - - enp67s0f0 - - enp67s0f1 - - enp68s0f0 - - enp68s0f1 + - data_nic01 + - data_nic02 networks: - oam - storage @@ -46,45 +43,43 @@ data: storage: physical_devices: - sda: +{% for disk in yaml.disks %} + {{disk.name}}: + {% if 'labels' in disk %} labels: - bootdrive: 'true' + {% for key, value in disk.labels.items() %} + {{key}}: '{{value}}' + {% endfor %} + {% endif %} partitions: - - name: 'root' - size: '30g' - bootable: true + {% for p in disk.partitions %} + - name: '{{p.name}}' + size: '{{p.size}}' + {% if 'bootable' in p %} + bootable: {{p.bootable}} + {% endif %} filesystem: - mountpoint: '/' - fstype: 'ext4' - mount_options: 'defaults' - - name: 'boot' - size: '1g' - filesystem: - mountpoint: '/boot' - fstype: 'ext4' - mount_options: 'defaults' - - name: 'var_log' - size: '100g' - filesystem: - mountpoint: '/var/log' - fstype: 'ext4' - mount_options: 'defaults' - - name: 'var' - size: '>100g' - filesystem: - mountpoint: '/var' - fstype: 'ext4' - mount_options: 'defaults' - sdb: - partitions: - - name: 'nova' - size: '99%' - filesystem: - mountpoint: '/var/lib/nova' + mountpoint: '{{p.mountpoint}}' fstype: 'ext4' mount_options: 'defaults' + {% endfor %} +{% endfor %} + platform: kernel: 'hwe-16.04' kernel_params: +{% if 'platform' in yaml and 'kernel_params' in yaml.platform %} +{% for key, value in yaml.platform.kernel_params.items() %} + {{key}}: '{{value}}' +{% endfor %} +{% else %} console: 'ttyS1,115200n8' + intel_iommu: 'on' + iommu: 'pt' + amd_iommu: 'on' + transparent_hugepage: 'never' +{% endif %} +{% if 'platform' in yaml and 'vcpu_pin_set' in yaml.platform %} + isolcpus: '{{yaml.platform.vcpu_pin_set}}' +{% endif %} ... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/profiles/region.yaml b/site_type/sriov-a13/templates/profiles/region.j2 similarity index 83% rename from site_type/sriov/airship-treasuremap/site/airship-seaworthy/profiles/region.yaml rename to site_type/sriov-a13/templates/profiles/region.j2 index 9bef95a..c20a5e8 100644 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/profiles/region.yaml +++ b/site_type/sriov-a13/templates/profiles/region.j2 @@ -4,27 +4,27 @@ schema: 'drydock/Region/v1' metadata: schema: 'metadata/Document/v1' - # NEWSITE-CHANGEME: Replace with the site name - name: airship-seaworthy + # NEWSITE-CHANGEXX: Replace with the site name + name: {{yaml.site_name}} layeringDefinition: abstract: false layer: site storagePolicy: cleartext substitutions: - # NEWSITE-CHANGEME: Substitutions from deckhand SSH public keys into the + # NEWSITE-CHANGEXX: Substitutions from deckhand SSH public keys into the # list of authorized keys which MaaS will register for the build-in "ubuntu" # account during the PXE process. Create a substitution rule for each SSH # key that should have access to the "ubuntu" account (useful for trouble- # shooting problems before UAM or UAM-lite is operational). SSH keys are - # stored as secrets in site/airship-seaworthy/secrets. + # stored as secrets in site/seaworthy/secrets. - dest: # Add/replace the first item in the list path: .authorized_keys[0] src: schema: deckhand/PublicKey/v1 # This should match the "name" metadata of the SSH key which will be - # substituted, located in site/airship-seaworthy/secrets folder. - name: airship_ssh_public_key + # substituted, located in site/seaworthy/secrets folder. + name: localadmin_ssh_public_key path: . - dest: path: .repositories.main_archive diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/certificates/ingress.yaml b/site_type/sriov-a13/templates/secrets/certificates/ingress.j2 similarity index 96% rename from site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/certificates/ingress.yaml rename to site_type/sriov-a13/templates/secrets/certificates/ingress.j2 index 3bd7a2e..b799fdb 100644 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/certificates/ingress.yaml +++ b/site_type/sriov-a13/templates/secrets/certificates/ingress.j2 @@ -1,12 +1,15 @@ --- -# self-signed certifacte generated based on -# https://libvirt.org/remote.html#Remote_certificates +# Example manifest for ingress cert. +# NEWSITE-CHANGEME: must be replaced with proper/valid set, +# self-signed certs are not supported. metadata: layeringDefinition: abstract: false layer: site name: ingress-crt schema: metadata/Document/v1 + labels: + name: ingress-crt-site storagePolicy: cleartext schema: deckhand/Certificate/v1 data: | @@ -48,6 +51,8 @@ metadata: layer: site name: ingress-ca schema: metadata/Document/v1 + labels: + name: ingress-ca-site storagePolicy: cleartext schema: deckhand/CertificateAuthority/v1 data: | @@ -83,6 +88,8 @@ metadata: layer: site name: ingress-key schema: metadata/Document/v1 + labels: + name: ingress-key-site storagePolicy: cleartext schema: deckhand/CertificateKey/v1 data: | diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ipmi_admin_password.yaml b/site_type/sriov-a13/templates/secrets/passphrases/ipmi_admin_password.j2 similarity index 70% rename from site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ipmi_admin_password.yaml rename to site_type/sriov-a13/templates/secrets/passphrases/ipmi_admin_password.j2 index 7e4473d..af88312 100644 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ipmi_admin_password.yaml +++ b/site_type/sriov-a13/templates/secrets/passphrases/ipmi_admin_password.j2 @@ -6,6 +6,8 @@ metadata: layeringDefinition: abstract: false layer: site + labels: + name: ipmi-admin-password-site storagePolicy: cleartext -data: password123 +data: {{yaml.ipmi_admin.password}} ... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ubuntu_crypt_password.yaml b/site_type/sriov-a13/templates/secrets/passphrases/ubuntu_crypt_password.j2 similarity index 65% rename from site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ubuntu_crypt_password.yaml rename to site_type/sriov-a13/templates/secrets/passphrases/ubuntu_crypt_password.j2 index 4d60468..ace4e1e 100644 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ubuntu_crypt_password.yaml +++ b/site_type/sriov-a13/templates/secrets/passphrases/ubuntu_crypt_password.j2 @@ -8,5 +8,5 @@ metadata: layer: site storagePolicy: cleartext # Pass: password123 -data: $6$qgvZ3LC9.t59Akqy$HAJfJpdrN8Ld9ssGyjFPzyJ3WUGN.ucqhSyA25LFjBrSYboVFgX8wLomRwlf5YIn1siaXHSh4JaPJED3BO36J1 +data: {{yaml.genesis.root_password}} ... diff --git a/site_type/sriov/templates/secrets/publickey/localadmin_ssh_public_key.j2 b/site_type/sriov-a13/templates/secrets/publickey/localadmin_ssh_public_key.j2 similarity index 100% rename from site_type/sriov/templates/secrets/publickey/localadmin_ssh_public_key.j2 rename to site_type/sriov-a13/templates/secrets/publickey/localadmin_ssh_public_key.j2 diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/site-definition.yaml b/site_type/sriov-a13/templates/site-definition.j2 similarity index 76% rename from site_type/sriov/airship-treasuremap/site/airship-seaworthy/site-definition.yaml rename to site_type/sriov-a13/templates/site-definition.j2 index b45d369..eed8a4b 100644 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/site-definition.yaml +++ b/site_type/sriov-a13/templates/site-definition.j2 @@ -7,11 +7,9 @@ metadata: abstract: false layer: site # NEWSITE-CHANGEME: Replace with the site name - name: airship-seaworthy + name: {{yaml.site_name}} storagePolicy: cleartext data: - # Deprecated revision system, will be removed later. Do not modify. - revision: v4.0 # The type layer this site will delpoy with. Type layer is found in the # type folder. site_type: foundry diff --git a/site_type/sriov-a13/templates/software/charts/kubernetes/container-networking/calico.j2 b/site_type/sriov-a13/templates/software/charts/kubernetes/container-networking/calico.j2 new file mode 100644 index 0000000..6a2b934 --- /dev/null +++ b/site_type/sriov-a13/templates/software/charts/kubernetes/container-networking/calico.j2 @@ -0,0 +1,65 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: kubernetes-calico + replacement: true + #labels: + # name: kubernetes-calico-global + # component: kubernetes-calico + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: kubernetes-calico-global + actions: + - method: merge + path: . + storagePolicy: cleartext + substitutions: + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .calico.bgp.ipv4.public_service_cidr + dest: + path: .values.networking.bgp.ipv4.additional_cidrs[0] + +data: + values: + networking: + mtu: 1500 + settings: +{% if ('peers' in yaml.networks.ksn and yaml.networks.ksn.peers is not none and yaml.networks.ksn.peers is iterable ) %} + mesh: "off" + ippool: + ipip: + enabled: "false" +{% else %} + mesh: "on" + ippool: + ipip: + enabled: "true" + mode: "Always" + nat_outgoing: "true" + disabled: "false" +{% endif %} + bgp: + asnumber: {{yaml.networks.ksn.local_asnumber}} + ipv4: + additional_cidrs: +{% for add_cidr in yaml.networks.ksn.additional_cidrs %} + - {{add_cidr}} +{% endfor %} +{% if ('peers' in yaml.networks.ksn and yaml.networks.ksn.peers is not none and yaml.networks.ksn.peers is iterable ) %} + peers: +{% for peer in yaml.networks.ksn.peers %} + - apiVersion: projectcalico.org/v3 + kind: bgpPeer + metadata: + name: peer-{{loop.index-1}} + spec: + peerIP: {{peer.ip}} + asnumber: {{peer.asnumber}} +{% endfor %} +{% endif %} +... diff --git a/site_type/sriov-a13/templates/software/charts/kubernetes/container-networking/etcd.j2 b/site_type/sriov-a13/templates/software/charts/kubernetes/container-networking/etcd.j2 new file mode 100644 index 0000000..86a765c --- /dev/null +++ b/site_type/sriov-a13/templates/software/charts/kubernetes/container-networking/etcd.j2 @@ -0,0 +1,99 @@ +--- +# The purpose of this file is to build the list of calico etcd nodes and the +# calico etcd certs for those nodes in the environment. +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: kubernetes-calico-etcd + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: kubernetes-calico-etcd-global + actions: + - method: merge + path: . + storagePolicy: cleartext + substitutions: + # Generate a list of control plane nodes (i.e. genesis node + master node + # list) on which calico etcd will run and will need certs. It is assumed + # that Airship sites will have 4 control plane nodes, so this should not need to + # change for a new site. + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .genesis.hostname + dest: + path: .values.nodes[0].name +{% for server in yaml.masters %} + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .masters[{{loop.index-1}}].hostname + dest: + path: .values.nodes[{{loop.index}}].name +{% endfor %} + + # Certificate substitutions for the node names assembled on the above list. + # NEWSITE-CHANGEME: Per above, the number of substitutions should not need + # to change with a standard Airship deployment. However, the names of each + # deckhand certficiate should be updated with the correct hostnames for your + # environment. The ordering is important (Genesis is index 0, then master + # nodes in the order they are specified in common-addresses). + + # Genesis node {{yaml.genesis.name}} + - src: + schema: deckhand/Certificate/v1 + name: calico-etcd-{{yaml.genesis.name}} + path: . + dest: + path: .values.nodes[0].tls.client.cert + - src: + schema: deckhand/CertificateKey/v1 + name: calico-etcd-{{yaml.genesis.name}} + path: . + dest: + path: .values.nodes[0].tls.client.key + - src: + schema: deckhand/Certificate/v1 + name: calico-etcd-{{yaml.genesis.name}}-peer + path: . + dest: + path: .values.nodes[0].tls.peer.cert + - src: + schema: deckhand/CertificateKey/v1 + name: calico-etcd-{{yaml.genesis.name}}-peer + path: . + dest: + path: .values.nodes[0].tls.peer.key +{% for server in yaml.masters %} + + # Master node {{server.name}} + - src: + schema: deckhand/Certificate/v1 + name: calico-etcd-{{server.name}} + path: . + dest: + path: .values.nodes[{{loop.index}}].tls.client.cert + - src: + schema: deckhand/CertificateKey/v1 + name: calico-etcd-{{server.name}} + path: . + dest: + path: .values.nodes[{{loop.index}}].tls.client.key + - src: + schema: deckhand/Certificate/v1 + name: calico-etcd-{{server.name}}-peer + path: . + dest: + path: .values.nodes[{{loop.index}}].tls.peer.cert + - src: + schema: deckhand/CertificateKey/v1 + name: calico-etcd-{{server.name}}-peer + path: . + dest: + path: .values.nodes[{{loop.index}}].tls.peer.key +{% endfor %} + +data: {} +... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/kubernetes/etcd/etcd.yaml b/site_type/sriov-a13/templates/software/charts/kubernetes/etcd/etcd.j2 similarity index 54% rename from site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/kubernetes/etcd/etcd.yaml rename to site_type/sriov-a13/templates/software/charts/kubernetes/etcd/etcd.j2 index b32495e..b99a105 100644 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/kubernetes/etcd/etcd.yaml +++ b/site_type/sriov-a13/templates/software/charts/kubernetes/etcd/etcd.j2 @@ -25,24 +25,14 @@ metadata: path: .genesis.hostname dest: path: .values.nodes[0].name +{% for server in yaml.masters %} - src: schema: pegleg/CommonAddresses/v1 name: common-addresses - path: .masters[0].hostname + path: .masters[{{loop.index-1}}].hostname dest: - path: .values.nodes[1].name - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .masters[1].hostname - dest: - path: .values.nodes[2].name - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .masters[2].hostname - dest: - path: .values.nodes[3].name + path: .values.nodes[{{loop.index}}].name +{% endfor %} # Certificate substitutions for the node names assembled on the above list. # NEWSITE-CHANGEME: Per above, the number of substitutions should not need @@ -56,6 +46,8 @@ metadata: # genesis node, but `genesis` is reference here in the certificate names # because of certain Promenade assumptions that may be addressed in the # future. Therefore `genesis` is used instead of `cab23-r720-11` here. + + # Genesis node {{yaml.genesis.name}} - src: schema: deckhand/Certificate/v1 name: kubernetes-etcd-genesis @@ -80,84 +72,34 @@ metadata: path: . dest: path: .values.nodes[0].tls.peer.key +{% for server in yaml.masters %} - # master node 1 hostname - cab23-r720-12 + # Master node {{loop.index}} hostname - {{server.name}} - src: schema: deckhand/Certificate/v1 - name: kubernetes-etcd-cab23-r720-12 + name: kubernetes-etcd-{{server.name}} path: . dest: - path: .values.nodes[1].tls.client.cert + path: .values.nodes[{{loop.index}}].tls.client.cert - src: schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-cab23-r720-12 + name: kubernetes-etcd-{{server.name}} path: . dest: - path: .values.nodes[1].tls.client.key + path: .values.nodes[{{loop.index}}].tls.client.key - src: schema: deckhand/Certificate/v1 - name: kubernetes-etcd-cab23-r720-12-peer + name: kubernetes-etcd-{{server.name}}-peer path: . dest: - path: .values.nodes[1].tls.peer.cert + path: .values.nodes[{{loop.index}}].tls.peer.cert - src: schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-cab23-r720-12-peer + name: kubernetes-etcd-{{server.name}}-peer path: . dest: - path: .values.nodes[1].tls.peer.key - - # master node 2 hostname - cab23-r720-13 - - src: - schema: deckhand/Certificate/v1 - name: kubernetes-etcd-cab23-r720-13 - path: . - dest: - path: .values.nodes[2].tls.client.cert - - src: - schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-cab23-r720-13 - path: . - dest: - path: .values.nodes[2].tls.client.key - - src: - schema: deckhand/Certificate/v1 - name: kubernetes-etcd-cab23-r720-13-peer - path: . - dest: - path: .values.nodes[2].tls.peer.cert - - src: - schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-cab23-r720-13-peer - path: $ - dest: - path: .values.nodes[2].tls.peer.key - - # master node 3 hostname - cab23-r720-14 - - src: - schema: deckhand/Certificate/v1 - name: kubernetes-etcd-cab23-r720-14 - path: . - dest: - path: .values.nodes[3].tls.client.cert - - src: - schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-cab23-r720-14 - path: . - dest: - path: .values.nodes[3].tls.client.key - - src: - schema: deckhand/Certificate/v1 - name: kubernetes-etcd-cab23-r720-14-peer - path: . - dest: - path: .values.nodes[3].tls.peer.cert - - src: - schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-cab23-r720-14-peer - path: $ - dest: - path: .values.nodes[3].tls.peer.key + path: .values.nodes[{{loop.index}}].tls.peer.key +{% endfor %} data: {} ... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/kubernetes/ingress/ingress.yaml b/site_type/sriov-a13/templates/software/charts/kubernetes/ingress/ingress.j2 similarity index 57% rename from site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/kubernetes/ingress/ingress.yaml rename to site_type/sriov-a13/templates/software/charts/kubernetes/ingress/ingress.j2 index a05492b..be61953 100644 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/kubernetes/ingress/ingress.yaml +++ b/site_type/sriov-a13/templates/software/charts/kubernetes/ingress/ingress.j2 @@ -14,5 +14,18 @@ metadata: - method: merge path: . storagePolicy: cleartext -data: {} + substitutions: + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .vip.ingress_vip + dest: + path: .values.network.vip.addr +data: + values: + network: + ingress: + disable-ipv6: "true" + vip: + manage: true ... diff --git a/site_type/sriov/templates/software/charts/osh/openstack-compute-kit/neutron.j2 b/site_type/sriov-a13/templates/software/charts/osh/openstack-compute-kit/neutron.j2 similarity index 83% rename from site_type/sriov/templates/software/charts/osh/openstack-compute-kit/neutron.j2 rename to site_type/sriov-a13/templates/software/charts/osh/openstack-compute-kit/neutron.j2 index f18b53a..b3a570c 100644 --- a/site_type/sriov/templates/software/charts/osh/openstack-compute-kit/neutron.j2 +++ b/site_type/sriov-a13/templates/software/charts/osh/openstack-compute-kit/neutron.j2 @@ -14,6 +14,13 @@ # See the License for the specific language governing permissions and # # limitations under the License. # ############################################################################## +# This file defines hardware-specific settings for neutron. If you use the same +# hardware profile as this environment, you should not need to change this file. +# Otherwise, you should review the settings here and adjust for your hardware. +# In particular: +# 1. logical network interface names +# 2. physical device mappigns +# TODO: Should move to global layer and become tied to the hardware profile schema: armada/Chart/v1 metadata: @@ -43,6 +50,7 @@ data: - openvswitch - sriov interface: + tunnel_device: '{{yaml.networks.neutron.interface}}' sriov: {% for sriovnet in yaml.sriov.nets %} - device: {{sriovnet.interface}} @@ -59,7 +67,7 @@ data: firewall_driver: neutron.agent.firewall.NoopFirewallDriver sriov_nic: exclude_devices: null - physical_device_mappings: ' + physical_device_mappings: ' {%- for sriovnet in yaml.sriov.nets -%} {%- if loop.index > 1 -%} , @@ -76,3 +84,4 @@ data: {%- endfor %} ... + diff --git a/site_type/sriov/templates/software/charts/osh/openstack-compute-kit/nova.j2 b/site_type/sriov-a13/templates/software/charts/osh/openstack-compute-kit/nova.j2 similarity index 84% rename from site_type/sriov/templates/software/charts/osh/openstack-compute-kit/nova.j2 rename to site_type/sriov-a13/templates/software/charts/osh/openstack-compute-kit/nova.j2 index 89c935f..37f356f 100644 --- a/site_type/sriov/templates/software/charts/osh/openstack-compute-kit/nova.j2 +++ b/site_type/sriov-a13/templates/software/charts/osh/openstack-compute-kit/nova.j2 @@ -1,6 +1,6 @@ --- ############################################################################## -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # +# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # @@ -14,6 +14,15 @@ # See the License for the specific language governing permissions and # # limitations under the License. # ############################################################################## +# This file defines hardware-specific settings for nova. If you use the same +# hardware profile as this environment, you should not need to change this file. +# Otherwise, you should review the settings here and adjust for your hardware. +# In particular: +# 1. vcpu_pin_set will change if the number of logical CPUs on the hardware +# changes. +# 2. pci alias / passthrough_whitelist could change if the NIC type or NIC +# slotting changes. +# TODO: Should move to global layer and become tied to the hardware profile schema: armada/Chart/v1 metadata: diff --git a/site_type/sriov-a13/templates/software/charts/osh/openstack-tenant-ceph/ceph-client.j2 b/site_type/sriov-a13/templates/software/charts/osh/openstack-tenant-ceph/ceph-client.j2 new file mode 100644 index 0000000..1297bac --- /dev/null +++ b/site_type/sriov-a13/templates/software/charts/osh/openstack-tenant-ceph/ceph-client.j2 @@ -0,0 +1,23 @@ +--- +# The purpose of this file is to define envrionment-specific parameters for the +# ceph client +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: tenant-ceph-client + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: tenant-ceph-client-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + conf: + pool: + target: + osd: {{yaml.tenant_storage.osd_count}} +... diff --git a/site_type/sriov-a13/templates/software/charts/osh/openstack-tenant-ceph/ceph-osd.j2 b/site_type/sriov-a13/templates/software/charts/osh/openstack-tenant-ceph/ceph-osd.j2 new file mode 100644 index 0000000..d88da7c --- /dev/null +++ b/site_type/sriov-a13/templates/software/charts/osh/openstack-tenant-ceph/ceph-osd.j2 @@ -0,0 +1,61 @@ +--- +# The purpose of this file is to define environment-specific parameters for +# ceph-osd +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: tenant-ceph-osd + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: tenant-ceph-osd-global + actions: + - method: replace + path: .values.conf.storage.osd + - method: merge + path: . + storagePolicy: cleartext +data: + values: + labels: + osd: + node_selector_key: tenant-ceph-osd + node_selector_value: enabled + conf: + storage: + failure_domain: "rack" + # NEWSITE-CHANGEME: The OSD count and configuration here should not need + # to change if your HW matches the HW used in this environment. + # Otherwise you may need to add or subtract disks to this list. + # no need to create below jounal partitons as ceph charts will create them + # default size of journal partions is 10GB + osd: +{% for osd in yaml.tenant_storage.osds %} + - data: + type: block-logical + location: {{osd.data}} + journal: + type: block-logical + location: {{osd.journal}} +{% endfor %} + overrides: + ceph_osd: + hosts: + - name: {{yaml.genesis.name}} + conf: + storage: + failure_domain_name: "{{yaml.genesis.name}}_rack" +{% for server in yaml.masters %} + - name: {{server.name}} + conf: + storage: + failure_domain_name: "{{server.name}}_rack" +{% endfor %} +{% if 'workers' in yaml %}{% for server in yaml.workers %} + - name: {{server.name}} + conf: + storage: + failure_domain_name: "{{server.name}}_rack" +{% endfor %}{% endif %} +... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/ucp/ceph/ceph-client-update.yaml b/site_type/sriov-a13/templates/software/charts/ucp/ceph/ceph-client-update.j2 similarity index 86% rename from site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/ucp/ceph/ceph-client-update.yaml rename to site_type/sriov-a13/templates/software/charts/ucp/ceph/ceph-client-update.j2 index d2ac01f..baf81f2 100644 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/ucp/ceph/ceph-client-update.yaml +++ b/site_type/sriov-a13/templates/software/charts/ucp/ceph/ceph-client-update.j2 @@ -21,6 +21,6 @@ data: target: # NEWSITE-CHANGEME: Total number of OSDs. Does not need to change if # your HW matches this site's HW. Verify for your environment. - # 8 OSDs per node x 4 nodes = 32 - osd: 32 + # 8 OSDs per node x 3 nodes = 24 + osd: {{yaml.storage.total_osd_count}} ... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/ucp/ceph/ceph-client.yaml b/site_type/sriov-a13/templates/software/charts/ucp/ceph/ceph-client.j2 similarity index 93% rename from site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/ucp/ceph/ceph-client.yaml rename to site_type/sriov-a13/templates/software/charts/ucp/ceph/ceph-client.j2 index ad46780..dcbf6a8 100644 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/ucp/ceph/ceph-client.yaml +++ b/site_type/sriov-a13/templates/software/charts/ucp/ceph/ceph-client.j2 @@ -21,5 +21,5 @@ data: target: # NEWSITE-CHANGEME: The number of OSDs per ceph node. Does not need to # change if your deployment HW matches this site's HW. - osd: 8 + osd: {{yaml.storage.osd_count}} ... diff --git a/site_type/sriov-a13/templates/software/charts/ucp/ceph/ceph-osd.j2 b/site_type/sriov-a13/templates/software/charts/ucp/ceph/ceph-osd.j2 new file mode 100644 index 0000000..02a6143 --- /dev/null +++ b/site_type/sriov-a13/templates/software/charts/ucp/ceph/ceph-osd.j2 @@ -0,0 +1,51 @@ +--- +# The purpose of this file is to define environment-specific parameters for +# ceph-osd +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: ucp-ceph-osd + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: ucp-ceph-osd-global + actions: + - method: replace + path: .values.conf.storage.osd + - method: merge + path: . + storagePolicy: cleartext +data: + values: + conf: + storage: + failure_domain: "rack" + # NEWSITE-CHANGEME: The OSD count and configuration here should not need + # to change if your HW matches the HW used in this environment. + # Otherwise you may need to add or subtract disks to this list. + # no need to create below jounal partitons as ceph charts will create them + # default size of journal partions is 10GB + osd: +{% for osd in yaml.storage.osds %} + - data: + type: block-logical + location: {{osd.data}} + journal: + type: block-logical + location: {{osd.journal}} +{% endfor %} + overrides: + ceph_osd: + hosts: + - name: {{yaml.genesis.name}} + conf: + storage: + failure_domain_name: "{{yaml.genesis.name}}_rack" +{% for server in yaml.masters %} + - name: {{server.name}} + conf: + storage: + failure_domain_name: "{{server.name}}_rack" +{% endfor %} +... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/ucp/promenade/promenade.yaml b/site_type/sriov-a13/templates/software/charts/ucp/promenade/promenade.j2 similarity index 75% rename from site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/ucp/promenade/promenade.yaml rename to site_type/sriov-a13/templates/software/charts/ucp/promenade/promenade.j2 index 543083d..82848a0 100644 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/ucp/promenade/promenade.yaml +++ b/site_type/sriov-a13/templates/software/charts/ucp/promenade/promenade.j2 @@ -18,33 +18,37 @@ data: values: pod: env: - promenade_api: [] + promenade_api: + - name: no_proxy + value: localhost,127.0.0.1,192.168.0.0/16,172.0.0.0/8,10.0.0.0/8 + - name: NO_PROXY + value: localhost,127.0.0.1,192.168.0.0/16,172.0.0.0/8,10.0.0.0/8 # NEWSITE-CHANGEME: If your site uses an http proxy, enter it here. # Otherwise comment out these lines. # - name: http_proxy - # value: http://proxy.example.com:8080 + # value: 'http://proxy.example.com:8080' # NEWSITE-CHANGEME: If your site uses an https proxy, enter it here. # Otherwise comment out these lines. # - name: https_proxy - # value: http://proxy.example.com:8080 + # value: 'http://proxy.example.com:8080' # NEWSITE-CHANGEME: If your site uses an http/https proxy, enter the # IPs / domain names which the proxy should not be used for (i.e. the # cluster domain and kubernetes service_cidr defined in common-addresses) # Otherwise comment out these lines. # - name: no_proxy - # value: 10.36.0.1,.cluster.local + # value: '10.96.0.1,.cluster.local' # NEWSITE-CHANGEME: If your site uses an http proxy, enter it here. # Otherwise comment out these lines. # - name: HTTP_PROXY - # value: http://proxy.example.com:8080 + # value: 'http://proxy.example.com:8080' # NEWSITE-CHANGEME: If your site uses an https proxy, enter it here. # Otherwise comment out these lines. # - name: HTTPS_PROXY - # value: http://proxy.example.com:8080 + # value: 'http://proxy.example.com:8080' # NEWSITE-CHANGEME: If your site uses an http/https proxy, enter the # IPs / domain names which the proxy should not be used for (i.e. the # cluster domain and kubernetes service_cidr defined in common-addresses) # Otherwise comment out these lines. # - name: NO_PROXY - # value: 10.36.0.1,.cluster.local + # value: '10.96.0.1,.cluster.local' ... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/config/common-software-config.yaml b/site_type/sriov-a13/templates/software/config/common-software-config.j2 similarity index 91% rename from site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/config/common-software-config.yaml rename to site_type/sriov-a13/templates/software/config/common-software-config.j2 index 8bc0c43..fd859c2 100644 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/config/common-software-config.yaml +++ b/site_type/sriov-a13/templates/software/config/common-software-config.j2 @@ -12,5 +12,5 @@ metadata: data: osh: # NEWSITE-CHANGEME: Replace with the site name - region_name: airship-seaworthy + region_name: RegionOne ... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/config/service_accounts.yaml b/site_type/sriov-a13/templates/software/config/service_accounts.j2 similarity index 91% rename from site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/config/service_accounts.yaml rename to site_type/sriov-a13/templates/software/config/service_accounts.j2 index 7920729..751f1b1 100644 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/config/service_accounts.yaml +++ b/site_type/sriov-a13/templates/software/config/service_accounts.j2 @@ -15,6 +15,10 @@ data: postgres: admin: username: postgres + replica: + username: standby + exporter: + username: psql_exporter oslo_db: admin: username: root @@ -75,7 +79,10 @@ data: username: airflow database: airflow oslo_messaging: - username: rabbitmq + admin: + username: rabbitmq + user: + username: airflow maas: admin: username: admin @@ -108,7 +115,6 @@ data: # NEWSITE-CHANGEME: Replace with the site name region_name: RegionOne role: admin - user_domain_name: default username: armada deckhand: keystone: @@ -122,6 +128,14 @@ data: postgres: username: deckhand database: deckhand + prometheus_openstack_exporter: + user: + region_name: RegionOne + role: admin + username: prometheus-openstack-exporter + project_name: service + user_domain_name: default + project_domain_name: default ceph: swift: keystone: @@ -209,12 +223,6 @@ metadata: path: .osh.region_name dest: path: .osh.barbican.barbican.region_name - - src: - schema: pegleg/CommonSoftwareConfig/v1 - name: common-software-config - path: .osh.region_name - dest: - path: .osh.barbican.barbican.region_name data: osh: keystone: @@ -227,8 +235,6 @@ data: username: keystone database: keystone oslo_messaging: - admin: - username: keystone-rabbitmq-admin keystone: username: keystone-rabbitmq-user ldap: @@ -247,8 +253,6 @@ data: username: cinder database: cinder oslo_messaging: - admin: - username: cinder-rabbitmq-admin cinder: username: cinder-rabbitmq-user glance: @@ -262,8 +266,6 @@ data: username: glance database: glance oslo_messaging: - admin: - username: glance-rabbitmq-admin glance: username: glance-rabbitmq-user ceph_object_store: @@ -289,8 +291,6 @@ data: username: heat database: heat oslo_messaging: - admin: - username: heat-rabbitmq-admin heat: username: heat-rabbitmq-user swift: @@ -303,6 +303,9 @@ data: oslo_db: admin: username: root + prometheus_mysql_exporter: + user: + username: osh-oslodb-exporter neutron: neutron: role: admin @@ -314,8 +317,6 @@ data: username: neutron database: neutron oslo_messaging: - admin: - username: neutron-rabbitmq-admin neutron: username: neutron-rabbitmq-user nova: @@ -341,8 +342,6 @@ data: username: nova database: "nova_cell0" oslo_messaging: - admin: - username: nova-rabbitmq-admin nova: username: nova-rabbitmq-user horizon: @@ -360,10 +359,18 @@ data: username: barbican database: barbican oslo_messaging: - admin: - username: barbican-rabbitmq-admin barbican: username: barbican-rabbitmq-user + oslo_messaging: + admin: + username: admin + tempest: + tempest: + role: admin + username: tempest + project_name: service + user_domain_name: default + project_domain_name: default ... --- schema: pegleg/AccountCatalogue/v1 @@ -383,6 +390,11 @@ metadata: path: .osh_infra.prometheus_openstack_exporter.user.region_name data: osh_infra: + ceph_object_store: + admin: + username: s3_admin + elasticsearch: + username: elasticsearch grafana: admin: username: grafana @@ -395,12 +407,12 @@ data: elasticsearch: admin: username: elasticsearch - kibana: - admin: - username: kibana oslo_db: admin: username: root + prometheus_mysql_exporter: + user: + username: osh-infra-oslodb-exporter prometheus_openstack_exporter: user: role: admin @@ -411,6 +423,9 @@ data: nagios: admin: username: nagios + prometheus: + admin: + username: prometheus ldap: admin: # NEWSITE-CHANGEME: Replace with the site's LDAP account used to diff --git a/site_type/sriov-a13/treasuremap.tgz b/site_type/sriov-a13/treasuremap.tgz new file mode 100644 index 0000000..a03037a Binary files /dev/null and b/site_type/sriov-a13/treasuremap.tgz differ diff --git a/site_type/sriov/airship-treasuremap/LICENSE b/site_type/sriov/airship-treasuremap/LICENSE deleted file mode 100644 index 8dada3e..0000000 --- a/site_type/sriov/airship-treasuremap/LICENSE +++ /dev/null @@ -1,201 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "{}" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright {yyyy} {name of copyright owner} - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/site_type/sriov/airship-treasuremap/README.md b/site_type/sriov/airship-treasuremap/README.md deleted file mode 100644 index 3df4568..0000000 --- a/site_type/sriov/airship-treasuremap/README.md +++ /dev/null @@ -1,32 +0,0 @@ -# Akraino Edge Stack -.............................................................................. -. Copyright (c) 2019 AT&T Intellectual Property. All rights reserved . -. . -. Licensed under the Apache License, Version 2.0 (the "License"); you may . -. not use this file except in compliance with the License. . -. . -. You may obtain a copy of the License at . -. http://www.apache.org/licenses/LICENSE-2.0 . -. . -. Unless required by applicable law or agreed to in writing, software . -. distributed under the License is distributed on an "AS IS" BASIS, WITHOUT . -. WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. . -. See the License for the specific language governing permissions and . -. limitations under the License. . -.............................................................................. - -The files in this directory were created with the following commands: - -( -rm -rf airship-treasuremap -git clone https://git.openstack.org/openstack/airship-treasuremap -cd ./airship-treasuremap; -git checkout 059857148ad142730b5a69374e44a988cac92378; -rm -rf .git/ .gitreview .zuul.yaml -# SR-IOV UPDATES -sed -i "s/ceph-common=10.2.10/ceph-common=10.2.11/" ./global/v4.0/software/config/versions.yaml -sed -i -e 's|docker.io/openstackhelm/neutron:ocata|docker.io/openstackhelm/neutron:ocata\n neutron_sriov_agent: \&neutron_sriov docker.io/openstackhelm/neutron:ocata-sriov-1804\n neutron_sriov_agent_init: \&neutron_sriov_init docker.io/openstackhelm/neutron:ocata-sriov-1804|g' ./global/v4.0/software/config/versions.yaml -sed -i -e 's|neutron_linuxbridge_agent.*|neutron_linuxbridge_agent: *neutron\n neutron_sriov_agent: *neutron_sriov\n neutron_sriov_agent_init: *neutron_sriov_init|g' ./global/v4.0/software/config/versions.yaml -) - -Akraino Team diff --git a/site_type/sriov/airship-treasuremap/global/common/layering-policy.yaml b/site_type/sriov/airship-treasuremap/global/common/layering-policy.yaml deleted file mode 100644 index e86d0ba..0000000 --- a/site_type/sriov/airship-treasuremap/global/common/layering-policy.yaml +++ /dev/null @@ -1,10 +0,0 @@ ---- -schema: deckhand/LayeringPolicy/v1 -metadata: - schema: metadata/Control/v1 - name: layering-policy -data: - layerOrder: - - global - - type - - site diff --git a/site_type/sriov/airship-treasuremap/global/common/schemas/pegleg/Script/v1.yaml b/site_type/sriov/airship-treasuremap/global/common/schemas/pegleg/Script/v1.yaml deleted file mode 100644 index 9c90a30..0000000 --- a/site_type/sriov/airship-treasuremap/global/common/schemas/pegleg/Script/v1.yaml +++ /dev/null @@ -1,8 +0,0 @@ ---- -schema: deckhand/DataSchema/v1 -metadata: - schema: metadata/Control/v1 - name: pegleg/Script/v1 -data: - $schema: http://json-schema.org/schema# - type: string diff --git a/site_type/sriov/airship-treasuremap/global/common/schemas/pegleg/SiteDefinition/v1.yaml b/site_type/sriov/airship-treasuremap/global/common/schemas/pegleg/SiteDefinition/v1.yaml deleted file mode 100644 index 3878eb3..0000000 --- a/site_type/sriov/airship-treasuremap/global/common/schemas/pegleg/SiteDefinition/v1.yaml +++ /dev/null @@ -1,19 +0,0 @@ ---- -schema: deckhand/DataSchema/v1 -metadata: - schema: metadata/Control/v1 - name: pegleg/SiteDefinition/v1 -data: - $schema: http://json-schema.org/schema# - type: object - - properties: - revision: - type: string - pattern: '^v.+$' - site_type: - type: string - required: - - revision - - site_type - additionalProperties: false diff --git a/site_type/sriov/airship-treasuremap/global/common/secrets/passphrases/private_docker_key.yaml b/site_type/sriov/airship-treasuremap/global/common/secrets/passphrases/private_docker_key.yaml deleted file mode 100644 index d3a0341..0000000 --- a/site_type/sriov/airship-treasuremap/global/common/secrets/passphrases/private_docker_key.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: private_docker_key - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -# sample key for potential private docker registry -# see Docker documentation for info on how to generate the key -# base64 of password123 -data: cGFzc3dvcmQxMjM= -... diff --git a/site_type/sriov/airship-treasuremap/global/common/secrets/publickey/airship_ssh_public_key.yaml b/site_type/sriov/airship-treasuremap/global/common/secrets/publickey/airship_ssh_public_key.yaml deleted file mode 100644 index b14a575..0000000 --- a/site_type/sriov/airship-treasuremap/global/common/secrets/publickey/airship_ssh_public_key.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/PublicKey/v1 -metadata: - schema: metadata/Document/v1 - name: airship_ssh_public_key - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCyb6CDrai3VcFW1ew5ikf7IDSpqfFyrJNLI1DPyd28vcy6D1oFXdELYK7DsXzVCgV7YNDiKpneXMBTJ/Mr/aZi9K3eVvtRp1HAK3y6ycx9KRfyfMVAU0aT3xMOpE5xS/xTH8HNRbOSszp0woVYKhncpkumHweji7wbLKm/WxsggIoGDjn29KIoRhpo96tWz/DBsoU1pIHTMoZNyHW2aYWEx6kOzTEmhxL0LkKv7+A/2HJuLnqcXoQH9jl3kRQDyikNlSw2T3gQV3I8m0od/lEf98MZb1Yv9GrlDCmnUPXAJ2HQaWaVaPPpGcBW7veOZlLfeulwD4zlo6P6JW1SZaat airship@seaworthy -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/baremetal/bootactions/airship-target.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/baremetal/bootactions/airship-target.yaml deleted file mode 100644 index ae3a17a..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/baremetal/bootactions/airship-target.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -schema: 'drydock/BootAction/v1' -metadata: - schema: 'metadata/Document/v1' - name: airship-target - storagePolicy: 'cleartext' - layeringDefinition: - abstract: false - layer: global -data: - signaling: false - assets: - - path: /etc/systemd/system/airship.target - type: unit - permissions: '444' - data: | - [Unit] - Description=Airshipt bootaction target - After=multi-user.target cloud-init.target - - [Install] - WantedBy=graphical.target - - data_pipeline: - - utf8_decode -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/baremetal/bootactions/promjoin.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/baremetal/bootactions/promjoin.yaml deleted file mode 100644 index c2dfefb..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/baremetal/bootactions/promjoin.yaml +++ /dev/null @@ -1,33 +0,0 @@ ---- -schema: 'drydock/BootAction/v1' -metadata: - schema: 'metadata/Document/v1' - name: promjoin-systemd-unit - storagePolicy: 'cleartext' - layeringDefinition: - abstract: false - layer: global - labels: - application: 'drydock' -data: - signaling: false - assets: - - path: /etc/systemd/system/promjoin.service - type: unit - permissions: '444' - data: | - [Unit] - Description=Promenade Initialization Service - After=network-online.target local-fs.target cloud-init.target - ConditionPathExists=!/var/lib/prom.done - - [Service] - Type=oneshot - ExecStart=/opt/promjoin.sh - - [Install] - WantedBy=airship.target - - data_pipeline: - - utf8_decode -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/deployment/deployment-strategy.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/deployment/deployment-strategy.yaml deleted file mode 100644 index 7649232..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/deployment/deployment-strategy.yaml +++ /dev/null @@ -1,39 +0,0 @@ ---- -# The global deployment strategy assumes nodes are marked with node_tags -# of masters and workers. -schema: shipyard/DeploymentStrategy/v1 -metadata: - schema: metadata/Document/v1 - name: deployment-strategy - layeringDefinition: - abstract: false - layer: global - labels: - name: deployment-strategy-global - storagePolicy: cleartext -data: - groups: - - name: masters - critical: true - depends_on: [] - selectors: - - node_names: [] - node_labels: [] - node_tags: - - masters - rack_names: [] - success_criteria: - percent_successful_nodes: 100 - - name: workers - critical: true - depends_on: - - masters - selectors: - - node_names: [] - node_labels: [] - node_tags: - - workers - rack_names: [] - success_criteria: - percent_successful_nodes: 60 -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/profiles/genesis.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/profiles/genesis.yaml deleted file mode 100644 index b84f136..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/profiles/genesis.yaml +++ /dev/null @@ -1,114 +0,0 @@ ---- -schema: promenade/Genesis/v1 -metadata: - schema: metadata/Document/v1 - name: genesis-global - layeringDefinition: - abstract: true - layer: global - labels: - name: genesis-global - storagePolicy: cleartext - substitutions: - # Software versions for bootstrapping phase - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.armada.api - dest: - path: .images.armada - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.armada.tiller - dest: - path: .images.helm.tiller - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.apiserver.apiserver - dest: - path: .images.kubernetes.apiserver - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.controller-manager.controller_manager - dest: - path: .images.kubernetes.controller-manager - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.etcd.etcd - dest: - path: .images.kubernetes.etcd - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.scheduler.scheduler - dest: - path: .images.kubernetes.scheduler - - # Site-specific configuration - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .genesis.hostname - dest: - path: .hostname - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .genesis.ip - dest: - path: .ip - - # Command prefix - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.service_cidr - dest: - path: .apiserver.command_prefix[1] - pattern: SERVICE_CIDR - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.service_node_port_range - dest: - path: .apiserver.command_prefix[2] - pattern: SERVICE_NODE_PORT_RANGE - -data: - apiserver: - command_prefix: - - /apiserver - - --service-cluster-ip-range=SERVICE_CIDR - - --service-node-port-range=SERVICE_NODE_PORT_RANGE - - --authorization-mode=Node,RBAC - - --admission-control=NamespaceLifecycle,LimitRanger,ServiceAccount,PersistentVolumeLabel,DefaultStorageClass,ResourceQuota,DefaultTolerationSeconds - - --endpoint-reconciler-type=lease - armada: - target_manifest: cluster-bootstrap - labels: - dynamic: - - beta.kubernetes.io/fluentd-ds-ready=true - - calico-etcd=enabled - - ceph-mds=enabled - - ceph-mon=enabled - - ceph-osd=enabled - - ceph-rgw=enabled - - ceph-mgr=enabled - - kube-dns=enabled - - kube-ingress=enabled - - kubernetes-apiserver=enabled - - kubernetes-controller-manager=enabled - - kubernetes-etcd=enabled - - kubernetes-scheduler=enabled - - promenade-genesis=enabled - - ucp-control-plane=enabled - - maas-control-plane=enabled - - node-exporter=enabled - files: - - path: /var/lib/anchor/calico-etcd-bootstrap - content: "# placeholder for triggering calico etcd bootstrapping\n# this file will be deleted" - mode: 0644 diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/profiles/hardware/generic.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/profiles/hardware/generic.yaml deleted file mode 100644 index e4b96a5..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/profiles/hardware/generic.yaml +++ /dev/null @@ -1,19 +0,0 @@ ---- -schema: 'drydock/HardwareProfile/v1' -metadata: - schema: 'metadata/Document/v1' - name: DELL_HP_Generic - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - vendor: Dell - generation: '8' - hw_version: '3' - bios_version: '2.2.3' - boot_mode: bios - bootstrap_protocol: pxe - pxe_interface: 0 - device_aliases: {} -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/profiles/host/cp.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/profiles/host/cp.yaml deleted file mode 100644 index f976652..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/profiles/host/cp.yaml +++ /dev/null @@ -1,108 +0,0 @@ ---- -schema: drydock/HostProfile/v1 -metadata: - schema: metadata/Document/v1 - name: cp-global - storagePolicy: cleartext - labels: - hosttype: cp-global - layeringDefinition: - abstract: true - layer: global - substitutions: - - dest: - path: .oob.credential - src: - schema: deckhand/Passphrase/v1 - name: ipmi_admin_password - path: . -data: - oob: - type: 'ipmi' - network: 'oob' - account: 'root' - storage: - physical_devices: - sda: - labels: - bootdrive: 'true' - partitions: - - name: 'root' - size: '30g' - bootable: true - filesystem: - mountpoint: '/' - fstype: 'ext4' - mount_options: 'defaults' - - name: 'boot' - size: '1g' - filesystem: - mountpoint: '/boot' - fstype: 'ext4' - mount_options: 'defaults' - - name: 'var' - size: '>100g' - filesystem: - mountpoint: '/var' - fstype: 'ext4' - mount_options: 'defaults' - platform: - image: 'xenial' - kernel: 'hwe-16.04' - metadata: - owner_data: - control-plane: enabled - ucp-control-plane: enabled - openstack-control-plane: enabled - openstack-heat: enabled - openstack-keystone: enabled - openstack-rabbitmq: enabled - openstack-dns-helper: enabled - openstack-mariadb: enabled - openstack-nova-control: enabled - openstack-etcd: enabled - openstack-mistral: enabled - openstack-memcached: enabled - openstack-glance: enabled - openstack-horizon: enabled - openstack-cinder-control: enabled - openstack-cinder-volume: control - openstack-neutron: enabled - openvswitch: enabled - ucp-barbican: enabled - ceph-bootstrap: enabled - ceph-mon: enabled - ceph-mgr: enabled - ceph-osd: enabled - ceph-mds: enabled - ceph-rgw: enabled - ucp-maas: enabled - kube-dns: enabled - kubernetes-apiserver: enabled - kubernetes-controller-manager: enabled - kubernetes-etcd: enabled - kubernetes-scheduler: enabled - tiller-helm: enabled - kube-etcd: enabled - calico-policy: enabled - calico-node: enabled - calico-etcd: enabled - ucp-armada: enabled - ucp-drydock: enabled - ucp-deckhand: enabled - ucp-shipyard: enabled - IAM: enabled - ucp-promenade: enabled - prometheus-server: enabled - prometheus-client: enabled - fluentd: enabled - influxdb: enabled - kibana: enabled - elasticsearch-client: enabled - elasticsearch-master: enabled - elasticsearch-data: enabled - postgresql: enabled - kube-ingress: enabled - beta.kubernetes.io/fluentd-ds-ready: 'true' - node-exporter: enabled -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/profiles/host/dp.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/profiles/host/dp.yaml deleted file mode 100644 index 2a454ed..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/profiles/host/dp.yaml +++ /dev/null @@ -1,60 +0,0 @@ ---- -schema: drydock/HostProfile/v1 -metadata: - schema: metadata/Document/v1 - name: dp-global - labels: - hosttype: dp-global - layeringDefinition: - abstract: true - layer: global - storagePolicy: cleartext - substitutions: - - dest: - path: .oob.credential - src: - schema: deckhand/Passphrase/v1 - name: ipmi_admin_password - path: . -data: - oob: - type: 'ipmi' - network: 'oob' - account: 'root' - storage: - physical_devices: - sda: - labels: - bootdrive: 'true' - partitions: - - name: 'root' - size: '30g' - bootable: true - filesystem: - mountpoint: '/' - fstype: 'ext4' - mount_options: 'defaults' - - name: 'boot' - size: '1g' - filesystem: - mountpoint: '/boot' - fstype: 'ext4' - mount_options: 'defaults' - - name: 'var' - size: '>100g' - filesystem: - mountpoint: '/var' - fstype: 'ext4' - mount_options: 'defaults' - platform: - image: 'xenial' - kernel: 'hwe-16.04' - metadata: - owner_data: - openstack-nova-compute: enabled - openvswitch: enabled - contrail-vrouter: kernel - openstack-libvirt: kernel - beta.kubernetes.io/fluentd-ds-ready: 'true' - node-exporter: enabled -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/profiles/kubernetes-host.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/profiles/kubernetes-host.yaml deleted file mode 100644 index 1179a81..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/profiles/kubernetes-host.yaml +++ /dev/null @@ -1,144 +0,0 @@ ---- -schema: promenade/HostSystem/v1 -metadata: - schema: metadata/Document/v1 - name: host-system - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .files.kubelet - dest: - path: .files[0].tar_url - - # Initial CoreDNS image (used during node Genesis and node join) - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.coredns.coredns - dest: - path: .images.coredns - - # Initial CoreDNS image (used during node Genesis and node join) - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.haproxy.haproxy - dest: - path: .images.haproxy - - # Operational tools - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.armada.helm - dest: - path: .images.helm.helm - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.kubectl - dest: - path: .images.kubernetes.kubectl - - # System packages - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .packages.named.docker - dest: - path: .packages.required.docker - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .packages.named.socat - dest: - path: .packages.required.socat - - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .packages.unnamed - dest: - path: .packages.additional - - # Docker authorization - - src: - schema: deckhand/Passphrase/v1 - path: . - name: private_docker_key - dest: - path: .files[2].content - pattern: DH_SUB_PRIVATE_DOCKER_KEY - -data: - files: - - path: /opt/kubernetes/bin/kubelet - tar_path: kubernetes/node/bin/kubelet - mode: 0555 - - path: /etc/logrotate.d/json-logrotate - mode: 0444 - content: |- - /var/lib/docker/containers/*/*-json.log - { - compress - copytruncate - create 0644 root root - weekly - dateext - dateformat -%Y%m%d-%s - maxsize 100M - missingok - notifempty - su root root - rotate 1 - } - - path: /var/lib/kubelet/.dockercfg - mode: 0400 - # NOTE: Sample key, this repo does not exist - content: |- - { - "https://private.registry.com": { - "auth": "DH_SUB_PRIVATE_DOCKER_KEY" - } - } - - packages: - repositories: - - deb http://apt.dockerproject.org/repo ubuntu-xenial main - keys: - - |- - -----BEGIN PGP PUBLIC KEY BLOCK----- - - mQINBFWln24BEADrBl5p99uKh8+rpvqJ48u4eTtjeXAWbslJotmC/CakbNSqOb9o - ddfzRvGVeJVERt/Q/mlvEqgnyTQy+e6oEYN2Y2kqXceUhXagThnqCoxcEJ3+KM4R - mYdoe/BJ/J/6rHOjq7Omk24z2qB3RU1uAv57iY5VGw5p45uZB4C4pNNsBJXoCvPn - TGAs/7IrekFZDDgVraPx/hdiwopQ8NltSfZCyu/jPpWFK28TR8yfVlzYFwibj5WK - dHM7ZTqlA1tHIG+agyPf3Rae0jPMsHR6q+arXVwMccyOi+ULU0z8mHUJ3iEMIrpT - X+80KaN/ZjibfsBOCjcfiJSB/acn4nxQQgNZigna32velafhQivsNREFeJpzENiG - HOoyC6qVeOgKrRiKxzymj0FIMLru/iFF5pSWcBQB7PYlt8J0G80lAcPr6VCiN+4c - NKv03SdvA69dCOj79PuO9IIvQsJXsSq96HB+TeEmmL+xSdpGtGdCJHHM1fDeCqkZ - hT+RtBGQL2SEdWjxbF43oQopocT8cHvyX6Zaltn0svoGs+wX3Z/H6/8P5anog43U - 65c0A+64Jj00rNDr8j31izhtQMRo892kGeQAaaxg4Pz6HnS7hRC+cOMHUU4HA7iM - zHrouAdYeTZeZEQOA7SxtCME9ZnGwe2grxPXh/U/80WJGkzLFNcTKdv+rwARAQAB - tDdEb2NrZXIgUmVsZWFzZSBUb29sIChyZWxlYXNlZG9ja2VyKSA8ZG9ja2VyQGRv - Y2tlci5jb20+iQI4BBMBAgAiBQJVpZ9uAhsvBgsJCAcDAgYVCAIJCgsEFgIDAQIe - AQIXgAAKCRD3YiFXLFJgnbRfEAC9Uai7Rv20QIDlDogRzd+Vebg4ahyoUdj0CH+n - Ak40RIoq6G26u1e+sdgjpCa8jF6vrx+smpgd1HeJdmpahUX0XN3X9f9qU9oj9A4I - 1WDalRWJh+tP5WNv2ySy6AwcP9QnjuBMRTnTK27pk1sEMg9oJHK5p+ts8hlSC4Sl - uyMKH5NMVy9c+A9yqq9NF6M6d6/ehKfBFFLG9BX+XLBATvf1ZemGVHQusCQebTGv - 0C0V9yqtdPdRWVIEhHxyNHATaVYOafTj/EF0lDxLl6zDT6trRV5n9F1VCEh4Aal8 - L5MxVPcIZVO7NHT2EkQgn8CvWjV3oKl2GopZF8V4XdJRl90U/WDv/6cmfI08GkzD - YBHhS8ULWRFwGKobsSTyIvnbk4NtKdnTGyTJCQ8+6i52s+C54PiNgfj2ieNn6oOR - 7d+bNCcG1CdOYY+ZXVOcsjl73UYvtJrO0Rl/NpYERkZ5d/tzw4jZ6FCXgggA/Zxc - jk6Y1ZvIm8Mt8wLRFH9Nww+FVsCtaCXJLP8DlJLASMD9rl5QS9Ku3u7ZNrr5HWXP - HXITX660jglyshch6CWeiUATqjIAzkEQom/kEnOrvJAtkypRJ59vYQOedZ1sFVEL - MXg2UCkD/FwojfnVtjzYaTCeGwFQeqzHmM241iuOmBYPeyTY5veF49aBJA1gEJOQ - TvBR8Q== - =Fm3p - -----END PGP PUBLIC KEY BLOCK----- -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/armada/Chart/v1.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/schemas/armada/Chart/v1.yaml deleted file mode 100644 index 86fede8..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/armada/Chart/v1.yaml +++ /dev/null @@ -1,12 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: armada/Chart/v1 - labels: - application: armada -data: - $schema: 'http://json-schema.org/schema#' - type: 'object' - additionalProperties: true -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/armada/ChartGroup/v1.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/schemas/armada/ChartGroup/v1.yaml deleted file mode 100644 index 76f21df..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/armada/ChartGroup/v1.yaml +++ /dev/null @@ -1,12 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: armada/ChartGroup/v1 - labels: - application: armada -data: - $schema: 'http://json-schema.org/schema#' - type: 'object' - additionalProperties: true -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/armada/Manifest/v1.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/schemas/armada/Manifest/v1.yaml deleted file mode 100644 index cca2e10..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/armada/Manifest/v1.yaml +++ /dev/null @@ -1,12 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: armada/Manifest/v1 - labels: - application: armada -data: - $schema: 'http://json-schema.org/schema#' - type: 'object' - additionalProperties: true -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/drydock/BaremetalNode/v1.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/schemas/drydock/BaremetalNode/v1.yaml deleted file mode 100644 index 2902f79..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/drydock/BaremetalNode/v1.yaml +++ /dev/null @@ -1,163 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: drydock/BaremetalNode/v1 - labels: - application: drydock -data: - $schema: 'http://json-schema.org/schema#' - type: 'object' - properties: - addressing: - type: 'array' - items: - type: 'object' - properties: - address: - type: 'string' - network: - type: 'string' - oob: - type: 'object' - properties: - type: - type: 'string' - network: - type: 'string' - account: - type: 'string' - credetial: - type: 'string' - additionalProperties: true - storage: - type: 'object' - properties: - physical_devices: - type: 'object' - additionalProperties: - type: 'object' - properties: - labels: - type: 'object' - additionalProperties: - type: 'string' - volume_group: - type: 'string' - partitions: - type: 'array' - items: - type: 'object' - properties: - name: - type: 'string' - size: - type: 'string' - part_uuid: - type: 'string' - volume_group: - type: 'string' - labels: - type: 'object' - additionalProperties: - type: 'string' - bootable: - type: 'boolean' - volume_group: - type: 'string' - filesystem: - type: 'object' - properties: - mountpoint: - type: 'string' - fstype: - type: 'string' - mount_options: - type: 'string' - fs_uuid: - type: 'string' - fs_label: - type: 'string' - additionalProperties: false - additionalProperties: false - volume_groups: - type: 'object' - additionalProperties: - type: 'object' - properties: - vg_uuid: - type: 'string' - logical_volumes: - type: 'array' - items: - type: 'object' - properties: - name: - type: 'string' - lv_uuid: - type: 'string' - size: - type: 'string' - filesystem: - type: 'object' - properties: - mountpoint: - type: 'string' - fstype: - type: 'string' - mount_options: - type: 'string' - fs_uuid: - type: 'string' - fs_label: - type: 'string' - platform: - type: 'object' - properties: - image: - type: 'string' - kernel: - type: 'string' - kernel_params: - type: 'object' - additionalProperties: true - additionalProperties: false - metadata: - type: 'object' - properties: - tags: - type: 'array' - items: - type: 'string' - owner_data: - type: 'object' - additionalProperties: - type: 'string' - rack: - type: 'string' - boot_mac: - type: 'string' - additionalProperties: false - host_profile: - type: 'string' - hardware_profile: - type: 'string' - primary_network: - type: 'string' - interfaces: - type: 'object' - additionalProperties: - type: 'object' - properties: - device_link: - type: 'string' - slaves: - type: 'array' - items: - type: 'string' - networks: - type: 'array' - items: - type: 'string' - additionalProperties: false -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/drydock/BootAction/v1.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/schemas/drydock/BootAction/v1.yaml deleted file mode 100644 index f3e7c2b..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/drydock/BootAction/v1.yaml +++ /dev/null @@ -1,93 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: drydock/BootAction/v1 - labels: - application: drydock -data: - $schema: 'http://json-schema.org/schema#' - type: 'object' - additionalProperties: false - properties: - signaling: - type: 'boolean' - assets: - type: 'array' - items: - type: 'object' - additionalProperties: false - properties: - path: - type: 'string' - pattern: '^/.+' - location: - type: 'string' - type: - type: 'string' - enum: - - 'unit' - - 'file' - - 'pkg_list' - data: - type: 'string' - location_pipeline: - type: 'array' - items: - type: 'string' - enum: - - 'template' - data_pipeline: - type: 'array' - items: - type: 'string' - enum: - - 'base64_encode' - - 'template' - - 'base64_decode' - - 'utf8_encode' - - 'utf8_decode' - permissions: - type: 'string' - pattern: '\d{3}' - required: - - 'type' - node_filter: - type: 'object' - additionalProperties: false - properties: - filter_set_type: - type: 'string' - enum: - - 'intersection' - - 'union' - filter_set: - type: 'array' - items: - type: 'object' - additionalProperties: false - properties: - filter_type: - type: 'string' - enum: - - 'intersection' - - 'union' - node_names: - type: 'array' - items: - type: 'string' - node_tags: - type: 'array' - items: - type: 'string' - node_labels: - type: 'object' - additionalProperties: true - rack_names: - type: 'array' - items: - type: 'string' - rack_labels: - type: 'object' - additionalProperties: true -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/drydock/HardwareProfile/v1.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/schemas/drydock/HardwareProfile/v1.yaml deleted file mode 100644 index e51e274..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/drydock/HardwareProfile/v1.yaml +++ /dev/null @@ -1,49 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: drydock/HardwareProfile/v1 - labels: - application: drydock -data: - $schema: 'http://json-schema.org/schema#' - type: 'object' - properties: - vendor: - type: 'string' - generation: - type: 'string' - hw_version: - type: 'string' - bios_version: - type: 'string' - boot_mode: - type: 'string' - enum: - - 'bios' - - 'uefi' - bootstrap_protocol: - type: 'string' - enum: - - 'pxe' - - 'usb' - - 'hdd' - pxe_interface: - type: 'number' - device_aliases: - type: 'object' - additionalProperties: true - cpu_sets: - type: 'object' - additionalProperties: - type: 'string' - hugepages: - type: 'object' - additionalProperties: - type: 'object' - propertes: - size: - type: 'string' - count: - type: 'number' - additionalProperties: false diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/drydock/HostProfile/v1.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/schemas/drydock/HostProfile/v1.yaml deleted file mode 100644 index 642bb66..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/drydock/HostProfile/v1.yaml +++ /dev/null @@ -1,161 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: drydock/HostProfile/v1 - labels: - application: drydock -data: - $schema: 'http://json-schema.org/schema#' - type: 'object' - properties: - oob: - type: 'object' - properties: - type: - type: 'string' - network: - type: 'string' - account: - type: 'string' - credetial: - type: 'string' - additionalProperties: true - storage: - type: 'object' - properties: - physical_devices: - type: 'object' - additionalProperties: - type: 'object' - properties: - labels: - type: 'object' - additionalProperties: - type: 'string' - volume_group: - type: 'string' - partitions: - type: 'array' - items: - type: 'object' - properties: - name: - type: 'string' - size: - type: 'string' - part_uuid: - type: 'string' - volume_group: - type: 'string' - labels: - type: 'object' - additionalProperties: - type: 'string' - bootable: - type: 'boolean' - volume_group: - type: 'string' - filesystem: - type: 'object' - properties: - mountpoint: - type: 'string' - fstype: - type: 'string' - mount_options: - type: 'string' - fs_uuid: - type: 'string' - fs_label: - type: 'string' - additionalProperties: false - additionalProperties: false - volume_groups: - type: 'object' - additionalProperties: - type: 'object' - properties: - vg_uuid: - type: 'string' - logical_volumes: - type: 'array' - items: - type: 'object' - properties: - name: - type: 'string' - lv_uuid: - type: 'string' - size: - type: 'string' - filesystem: - type: 'object' - properties: - mountpoint: - type: 'string' - fstype: - type: 'string' - mount_options: - type: 'string' - fs_uuid: - type: 'string' - fs_label: - type: 'string' - platform: - type: 'object' - properties: - image: - type: 'string' - kernel: - type: 'string' - kernel_params: - type: 'object' - additionalProperties: true - additionalProperties: false - metadata: - type: 'object' - properties: - tags: - type: 'array' - items: - type: 'string' - owner_data: - type: 'object' - additionalProperties: - type: 'string' - rack: - type: 'string' - boot_mac: - type: 'string' - additionalProperties: false - host_profile: - type: 'string' - hardware_profile: - type: 'string' - primary_network: - type: 'string' - interfaces: - type: 'object' - additionalProperties: - type: 'object' - properties: - device_link: - type: 'string' - slaves: - type: 'array' - items: - type: 'string' - networks: - type: 'array' - items: - type: 'string' - sriov: - type: 'object' - properties: - vf_count: - type: 'number' - trustmode: - type: 'boolean' - additionalProperties: false -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/drydock/Network/v1.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/schemas/drydock/Network/v1.yaml deleted file mode 100644 index 8617f88..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/drydock/Network/v1.yaml +++ /dev/null @@ -1,70 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: drydock/Network/v1 - labels: - application: drydock -data: - $schema: 'http://json-schema.org/schema#' - type: 'object' - properties: - cidr: - type: 'string' - ranges: - type: 'array' - items: - type: 'object' - properties: - type: - type: 'string' - start: - type: 'string' - format: 'ipv4' - end: - type: 'string' - format: 'ipv4' - additionalProperties: false - dns: - type: 'object' - properties: - domain: - type: 'string' - servers: - type: 'string' - additionalProperties: false - dhcp_relay: - type: 'object' - properties: - self_ip: - type: 'string' - format: 'ipv4' - upstream_target: - type: 'string' - format: 'ipv4' - additionalProperties: false - mtu: - type: 'number' - vlan: - type: 'string' - routedomain: - type: 'string' - routes: - type: 'array' - items: - type: 'object' - properties: - subnet: - type: 'string' - gateway: - type: 'string' - format: 'ipv4' - metric: - type: 'number' - routedomain: - type: 'string' - additionalProperties: false - labels: - type: 'object' - additionalProperties: true - additionalProperties: false diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/drydock/NetworkLink/v1.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/schemas/drydock/NetworkLink/v1.yaml deleted file mode 100644 index 3d0b12b..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/drydock/NetworkLink/v1.yaml +++ /dev/null @@ -1,47 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: drydock/NetworkLink/v1 - labels: - application: drydock -data: - $schema: 'http://json-schema.org/schema#' - type: 'object' - properties: - bonding: - type: 'object' - properties: - mode: - type: 'string' - hash: - type: 'string' - peer_rate: - type: 'string' - mon_rate: - type: 'number' - up_delay: - type: 'number' - down_delay: - type: 'number' - additionalProperties: false - mtu: - type: 'number' - linkspeed: - type: 'string' - trunking: - type: 'object' - properties: - mode: - type: 'string' - default_network: - type: 'string' - additionalProperties: false - allowed_networks: - type: 'array' - items: - type: 'string' - labels: - type: 'object' - additionalProperties: true - additionalProperties: false diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/drydock/Rack/v1.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/schemas/drydock/Rack/v1.yaml deleted file mode 100644 index c987ef1..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/drydock/Rack/v1.yaml +++ /dev/null @@ -1,35 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: drydock/Rack/v1 - labels: - application: drydock -data: - $schema: 'http://json-schema.org/schema#' - type: 'object' - properties: - tor_switches: - type: 'object' - properties: - mgmt_ip: - type: 'string' - format: 'ipv4' - sdn_api_uri: - type: 'string' - format: 'uri' - location: - type: 'object' - properties: - clli: - type: 'string' - grid: - type: 'string' - local_networks: - type: 'array' - items: - type: 'string' - labels: - type: 'object' - additionalProperties: true - additionalProperties: false diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/drydock/Region/v1.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/schemas/drydock/Region/v1.yaml deleted file mode 100644 index 42636dd..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/drydock/Region/v1.yaml +++ /dev/null @@ -1,71 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: drydock/Region/v1 - labels: - application: drydock -data: - $schema: 'http://json-schema.org/schema#' - type: 'object' - properties: - tag_definitions: - type: 'array' - items: - type: 'object' - properties: - tag: - type: 'string' - definition_type: - type: 'string' - enum: - - 'lshw_xpath' - definition: - type: 'string' - additionalProperties: false - authorized_keys: - type: 'array' - items: - type: 'string' - repositories: - # top level is class (e.g. apt, rpm) - type: 'object' - properties: - remove_unlisted: - type: 'boolean' - additionalPropties: - type: 'object' - properties: - repo_type: - type: 'string' - pattern: 'apt|rpm' - url: - type: 'string' - distributions: - type: 'array' - items: - type: 'string' - subrepos: - type: 'array' - items: - type: 'string' - components: - type: 'array' - items: - type: 'string' - gpgkey: - type: 'string' - arches: - type: 'array' - items: - type: 'string' - options: - type: 'object' - additionalProperties: - type: 'string' - additionalProperties: false - required: - - 'repo_type' - - 'url' - - 'arches' - additionalProperties: false diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/pegleg/AccountCatalogue/v1.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/schemas/pegleg/AccountCatalogue/v1.yaml deleted file mode 100644 index c950599..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/pegleg/AccountCatalogue/v1.yaml +++ /dev/null @@ -1,645 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: pegleg/AccountCatalogue/v1 -data: - $schema: 'http://json-schema.org/schema#' - type: object - properties: - ucp: - type: object - properties: - postgres: - type: object - properties: - admin: - type: object - properties: - username: - type: string - oslo_db: - type: object - properties: - admin: - type: object - properties: - username: - type: string - oslo_messaging: - type: object - properties: - admin: - type: object - properties: - username: - type: string - keystone: - type: object - properties: - admin: - type: object - properties: - region_name: - type: string - username: - type: string - project_name: - type: string - user_domain_name: - type: string - project_domain_name: - type: string - oslo_messaging: - type: object - properties: - username: - type: string - oslo_db: - type: object - properties: - username: - type: string - database: - type: string - promenade: - type: object - properties: - keystone: - type: object - properties: - region_name: - type: string - role: - type: string - project_name: - type: string - project_domain_name: - type: string - user_domain_name: - type: string - username: - type: string - drydock: - type: object - properties: - keystone: - type: object - properties: - region_name: - type: string - role: - type: string - project_name: - type: string - project_domain_name: - type: string - user_domain_name: - type: string - username: - type: string - postgres: - type: object - properties: - username: - type: string - database: - type: string - shipyard: - type: object - properties: - keystone: - type: object - properties: - region_name: - type: string - role: - type: string - project_name: - type: string - project_domain_name: - type: string - user_domain_name: - type: string - username: - type: string - postgres: - type: object - properties: - username: - type: string - database: - type: string - airflow: - type: object - properties: - postgres: - type: object - properties: - username: - type: string - database: - type: string - oslo_messaging: - type: object - properties: - username: - type: string - maas: - type: object - properties: - admin: - type: object - properties: - username: - type: string - email: - type: string - postgres: - type: object - properties: - username: - type: string - database: - type: string - barbican: - type: object - properties: - keystone: - type: object - properties: - region_name: - type: string - role: - type: string - project_name: - type: string - project_domain_name: - type: string - user_domain_name: - type: string - username: - type: string - oslo_db: - type: object - properties: - username: - type: string - database: - type: string - oslo_messaging: - type: object - properties: - username: - type: string - armada: - type: object - properties: - keystone: - type: object - properties: - project_domain_name: - type: string - project_name: - type: string - region_name: - type: string - role: - type: string - user_domain_name: - type: string - username: - type: string - deckhand: - type: object - properties: - keystone: - type: object - properties: - region_name: - type: string - role: - type: string - project_name: - type: string - project_domain_name: - type: string - user_domain_name: - type: string - username: - type: string - postgres: - type: object - properties: - username: - type: string - database: - type: string - ceph: - type: object - properties: - swift: - type: object - properties: - keystone: - type: object - properties: - role: - type: string - region_name: - type: string - username: - type: string - project_name: - type: string - user_domain_name: - type: string - project_domain_name: - type: string - osh: - type: object - properties: - keystone: - type: object - properties: - admin: - type: object - properties: - region_name: - type: string - username: - type: string - project_name: - type: string - user_domain_name: - type: string - project_domain_name: - type: string - oslo_messaging: - type: object - properties: - admin: - type: object - properties: - username: - type: string - keystone: - type: object - properties: - username: - type: string - oslo_db: - type: object - properties: - username: - type: string - database: - type: string - cinder: - type: object - properties: - cinder: - type: object - properties: - role: - type: string - region_name: - type: string - username: - type: string - project_name: - type: string - user_domain_name: - type: string - project_domain_name: - type: string - oslo_messaging: - type: object - properties: - admin: - type: object - properties: - username: - type: string - cinder: - type: object - properties: - username: - type: string - oslo_db: - type: object - properties: - username: - type: string - database: - type: string - glance: - type: object - properties: - glance: - type: object - properties: - role: - type: string - region_name: - type: string - username: - type: string - project_name: - type: string - user_domain_name: - type: string - project_domain_name: - type: string - oslo_messaging: - type: object - properties: - admin: - type: object - properties: - username: - type: string - glance: - type: object - properties: - username: - type: string - oslo_db: - type: object - properties: - username: - type: string - database: - type: string - ceph_object_store: - type: object - properties: - username: - type: string - heat: - type: object - properties: - heat: - type: object - properties: - role: - type: string - region_name: - type: string - username: - type: string - project_name: - type: string - user_domain_name: - type: string - project_domain_name: - type: string - heat_trustee: - type: object - properties: - role: - type: string - region_name: - type: string - username: - type: string - project_name: - type: string - user_domain_name: - type: string - project_domain_name: - type: string - heat_stack_user: - type: object - properties: - role: - type: string - region_name: - type: string - username: - type: string - project_name: - type: string - user_domain_name: - type: string - project_domain_name: - type: string - oslo_db: - type: object - properties: - username: - type: string - database: - type: string - oslo_messaging: - type: object - properties: - admin: - type: object - properties: - username: - type: string - heat: - type: object - properties: - username: - type: string - swift: - type: object - properties: - swift: - type: object - properties: - role: - type: string - region_name: - type: string - username: - type: string - project_name: - type: string - user_domain_name: - type: string - project_domain_name: - type: string - oslo_db: - type: object - properties: - admin: - type: object - properties: - username: - type: string - neutron: - type: object - properties: - neutron: - type: object - properties: - role: - type: string - region_name: - type: string - username: - type: string - project_name: - type: string - user_domain_name: - type: string - project_domain_name: - type: string - oslo_messaging: - type: object - properties: - admin: - type: object - properties: - username: - type: string - neutron: - type: object - properties: - username: - type: string - oslo_db: - type: object - properties: - username: - type: string - database: - type: string - nova: - type: object - properties: - nova: - type: object - properties: - role: - type: string - region_name: - type: string - username: - type: string - project_name: - type: string - user_domain_name: - type: string - project_domain_name: - type: string - placement: - type: object - properties: - role: - type: string - region_name: - type: string - username: - type: string - project_name: - type: string - user_domain_name: - type: string - project_domain_name: - type: string - oslo_messaging: - type: object - properties: - admin: - type: object - properties: - username: - type: string - nova: - type: object - properties: - username: - type: string - oslo_db: - type: object - properties: - username: - type: string - database: - type: string - oslo_db_api: - type: object - properties: - username: - type: string - database: - type: string - oslo_db_cell0: - type: object - properties: - username: - type: string - database: - type: string - horizon: - type: object - properties: - oslo_db: - type: object - properties: - username: - type: string - database: - type: string - osh_infra: - type: object - properties: - grafana: - type: object - properties: - admin: - type: object - properties: - username: - type: string - oslo_db: - type: object - properties: - username: - type: string - database: - type: string - oslo_db_session: - type: object - properties: - username: - type: string - database: - type: string - elasticsearch: - type: object - properties: - admin: - type: object - properties: - username: - type: string - oslo_db: - type: object - properties: - admin: - type: object - properties: - username: - type: string - prometheus_openstack_exporter: - type: object - properties: - user: - type: object - properties: - username: - type: string - nagios: - type: object - properties: - admin: - type: object - properties: - username: - type: string -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/pegleg/CommonAddresses/v1.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/schemas/pegleg/CommonAddresses/v1.yaml deleted file mode 100644 index 3398137..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/pegleg/CommonAddresses/v1.yaml +++ /dev/null @@ -1,116 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: pegleg/CommonAddresses/v1 -data: - $schema: 'http://json-schema.org/schema#' - type: object - properties: - calico: - type: object - properties: - ip_autodetection_method: - type: string - etcd: - type: object - properties: - service_ip: - type: string - dns: - type: object - properties: - cluster_domain: - type: string - service_ip: - type: string - upstream_servers: - type: array - items: - type: string - upstream_servers_joined: - type: string - genesis: - type: object - properties: - hostname: - type: string - ip: - type: string - bootstrap: - type: object - properties: - ip: - type: string - kubernetes: - type: object - properties: - api_service_ip: - type: string - etcd_service_ip: - type: string - pod_cidr: - type: string - service_cidr: - type: string - apiserver_port: - type: number - haproxy_port: - type: number - service_node_port_range: - type: string - etcd: - type: object - properties: - container_port: - type: number - haproxy_port: - type: number - masters: - type: array - items: - type: object - properties: - hostname: - type: string - node_ports: - type: object - properties: - drydock_api: - type: number - maas_api: - type: number - maas_proxy: - type: number - shipyard_api: - type: number - airflow_web: - type: number - ntp: - type: object - properties: - servers_joined: - type: string - storage: - type: object - properties: - ceph: - type: object - properties: - public_cidr: - type: string - cluster_cidr: - type: string - openvswitch: - type: object - properties: - external_iface: - type: string - neutron: - type: object - properties: - tunnel_device: - type: string - external_iface: - type: string -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/pegleg/CommonSoftwareConfig/v1.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/schemas/pegleg/CommonSoftwareConfig/v1.yaml deleted file mode 100644 index c02965c..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/pegleg/CommonSoftwareConfig/v1.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: pegleg/CommonSoftwareConfig/v1 -data: - $schema: 'http://json-schema.org/schema#' - type: object - properties: - osh: - type: object - properties: - region_name: - type: string -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/pegleg/EndpointCatalogue/v1.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/schemas/pegleg/EndpointCatalogue/v1.yaml deleted file mode 100644 index 776e427..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/pegleg/EndpointCatalogue/v1.yaml +++ /dev/null @@ -1,143 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: pegleg/EndpointCatalogue/v1 -data: - $schema: 'http://json-schema.org/schema#' - type: 'object' - # Namespace the list of endpoints - additionalProperties: - type: 'object' - additionalProperties: - type: 'object' - properties: - namespace: - oneOf: - - type: string - - type: "null" - name: - type: string - auth: - type: object - hosts: - type: object - properties: - data: - type: string - default: - type: string - discovery: - type: string - public: - type: string - internal: - type: string - additionalProperties: - type: string - host_fqdn_override: - oneOf: - - type: object - properties: - default: - oneOf: - - type: string - - type: "null" - - type: object - properties: - host: - type: string - tls: - type: object - properties: - crt: - type: string - ca: - type: string - key: - type: string - additionalProperties: - type: string - public: - oneOf: - - type: string - - type: "null" - - type: object - properties: - host: - type: string - tls: - type: object - properties: - crt: - type: string - ca: - type: string - key: - type: string - additionalProperties: - type: string - internal: - oneOf: - - type: string - - type: "null" - - type: object - properties: - host: - type: string - tls: - type: object - properties: - crt: - type: string - ca: - type: string - key: - type: string - additionalProperties: - type: string - additionalProperties: - type: string - - type: "null" - path: - oneOf: - - type: object - properties: - default: - oneOf: - - type: string - - type: "null" - public: - type: string - internal: - type: string - additionalProperties: - type: string - - type: string - scheme: - oneOf: - - type: object - properties: - default: - type: string - public: - type: string - internal: - type: string - additionalProperties: - type: string - - type: string - port: - type: object - additionalProperties: - type: object - properties: - default: - type: number - public: - type: number - internal: - type: number - additionalProperties: - type: number -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/pegleg/SoftwareVersions/v1.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/schemas/pegleg/SoftwareVersions/v1.yaml deleted file mode 100644 index f093053..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/pegleg/SoftwareVersions/v1.yaml +++ /dev/null @@ -1,1066 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: pegleg/SoftwareVersions/v1 -data: - $schema: 'http://json-schema.org/schema#' - type: object - properties: - charts: - type: object - properties: - kubernetes: - type: object - properties: - calico: - type: object - properties: - etcd: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - etcd-htk: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - calico: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - apiserver: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - apiserver-htk: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - controller-manager: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - controller-manager-htk: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - coredns: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - coredns-htk: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - haroxy: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - haroxy-htk: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - etcd: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - etcd-htk: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - ingress: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - ingress-htk: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - proxy: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - proxy-htk: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - scheduler: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - scheduler-htk: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - osh_infra: - type: object - properties: - elasticsearch: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - fluent_logging: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - kibana: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - prometheus: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - prometheus_node_exporter: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - prometheus_kube_state_metrics: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - prometheus_alertmanager: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - grafana: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - prometheus_openstack_exporter: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - nagios: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - osh: - type: object - properties: - barbican: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - cinder: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - glance: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - heat: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - horizon: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - ingress: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - keystone: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - libvirt: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - mariadb: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - memcached: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - neutron: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - nova: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - openvswitch: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - rabbitmq: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - ucp: - type: object - properties: - armada: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - barbican: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - ceph-mon: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - ceph-osd: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - ceph-client: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - deckhand: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - drydock: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - ingress: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - postgresql: - type: object - - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - promenade: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - keystone: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - maas: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - mariadb: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - memcached: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - rabbitmq: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - rabbitmq-etcd: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - shipyard: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - tiller: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - files: - type: object - properties: - kubelet: - type: string - images: - type: object - properties: - ucp: - type: object - properties: - armada: - type: object - properties: - api: - type: string - dep_check: - type: string - ks_endpoints: - type: string - ks_service: - type: string - ks_user: - type: string - helm: - type: string - tiller: - type: string - promenade: - type: object - properties: - dep_check: - type: string - promenade: - type: string - ks_user: - type: string - ks_service: - type: string - ks_endpoints: - type: string - deckhand: - type: object - properties: - deckhand: - type: string - dep_check: - type: string - db_init: - type: string - db_sync: - type: string - ks_endpoints: - type: string - ks_service: - type: string - ks_user: - type: string - barbican: - type: object - properties: - bootstrap: - type: string - dep_check: - type: string - scripted_test: - type: string - db_init: - type: string - barbican_db_sync: - type: string - db_drop: - type: string - ks_endpoints: - type: string - ks_service: - type: string - ks_user: - type: string - barbican_api: - type: string - drydock: - type: object - properties: - drydock: - type: string - dep_check: - type: string - ks_endpoints: - type: string - ks_service: - type: string - ks_user: - type: string - drydock_db_init: - type: string - drydock_db_sync: - type: string - shipyard: - type: object - properties: - airflow: - type: string - shipyard: - type: string - dep_check: - type: string - shipyard_db_init: - type: string - shipyard_db_sync: - type: string - airflow_db_init: - type: string - airflow_db_sync: - type: string - ks_user: - type: string - ks_service: - type: string - ks_endpoints: - type: string - maas: - type: object - properties: - db_init: - type: string - db_sync: - type: string - maas_rack: - type: string - maas_region: - type: string - bootstrap: - type: string - export_api_key: - type: string - maas_cache: - type: string - dep_check: - type: string - keystone: - type: object - properties: - keystone_bootstrap: - type: string - test: - type: string - db_init: - type: string - keystone_db_sync: - type: string - db_drop: - type: string - keystone_fernet_setup: - type: string - keystone_fernet_rotate: - type: string - keystone_credential_setup: - type: string - keystone_credential_rotate: - type: string - keystone_api: - type: string - dep_check: - type: string - tiller: - type: object - properties: - tiller: - type: string - mariadb: - type: object - properties: - mariadb: - type: string - dep_check: - type: string - postgresql: - type: object - properties: - postgresql: - type: string - dep_check: - type: string - memcached: - type: object - properties: - memcached: - type: string - dep_check: - type: string - rabbitmq: - type: object - properties: - rabbitmq: - type: string - dep_check: - type: string - ceph: - type: object - properties: - ceph-mon: - type: object - properties: - fluentbit: - type: string - ceph_bootstrap: - type: string - dep_check: - type: string - ceph_mon: - type: string - ceph_config_helper: - type: string - ceph_mon_check: - type: string - image_repo_sync: - type: string - ceph-osd: - type: object - properties: - fluentbit: - type: string - ceph_bootstrap: - type: string - dep_check: - type: string - ceph_osd: - type: string - image_repo_sync: - type: string - ceph-client: - type: object - properties: - ks_endpoints: - type: string - ks_service: - type: string - ks_user: - type: string - ceph_bootstrap: - type: string - dep_check: - type: string - ceph_mds: - type: string - ceph_mgr: - type: string - ceph_rgw: - type: string - ceph_config_helper: - type: string - ceph_rbd_pool: - type: string - ceph_rbd_provisioner: - type: string - ceph_cephfs_provisioner: - type: string - image_repo_sync: - type: string - kubernetes: - type: object - properties: - apiserver: - type: object - properties: - anchor: - type: string - apiserver: - type: string - dep_check: - type: string - controller-manager: - type: object - properties: - anchor: - type: string - controller_manager: - type: string - dep_check: - type: string - coredns: - type: object - properties: - coredns: - type: string - haproxy: - type: object - properties: - haproxy: - type: string - anchor: - type: string - etcd: - type: object - properties: - etcd: - type: string - etcdctl: - type: string - kubectl: - type: string - pause: - type: string - scheduler: - type: object - properties: - anchor: - type: string - scheduler: - type: string - proxy: - type: object - properties: - proxy: - type: string - calico: - type: object - properties: - etcd: - type: object - properties: - etcd: - type: string - etcdctl: - type: string - calico: - type: object - properties: - cni: - type: string - ctl: - type: string - node: - type: string - policy_controller: - type: string - packages: - type: object - properties: - repositories: - type: object - additionalProperties: - type: object - properties: - name: - type: string - url: - type: string - distributions: - type: array - items: - type: string - components: - type: array - items: - type: string - gpgkey: - type: string - named: - type: object - properties: - docker: - type: string - socat: - type: string - unnamed: - type: array - items: - type: string -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/promenade/Docker/v1.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/schemas/promenade/Docker/v1.yaml deleted file mode 100644 index f2dc517..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/promenade/Docker/v1.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -schema: deckhand/DataSchema/v1 -metadata: - schema: metadata/Control/v1 - name: promenade/Docker/v1 - labels: - application: promenade -data: - $schema: http://json-schema.org/schema# - type: object - properties: - config: - type: object - required: - - config - additionalProperties: false diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/promenade/Genesis/v1.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/schemas/promenade/Genesis/v1.yaml deleted file mode 100644 index d261698..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/promenade/Genesis/v1.yaml +++ /dev/null @@ -1,141 +0,0 @@ ---- -schema: deckhand/DataSchema/v1 -metadata: - schema: metadata/Control/v1 - name: promenade/Genesis/v1 - labels: - application: promenade -data: - $schema: http://json-schema.org/schema# - definitions: - abs_path: - type: string - pattern: '^/.+$' - hostname: - type: string - pattern: '^[a-z][a-z0-9-]+$' - file: - properties: - path: - $ref: '#/definitions/abs_path' - content: - type: string - mode: - type: integer - minimum: 0 - tar_url: - $ref: '#/definitions/url' - tar_path: - $ref: '#/definitions/rel_path' - - requried: - - mode - - path - oneOf: - - type: object - required: - - content - - type: object - allOf: - - type: object - required: - - tar_url - - tar_path - additionalProperties: false - image: - type: string - # XXX add regex - ip_address: - type: string - pattern: '^(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))$' - kubernetes_label: - type: string - # XXX add regex - rel_path: - type: string - # XXX add regex - - type: object - properties: - armada: - type: object - properties: - target_manifest: - type: string - additionalProperties: false - - apiserver: - type: object - properties: - command_prefix: - type: array - items: - type: string - additionalProperties: false - - files: - type: array - items: - $ref: '#/definitions/file' - - hostname: - $ref: '#/definitions/hostname' - - ip: - $ref: '#/definitions/ip_address' - - labels: - properties: - static: - type: array - items: - $ref: '#/definitions/kubernetes_label' - dynamic: - type: array - items: - $ref: '#/definitions/kubernetes_label' - additionalProperties: false - - images: - type: object - properties: - armada: - $ref: '#/definitions/image' - helm: - type: object - properties: - tiller: - $ref: '#/definitions/image' - required: - - tiller - additionalProperties: false - kubernetes: - type: object - properties: - apiserver: - $ref: '#/definitions/image' - controller-manager: - $ref: '#/definitions/image' - etcd: - $ref: '#/definitions/image' - scheduler: - $ref: '#/definitions/image' - required: - - apiserver - - controller-manager - - etcd - - scheduler - additionalProperties: false - required: - - armada - - helm - - kubernetes - additionalProperties: false - - required: - - hostname - - ip - - images - - labels - additionalProperties: false -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/promenade/HostSystem/v1.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/schemas/promenade/HostSystem/v1.yaml deleted file mode 100644 index 8745238..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/promenade/HostSystem/v1.yaml +++ /dev/null @@ -1,137 +0,0 @@ ---- -schema: deckhand/DataSchema/v1 -metadata: - schema: metadata/Control/v1 - name: promenade/HostSystem/v1 - labels: - application: promenade -data: - $schema: http://json-schema.org/schema# - definitions: - abs_path: - type: string - pattern: '^/.+$' - apt_source_line: - type: string - # XXX add regex - file: - properties: - path: - $ref: '#/definitions/abs_path' - content: - type: string - mode: - type: integer - minimum: 0 - tar_url: - $ref: '#/definitions/url' - tar_path: - $ref: '#/definitions/rel_path' - - requried: - - mode - - path - oneOf: - - type: object - required: - - content - - type: object - allOf: - - type: object - required: - - tar_url - - tar_path - additionalProperties: false - - image: - type: string - # XXX add regex - package: - type: string - # XXX add regex - public_key: - type: string - # XXX add regex - rel_path: - type: string - # XXX add regex - url: - type: string - # XXX add regex - - type: object - - properties: - files: - type: array - items: - type: object - items: - $ref: '#/definitions/file' - images: - type: object - properties: - haproxy: - $ref: '#/definitions/image' - coredns: - $ref: '#/definitions/image' - helm: - type: object - properties: - helm: - $ref: '#/definitions/image' - required: - - helm - additionalProperties: false - kubernetes: - type: object - properties: - kubectl: - $ref: '#/definitions/image' - required: - - kubectl - additionalProperties: false - required: - - haproxy - - coredns - - helm - - kubernetes - additionalProperties: false - - packages: - type: object - properties: - additional: - type: array - items: - $ref: '#/definitions/package' - keys: - type: array - items: - $ref: '#/definitions/public_key' - - required: - type: object - properties: - docker: - $ref: '#/definitions/package' - socat: - $ref: '#/definitions/package' - required: - - docker - - socat - additionalProperties: false - - repositories: - type: array - items: - $ref: '#/definitions/apt_source_line' - - required: - - required - additionalProperties: false - - required: - - images - - packages - additionalProperties: false diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/promenade/Kubelet/v1.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/schemas/promenade/Kubelet/v1.yaml deleted file mode 100644 index eb3d693..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/promenade/Kubelet/v1.yaml +++ /dev/null @@ -1,31 +0,0 @@ ---- -schema: deckhand/DataSchema/v1 -metadata: - schema: metadata/Control/v1 - name: promenade/Kubelet/v1 - labels: - application: promenade -data: - $schema: http://json-schema.org/schema# - type: object - definitions: - image: - type: string - # XXX add regex - - properties: - images: - type: object - properties: - pause: - $ref: '#/definitions/image' - required: - - pause - additionalProperties: false - arguments: - type: array - items: - type: string - required: - - images - additionalProperties: false diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/promenade/KubernetesNetwork/v1.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/schemas/promenade/KubernetesNetwork/v1.yaml deleted file mode 100644 index f9fcf43..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/promenade/KubernetesNetwork/v1.yaml +++ /dev/null @@ -1,121 +0,0 @@ ---- -schema: deckhand/DataSchema/v1 -metadata: - schema: metadata/Control/v1 - name: promenade/KubernetesNetwork/v1 - labels: - application: promenade -data: - $schema: http://json-schema.org/schema# - definitions: - cidr: - type: string - pattern: '^(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\/([0-9]|[1-2][0-9]|3[0-2])$' - domain_name: - type: string - format: hostname - domain_suffix: - type: string - pattern: '^\.[a-z0-9][a-z0-9-\.]*$' - hostname: - type: string - format: hostname - hostname_or_ip_address: - anyOf: - - $ref: '#/definitions/hostname' - - $ref: '#/definitions/ip_address' - - $ref: '#/definitions/domain_suffix' - ip_address: - type: string - format: ipv4 - url: - type: string - format: uri - - type: object - properties: - dns: - type: object - properties: - bootstrap_validation_checks: - type: array - items: - $ref: '#/definitions/domain_name' - cluster_domain: - $ref: '#/definitions/domain_name' - service_ip: - $ref: '#/definitions/ip_address' - upstream_servers: - type: array - items: - $ref: '#/definitions/ip_address' - required: - - cluster_domain - - service_ip - additionalProperties: false - - etcd: - type: object - properties: - container_port: - type: integer - haproxy_port: - type: integer - # NOTE(mark-burnett): No longer used. - service_ip: - $ref: '#/definitions/ip_address' - required: - - container_port - - haproxy_port - additionalProperties: false - - kubernetes: - type: object - properties: - pod_cidr: - $ref: '#/definitions/cidr' - service_ip: - $ref: '#/definitions/ip_address' - service_cidr: - $ref: '#/definitions/cidr' - apiserver_port: - type: integer - haproxy_port: - type: integer - required: - - pod_cidr - - service_cidr - - service_ip - - apiserver_port - - haproxy_port - additionalProperties: false - hosts_entries: - type: array - items: - type: object - properties: - ip: - $ref: '#/definitions/ip_address' - names: - type: array - items: - $ref: '#/definitions/hostname' - - proxy: - type: object - properties: - additional_no_proxy: - type: array - items: - $ref: '#/definitions/hostname_or_ip_address' - url: - $ref: '#/definitions/url' - required: - - url - additionalFields: false - - required: - - dns - - kubernetes - additionalProperties: false -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/promenade/KubernetesNode/v1.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/schemas/promenade/KubernetesNode/v1.yaml deleted file mode 100644 index 1b7598e..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/promenade/KubernetesNode/v1.yaml +++ /dev/null @@ -1,47 +0,0 @@ ---- -schema: deckhand/DataSchema/v1 -metadata: - schema: metadata/Control/v1 - name: promenade/KubernetesNode/v1 - labels: - application: promenade -data: - $schema: http://json-schema.org/schema# - definitions: - hostname: - type: string - pattern: '^[a-z][a-z0-9-]+$' - ip_address: - type: string - pattern: '^(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))$' - kubernetes_label: - type: string - # XXX add regex - - type: object - properties: - hostname: - $ref: '#/definitions/hostname' - - ip: - $ref: '#/definitions/ip_address' - - join_ip: - $ref: '#/definitions/ip_address' - - labels: - properties: - static: - type: array - items: - $ref: '#/definitions/kubernetes_label' - dynamic: - type: array - items: - $ref: '#/definitions/kubernetes_label' - additionalProperties: false - - required: - - ip - - join_ip - additionalProperties: false diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/promenade/PKICatalog/PKICatalog.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/schemas/promenade/PKICatalog/PKICatalog.yaml deleted file mode 100644 index ae64c54..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/promenade/PKICatalog/PKICatalog.yaml +++ /dev/null @@ -1,43 +0,0 @@ ---- -schema: deckhand/DataSchema/v1 -metadata: - schema: metadata/Control/v1 - name: promenade/PKICatalog/v1 - labels: - application: promenade -data: - $schema: http://json-schema.org/schema# - certificate_authorities: - type: array - items: - type: object - properties: - description: - type: string - certificates: - type: array - items: - type: object - properties: - document_name: - type: string - description: - type: string - common_name: - type: string - hosts: - type: array - items: string - groups: - type: array - items: string - keypairs: - type: array - items: - type: object - properties: - name: - type: string - description: - type: string -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/shipyard/DeploymentConfiguration/v1.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/schemas/shipyard/DeploymentConfiguration/v1.yaml deleted file mode 100644 index 77da34e..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/shipyard/DeploymentConfiguration/v1.yaml +++ /dev/null @@ -1,80 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: shipyard/DeploymentConfiguration/v1 - labels: - application: shipyard -data: - $schema: 'http://json-schema.org/schema#' - type: 'object' - properties: - physical_provisioner: - type: 'object' - properties: - deployment_strategy: - type: 'string' - deploy_interval: - type: 'integer' - deploy_timeout: - type: 'integer' - destroy_interval: - type: 'integer' - destroy_timeout: - type: 'integer' - join_wait: - type: 'integer' - prepare_node_interval: - type: 'integer' - prepare_node_timeout: - type: 'integer' - prepare_site_interval: - type: 'integer' - prepare_site_timeout: - type: 'integer' - verify_interval: - type: 'integer' - verify_timeout: - type: 'integer' - additionalProperties: false - kubernetes: - type: 'object' - properties: - node_status_interval: - type: 'integer' - node_status_timeout: - type: 'integer' - additionalProperties: false - kubernetes_provisioner: - type: 'object' - properties: - drain_timeout: - type: 'integer' - drain_grace_period: - type: 'integer' - clear_labels_timeout: - type: 'integer' - remove_etcd_timeout: - type: 'integer' - etcd_ready_timeout: - type: 'integer' - additionalProperties: false - armada: - type: 'object' - properties: - get_releases_timeout: - type: 'integer' - get_status_timeout: - type: 'integer' - manifest: - type: 'string' - post_apply_timeout: - type: 'integer' - validate_design_timeout: - type: 'integer' - additionalProperties: false - required: - - manifest - additionalProperties: false - required: - - armada diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/shipyard/DeploymentStrategy/v1.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/schemas/shipyard/DeploymentStrategy/v1.yaml deleted file mode 100644 index 081bbbc..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/schemas/shipyard/DeploymentStrategy/v1.yaml +++ /dev/null @@ -1,73 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: shipyard/DeploymentStrategy/v1 - labels: - application: shipyard -data: - $schema: 'http://json-schema.org/schema#' - type: 'object' - required: - - groups - properties: - groups: - type: 'array' - minItems: 0 - items: - type: 'object' - required: - - name - - critical - - depends_on - - selectors - properties: - name: - type: 'string' - minLength: 1 - critical: - type: 'boolean' - depends_on: - type: 'array' - minItems: 0 - items: - type: 'string' - selectors: - type: 'array' - minItems: 0 - items: - type: 'object' - minProperties: 1 - properties: - node_names: - type: 'array' - items: - type: 'string' - node_labels: - type: 'array' - items: - type: 'string' - node_tags: - type: 'array' - items: - type: 'string' - rack_names: - type: 'array' - items: - type: 'string' - additionalProperties: false - success_criteria: - type: 'object' - minProperties: 1 - properties: - percent_successful_nodes: - type: 'integer' - minimum: 0 - maximum: 100 - minimum_successful_nodes: - type: 'integer' - minimum: 0 - maximum_failed_nodes: - type: 'integer' - minimum: 0 - additionalProperties: false diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/scripts/configure-ip-rules.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/scripts/configure-ip-rules.yaml deleted file mode 100644 index 217d9de..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/scripts/configure-ip-rules.yaml +++ /dev/null @@ -1,128 +0,0 @@ ---- -schema: pegleg/Script/v1 -metadata: - schema: metadata/Document/v1 - name: configure-ip-rules - storagePolicy: cleartext - layeringDefinition: - abstract: false - layer: global -data: |- - #!/bin/bash - set -ex - - function usage() { - cat <&2 - exit 1 - ;; - :) - echo "Missing argument for option: -${OPTARG}" >&2 - exit 1 - ;; - *) - echo "Unimplemented option: -${OPTARG}" >&2 - exit 1 - ;; - esac - done - shift $((OPTIND-1)) - - if [ "x$POD_CIDR" == "x" ]; then - echo "Missing pod CIDR, e.g -c 10.97.0.0/16" >&2 - usage - exit 1 - fi - - if [ "x$INTERFACE" != "x" ]; then - while ! ip route list dev "${INTERFACE}" > /dev/null; do - echo Waiting for device "${INTERFACE}" to be ready. >&2 - sleep 5 - done - fi - - intra_vrrp_ip= - if [ "x${SERVICE_GW}" == "x" ]; then - intra_vrrp_ip=$(ip route list dev "${INTERFACE}" | awk '($2~/via/){print $3}' | head -n 1) - else - intra_vrrp_ip=${SERVICE_GW} - fi - - TABLE="1500" - - if [ "x${intra_vrrp_ip}" == "x" ]; then - echo "Either INTERFACE or SERVICE_GW is required: e.g. either -i bond0.22 or -g 10.23.22.1" - usage - exit 1 - fi - - # Setup a routing table for traffic from service IPs - ip route flush table "${TABLE}" - ip route add default via "${intra_vrrp_ip}" table "${TABLE}" - - # Setup arp_announce adjustment on interface facing gateway - arp_intf=$(ip route get ${intra_vrrp_ip} | grep dev | awk '{print $3}') - echo 2 > /proc/sys/net/ipv4/conf/${arp_intf}/arp_announce - - - if [ "x$OVERLAP_CIDR" != "x" ]; then - # NOTE: This is a work-around for nodes not receiving complete - # routes via BGP. - ip route add "${OVERLAP_CIDR}" via "${intra_vrrp_ip}" - fi - - if [ "x$SERVICE_CIDR" != "x" ]; then - # Traffic from the service IPs to pods should use the pod network. - ip rule add \ - from "${SERVICE_CIDR}" \ - to "${POD_CIDR}" \ - lookup main \ - pref 10000 - # Other traffic from service IPs should only use the VRRP IP - ip rule add \ - from "${SERVICE_CIDR}" \ - lookup "${TABLE}" \ - pref 10100 - fi diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/container-networking/calico.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/container-networking/calico.yaml deleted file mode 100644 index a384c72..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/container-networking/calico.yaml +++ /dev/null @@ -1,168 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-calico - layeringDefinition: - abstract: false - layer: global - labels: - name: kubernetes-calico-global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.calico.calico - dest: - path: .source - # Image versions - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.calico.calico - dest: - path: .values.images.tags - # IP addresses - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .calico.etcd.service_ip - dest: - path: .values.endpoints.etcd.host_fqdn_override.default - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.pod_cidr - dest: - path: .values.networking.podSubnet - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.api_service_ip - dest: - path: .values.conf.policy_controller.K8S_API - pattern: SUB_KUBERNETES_IP - - # Other site-specific configuration - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .calico.ip_autodetection_method - dest: - path: .values.conf.node.IP_AUTODETECTION_METHOD - - # Certificates - - src: - schema: deckhand/CertificateAuthority/v1 - name: calico-etcd - path: . - dest: - path: .values.endpoints.etcd.auth.client.tls.ca - - src: - schema: deckhand/Certificate/v1 - name: calico-node - path: . - dest: - path: .values.endpoints.etcd.auth.client.tls.crt - - src: - schema: deckhand/CertificateKey/v1 - name: calico-node - path: . - dest: - path: .values.endpoints.etcd.auth.client.tls.key - -data: - chart_name: calico - release: kubernetes-calico - namespace: kube-system - protected: - continue_processing: true - wait: - timeout: 600 - labels: - release_group: airship-kubernetes-calico - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-kubernetes-calico - values: - conf: - cni_network_config: - name: k8s-pod-network - cniVersion: 0.1.0 - type: calico - etcd_endpoints: __ETCD_ENDPOINTS__ - etcd_ca_cert_file: /etc/calico/pki/ca - etcd_cert_file: /etc/calico/pki/crt - etcd_key_file: /etc/calico/pki/key - log_level: info - mtu: 1500 - ipam: - type: calico-ipam - policy: - type: k8s - k8s_api_root: https://__KUBERNETES_SERVICE_HOST__:__KUBERNETES_SERVICE_PORT__ - k8s_auth_token: __SERVICEACCOUNT_TOKEN__ - - policy_controller: - K8S_API: "https://SUB_KUBERNETES_IP:443" - - node: - CALICO_STARTUP_LOGLEVEL: INFO - CLUSTER_TYPE: - - k8s - - bgp - WAIT_FOR_STORAGE: "true" - - endpoints: - etcd: - hosts: - default: calico-etcd - scheme: - default: https - - networking: - mtu: 1500 - settings: - mesh: "on" - ippool: - ipip: - enabled: "true" - mode: "always" - nat_outgoing: "true" - disabled: "false" - - manifests: - daemonset_calico_etcd: false - job_image_repo_sync: false - service_calico_etcd: false - dependencies: - - calico-htk ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: calico-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.calico.calico-htk - dest: - path: .source -data: - chart_name: calico-htk - release: calico-htk - namespace: calico-htk - values: {} - dependencies: [] -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/container-networking/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/container-networking/chart-group.yaml deleted file mode 100644 index 4d1cfbd..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/container-networking/chart-group.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-container-networking - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Container networking via Calico - sequenced: true - chart_group: - - kubernetes-calico-etcd - - kubernetes-calico diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/container-networking/etcd.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/container-networking/etcd.yaml deleted file mode 100644 index e1a7561..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/container-networking/etcd.yaml +++ /dev/null @@ -1,136 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-calico-etcd-global - layeringDefinition: - abstract: true - layer: global - labels: - name: kubernetes-calico-etcd-global - storagePolicy: cleartext - substitutions: - - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.calico.etcd - dest: - path: .source - - # Image versions - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.calico.etcd - dest: - path: .values.images.tags - - # IP addresses - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .calico.etcd.service_ip - dest: - path: .values.service.ip - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .calico.etcd.service_ip - dest: - path: .values.anchor.etcdctl_endpoint - - # CAs - - src: - schema: deckhand/CertificateAuthority/v1 - name: calico-etcd - path: . - dest: - path: .values.secrets.tls.client.ca - - src: - schema: deckhand/CertificateAuthority/v1 - name: calico-etcd-peer - path: . - dest: - path: .values.secrets.tls.peer.ca - - # Anchor client cert - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-anchor - path: . - dest: - path: .values.secrets.anchor.tls.cert - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-anchor - path: . - dest: - path: .values.secrets.anchor.tls.key - -data: - chart_name: etcd - release: kubernetes-calico-etcd - namespace: kube-system - protected: - continue_processing: true - wait: - timeout: 600 - labels: - release_group: airship-kubernetes-calico-etcd - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-kubernetes-calico-etcd - values: - labels: - anchor: - node_selector_key: calico-etcd - node_selector_value: enabled - etcd: - host_data_path: /var/lib/etcd/calico - host_etc_path: /etc/etcd/calico - bootstrapping: - enabled: true - host_directory: /var/lib/anchor - filename: calico-etcd-bootstrap - service: - name: calico-etcd - network: - service_client: - name: service_client - port: 6666 - target_port: 6666 - service_peer: - name: service_peer - port: 6667 - target_port: 6667 - dependencies: - - kubernetes-calico-etcd-htk ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-calico-etcd-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.calico.etcd-htk - dest: - path: .source -data: - chart_name: kubernetes-calico-etcd-htk - release: kubernetes-calico-etcd-htk - namespace: kubernetes-calico-etcd-htk - values: {} - dependencies: [] -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/core/apiserver.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/core/apiserver.yaml deleted file mode 100644 index 41b4770..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/core/apiserver.yaml +++ /dev/null @@ -1,155 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-apiserver - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.apiserver - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.apiserver - dest: - path: .values.images.tags - - # IP addresses - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.api_service_ip - dest: - path: .values.network.kubernetes_service_ip - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.pod_cidr - dest: - path: .values.network.pod_cidr - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.service_cidr - dest: - path: .values.command_prefix[1] - pattern: SERVICE_CIDR - - # Kubernetes Port Range - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.service_node_port_range - dest: - path: .values.command_prefix[2] - pattern: SERVICE_NODE_PORT_RANGE - - # CA - - src: - schema: deckhand/CertificateAuthority/v1 - name: kubernetes - path: . - dest: - path: .values.secrets.tls.ca - - # Certificates - - src: - schema: deckhand/Certificate/v1 - name: apiserver - path: . - dest: - path: .values.secrets.tls.cert - - src: - schema: deckhand/CertificateKey/v1 - name: apiserver - path: . - dest: - path: .values.secrets.tls.key - - src: - schema: deckhand/CertificateAuthority/v1 - name: kubernetes-etcd - path: . - dest: - path: .values.secrets.etcd.tls.ca - - src: - schema: deckhand/Certificate/v1 - name: apiserver-etcd - path: . - dest: - path: .values.secrets.etcd.tls.cert - - src: - schema: deckhand/CertificateKey/v1 - name: apiserver-etcd - path: . - dest: - path: .values.secrets.etcd.tls.key - - src: - schema: deckhand/PublicKey/v1 - name: service-account - path: . - dest: - path: .values.secrets.service_account.public_key - -data: - chart_name: apiserver - release: kubernetes-apiserver - namespace: kube-system - protected: - continue_processing: true - wait: - timeout: 600 - labels: - release_group: airship-kubernetes-apiserver - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-kubernetes-apiserver - values: - apiserver: - etcd: - endpoints: https://127.0.0.1:2378 - command_prefix: - - /apiserver - - --service-cluster-ip-range=SERVICE_CIDR - - --service-node-port-range=SERVICE_NODE_PORT_RANGE - - --authorization-mode=Node,RBAC - - --admission-control=NamespaceLifecycle,LimitRanger,ServiceAccount,PersistentVolumeLabel,DefaultStorageClass,ResourceQuota,DefaultTolerationSeconds - - --endpoint-reconciler-type=lease - dependencies: - - kubernetes-apiserver-htk ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-apiserver-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.apiserver-htk - dest: - path: .source -data: - chart_name: kubernetes-apiserver-htk - release: kubernetes-apiserver-htk - namespace: kubernetes-apiserver-htk - values: {} - dependencies: [] -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/core/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/core/chart-group.yaml deleted file mode 100644 index 6e8560d..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/core/chart-group.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-core - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Kubernetes components - chart_group: - - kubernetes-apiserver - - kubernetes-controller-manager - - kubernetes-scheduler diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/core/controller-manager.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/core/controller-manager.yaml deleted file mode 100644 index e555ba0..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/core/controller-manager.yaml +++ /dev/null @@ -1,136 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-controller-manager - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.controller-manager - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.controller-manager - dest: - path: .values.images.tags - - # IP addresses - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.pod_cidr - dest: - path: .values.network.pod_cidr - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.service_cidr - dest: - path: .values.network.service_cidr - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.pod_cidr - dest: - path: .values.command_prefix[1] - pattern: SUB_POD_CIDR - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.service_cidr - dest: - path: .values.command_prefix[2] - pattern: SUB_SERVICE_CIDR - - # CA - - src: - schema: deckhand/CertificateAuthority/v1 - name: kubernetes - path: . - dest: - path: .values.secrets.tls.ca - - # Certificates - - src: - schema: deckhand/Certificate/v1 - name: controller-manager - path: . - dest: - path: .values.secrets.tls.cert - - src: - schema: deckhand/CertificateKey/v1 - name: controller-manager - path: . - dest: - path: .values.secrets.tls.key - - # Private key for Kubernetes service account token signing - - src: - schema: deckhand/PrivateKey/v1 - name: service-account - path: . - dest: - path: .values.secrets.service_account.private_key - -data: - chart_name: controller-manager - release: kubernetes-controller-manager - namespace: kube-system - protected: - continue_processing: true - wait: - timeout: 600 - labels: - release_group: airship-kubernetes-controller-manager - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-kubernetes-controller-manager - values: - command_prefix: - - /controller-manager - - --cluster-cidr=SUB_POD_CIDR - - --service-cluster-ip-range=SUB_SERVICE_CIDR - - --node-monitor-period=5s - - --node-monitor-grace-period=20s - - --pod-eviction-timeout=60s - network: - kubernetes_netloc: 127.0.0.1:6553 - dependencies: - - kubernetes-controller-manager-htk ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-controller-manager-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.controller-manager-htk - dest: - path: .source -data: - chart_name: kubernetes-controller-manager-htk - release: kubernetes-controller-manager-htk - namespace: kubernetes-controller-manager-htk - values: {} - dependencies: [] -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/core/scheduler.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/core/scheduler.yaml deleted file mode 100644 index 0cce145..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/core/scheduler.yaml +++ /dev/null @@ -1,93 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-scheduler - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.scheduler - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.scheduler - dest: - path: .values.images.tags - - # CA - - src: - schema: deckhand/CertificateAuthority/v1 - name: kubernetes - path: . - dest: - path: .values.secrets.tls.ca - - # Certificates - - src: - schema: deckhand/Certificate/v1 - name: scheduler - path: . - dest: - path: .values.secrets.tls.cert - - src: - schema: deckhand/CertificateKey/v1 - name: scheduler - path: . - dest: - path: .values.secrets.tls.key - -data: - chart_name: scheduler - release: kubernetes-scheduler - namespace: kube-system - protected: - continue_processing: true - wait: - timeout: 600 - labels: - release_group: airship-kubernetes-scheduler - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-kubernetes-scheduler - values: - network: - kubernetes_netloc: 127.0.0.1:6553 - dependencies: - - kubernetes-scheduler-htk ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-scheduler-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.scheduler-htk - dest: - path: .source -data: - chart_name: kubernetes-scheduler-htk - release: kubernetes-scheduler-htk - namespace: kubernetes-scheduler-htk - values: {} - dependencies: [] -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/dns/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/dns/chart-group.yaml deleted file mode 100644 index 1c8abf0..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/dns/chart-group.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-dns - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Cluster DNS - chart_group: - - coredns diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/dns/coredns.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/dns/coredns.yaml deleted file mode 100644 index 39329d2..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/dns/coredns.yaml +++ /dev/null @@ -1,146 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: coredns - layeringDefinition: - abstract: false - layer: global - labels: - name: coredns-global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.coredns - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.coredns - dest: - path: .values.images.tags - - # IP Addresses - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .dns.service_ip - dest: - path: .values.service.ip - - # Zones - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .dns.cluster_domain - dest: - path: .values.conf.coredns.corefile - pattern: '(CLUSTER_DOMAIN)' - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.service_cidr - dest: - path: .values.conf.coredns.corefile - pattern: '(SERVICE_CIDR)' - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.pod_cidr - dest: - path: .values.conf.coredns.corefile - pattern: '(POD_CIDR)' - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .dns.upstream_servers[0] - dest: - path: .values.conf.coredns.corefile - pattern: '(UPSTREAM1)' - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .dns.upstream_servers[1] - dest: - path: .values.conf.coredns.corefile - pattern: '(UPSTREAM2)' - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .dns.upstream_servers[2] - dest: - path: .values.conf.coredns.corefile - pattern: '(UPSTREAM3)' - -data: - chart_name: coredns - release: coredns - namespace: kube-system - wait: - timeout: 600 - labels: - release_group: airship-coredns - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-coredns - values: - conf: - coredns: - corefile: | - .:53 { - errors - health - autopath @kubernetes - kubernetes CLUSTER_DOMAIN SERVICE_CIDR POD_CIDR { - pods insecure - fallthrough in-addr.arpa ip6.arpa - upstream UPSTREAM1 - upstream UPSTREAM2 - upstream UPSTREAM3 - } - prometheus :9153 - forward . UPSTREAM1 UPSTREAM2 UPSTREAM3 - cache 30 - } - - labels: - coredns: - node_selector_key: kube-dns - node_selector_value: enabled - - dependencies: - - coredns-htk ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: coredns-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.coredns-htk - dest: - path: .source -data: - chart_name: coredns-htk - release: coredns-htk - namespace: coredns-htk - values: {} - dependencies: [] -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/etcd/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/etcd/chart-group.yaml deleted file mode 100644 index 5a951d1..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/etcd/chart-group.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-etcd - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Kubernetes etcd - chart_group: - - kubernetes-etcd diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/etcd/etcd.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/etcd/etcd.yaml deleted file mode 100644 index ec3fa72..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/etcd/etcd.yaml +++ /dev/null @@ -1,137 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-etcd-global - layeringDefinition: - abstract: true - layer: global - labels: - name: kubernetes-etcd-global - storagePolicy: cleartext - substitutions: - - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.etcd - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.etcd - dest: - path: .values.images.tags - - # IP addresses - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.etcd_service_ip - dest: - path: .values.service.ip - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.etcd_service_ip - dest: - path: .values.anchor.etcdctl_endpoint - - # CAs - - - src: - schema: deckhand/CertificateAuthority/v1 - name: kubernetes-etcd - path: . - dest: - path: .values.secrets.tls.client.ca - - - src: - schema: deckhand/CertificateAuthority/v1 - name: kubernetes-etcd-peer - path: . - dest: - path: .values.secrets.tls.peer.ca - - - - src: - schema: deckhand/Certificate/v1 - name: kubernetes-etcd-anchor - path: . - dest: - path: .values.secrets.anchor.tls.cert - - - src: - schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-anchor - path: . - dest: - path: .values.secrets.anchor.tls.key - -data: - chart_name: etcd - release: kubernetes-etcd - namespace: kube-system - protected: - continue_processing: true - wait: - timeout: 600 - labels: - release_group: airship-kubernetes-etcd - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-kubernetes-etcd - values: - labels: - anchor: - node_selector_key: kubernetes-etcd - node_selector_value: enabled - etcd: - host_data_path: /var/lib/etcd/kubernetes - host_etc_path: /etc/etcd/kubernetes - service: - name: kubernetes-etcd - network: - service_client: - name: service_client - port: 2379 - target_port: 2379 - service_peer: - name: service_peer - port: 2380 - target_port: 2380 - dependencies: - - kubernetes-etcd-htk ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-etcd-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.etcd-htk - dest: - path: .source -data: - chart_name: kubernetes-etcd-htk - release: kubernetes-etcd-htk - namespace: kubernetes-etcd-htk - values: {} - dependencies: [] -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/haproxy/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/haproxy/chart-group.yaml deleted file mode 100644 index 63a24f5..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/haproxy/chart-group.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-haproxy - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: HAProxy for Kubernetes - chart_group: - - haproxy diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/haproxy/haproxy.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/haproxy/haproxy.yaml deleted file mode 100644 index 3b43ffe..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/haproxy/haproxy.yaml +++ /dev/null @@ -1,109 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: haproxy - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.haproxy - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.haproxy - dest: - path: .values.images.tags - - # Kubernetes configuration - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.api_service_ip - dest: - path: .values.conf.anchor.kubernetes_url - pattern: KUBERNETES_IP - -data: - chart_name: haproxy - release: haproxy - namespace: kube-system - protected: - continue_processing: true - wait: - timeout: 600 - labels: - release_group: airship-haproxy - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-haproxy - values: - conf: - anchor: - kubernetes_url: https://KUBERNETES_IP:443 - services: - default: - kubernetes: - server_opts: "check port 6443" - conf_parts: - frontend: - - mode tcp - - option tcpka - - bind *:6553 - backend: - - mode tcp - - option tcpka - - option tcp-check - - option redispatch - kube-system: - kubernetes-etcd: - server_opts: "check port 2379" - conf_parts: - frontend: - - mode tcp - - option tcpka - - bind *:2378 - backend: - - mode tcp - - option tcpka - - option tcp-check - - option redispatch - dependencies: - - haproxy-htk ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: haproxy-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.haproxy-htk - dest: - path: .source -data: - chart_name: haproxy-htk - release: haproxy-htk - namespace: haproxy-htk - values: {} - dependencies: [] -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/ingress/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/ingress/chart-group.yaml deleted file mode 100644 index 11197f6..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/ingress/chart-group.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: ingress-kube-system - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Ingress for the site - chart_group: - - ingress-kube-system diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/ingress/ingress.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/ingress/ingress.yaml deleted file mode 100644 index e6ba2de..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/ingress/ingress.yaml +++ /dev/null @@ -1,86 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: global-ingress-kube-system - labels: - ingress: kube-system - layeringDefinition: - abstract: true - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.ingress - dest: - path: .source - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.ingress - dest: - path: .values.images.tags -data: - chart_name: ingress-kube-system - release: ingress-kube-system - namespace: kube-system - wait: - timeout: 300 - labels: - release_group: airship-ingress-kube-system - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-ingress-kube-system - values: - labels: - server: - node_selector_key: kube-ingress - node_selector_value: enabled - error_server: - node_selector_key: kube-ingress - node_selector_value: enabled - deployment: - mode: cluster - type: DaemonSet - network: - host_namespace: true - ingress: - annotations: - nginx.ingress.kubernetes.io/proxy-read-timeout: "603" - pod: - replicas: - error_page: 2 - dependencies: - - ingress-kube-system-htk ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ingress-kube-system-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.ingress-htk - dest: - path: .source -data: - chart_name: ingress-kube-system-htk - release: ingress-kube-system-htk - namespace: ingress-kube-system-htk - values: {} - dependencies: [] diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/proxy/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/proxy/chart-group.yaml deleted file mode 100644 index a083dd3..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/proxy/chart-group.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-proxy - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Kubernetes proxy - sequenced: true - chart_group: - - kubernetes-proxy diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/proxy/kubernetes-proxy.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/proxy/kubernetes-proxy.yaml deleted file mode 100644 index 5837119..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/kubernetes/proxy/kubernetes-proxy.yaml +++ /dev/null @@ -1,90 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-proxy - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.proxy - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.proxy - dest: - path: .values.images.tags - - # IP Addresses - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.pod_cidr - dest: - path: .values.command_prefix[1] - pattern: POD_CIDR - - # Secrets - - src: - schema: deckhand/CertificateAuthority/v1 - name: kubernetes - path: . - dest: - path: .values.secrets.tls.ca -data: - chart_name: proxy - release: kubernetes-proxy - namespace: kube-system - wait: - timeout: 600 - labels: - release_group: airship-kubernetes-proxy - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-kubernetes-proxy - values: - command_prefix: - - /proxy - - --cluster-cidr=POD_CIDR - - --proxy-mode=iptables - kube_service: - host: 127.0.0.1 - port: 6553 - dependencies: - - kubernetes-proxy-htk ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-proxy-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.proxy-htk - dest: - path: .source -data: - chart_name: kubernetes-proxy-htk - release: kubernetes-proxy-htk - namespace: kubernetes-proxy-htk - values: {} - dependencies: [] -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/dependencies.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/dependencies.yaml deleted file mode 100644 index cd730ba..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/dependencies.yaml +++ /dev/null @@ -1,28 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: osh-infra-helm-toolkit - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.osh_infra.helm_toolkit - dest: - path: .source -data: - chart_name: helm-toolkit - release: osh-infra-helm-toolkit - namespace: osh-infra-helm-toolkit - wait: - timeout: 600 - labels: - release_group: airship-osh-infra-helm-toolkit - upgrade: - no_hooks: true - values: {} - dependencies: [] diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-ceph-config/ceph-config.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-ceph-config/ceph-config.yaml deleted file mode 100644 index eb5eb11..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-ceph-config/ceph-config.yaml +++ /dev/null @@ -1,142 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: osh-infra-ceph-config - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.ceph-client - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ceph.ceph-client - dest: - path: .values.images.tags - - # IP addresses - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .storage.ceph.public_cidr - dest: - path: .values.network.public - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .storage.ceph.cluster_cidr - dest: - path: .values.network.cluster - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.identity - dest: - path: .values.endpoints.identity - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.object_store - dest: - path: .values.endpoints.object_store - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ceph.ceph_mon - dest: - path: .values.endpoints.ceph_mon - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ceph.ceph_mgr - dest: - path: .values.endpoints.ceph_mgr - - # Credentials - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.keystone.admin - dest: - path: .values.endpoints.identity.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.swift.keystone - dest: - path: .values.endpoints.identity.auth.swift - - # Secrets - - dest: - path: .values.endpoints.identity.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_keystone_admin_password - path: . - - dest: - path: .values.endpoints.identity.auth.swift.password - src: - schema: deckhand/Passphrase/v1 - name: ceph_swift_keystone_password - path: . - -data: - chart_name: osh-infra-ceph-config - release: osh-infra-ceph-config - namespace: osh-infra - wait: - timeout: 900 - labels: - release_group: airship-osh-infra-ceph-config - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-osh-infra-ceph-config - values: - labels: - job: - node_selector_key: openstack-control-plane - node_selector_value: enabled - provisioner: - node_selector_key: openstack-control-plane - node_selector_value: enabled - mds: - node_selector_key: ceph-mds - node_selector_value: enabled - rgw: - node_selector_key: ceph-rgw - node_selector_value: enabled - mgr: - node_selector_key: ceph-mgr - node_selector_value: enabled - deployment: - ceph: false - client_secrets: true - rbd_provisioner: false - cephfs_provisioner: false - rgw_keystone_user_and_endpoints: false - bootstrap: - enabled: false - conf: - rgw_ks: - enabled: true - dependencies: - - ceph-htk -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-ceph-config/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-ceph-config/chart-group.yaml deleted file mode 100644 index 4ab41ec..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-ceph-config/chart-group.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: osh-infra-ceph-config - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Ceph config for OpenStack-Infra namespace(s) - chart_group: - - osh-infra-ceph-config diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-dashboards/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-dashboards/chart-group.yaml deleted file mode 100644 index c9c8cf5..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-dashboards/chart-group.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: osh-infra-dashboards - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: OSH Infra Dashboards - chart_group: - - kibana - - grafana diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-dashboards/grafana.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-dashboards/grafana.yaml deleted file mode 100644 index 48e36e2..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-dashboards/grafana.yaml +++ /dev/null @@ -1,251 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: grafana - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.osh_infra.grafana - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh_infra.grafana - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.oslo_db - dest: - path: .values.endpoints.oslo_db - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.oslo_db - dest: - path: .values.endpoints.oslo_db_session - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.grafana - dest: - path: .values.endpoints.grafana - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.monitoring - dest: - path: .values.endpoints.monitoring - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.ldap - dest: - path: .values.endpoints.ldap - # Accounts - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_infra_service_accounts - path: .osh_infra.grafana.admin - dest: - path: .values.endpoints.grafana.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_infra_service_accounts - path: .osh_infra.grafana.oslo_db - dest: - path: .values.endpoints.oslo_db.auth.user - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_infra_service_accounts - path: .osh_infra.grafana.oslo_db.database - dest: - path: .values.endpoints.oslo_db.path - pattern: DB_NAME - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_infra_service_accounts - path: .osh_infra.grafana.oslo_db_session - dest: - path: .values.endpoints.oslo_db_session.auth.user - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_infra_service_accounts - path: .osh_infra.grafana.oslo_db_session.database - dest: - path: .values.endpoints.oslo_db_session.path - pattern: DB_NAME - - # Secrets - - dest: - path: .values.endpoints.grafana.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_infra_grafana_admin_password - path: . - - dest: - path: .values.endpoints.oslo_db.auth.user.password - src: - schema: deckhand/Passphrase/v1 - name: osh_infra_grafana_oslo_db_password - path: . - - dest: - path: .values.endpoints.oslo_db_session.auth.user.password - src: - schema: deckhand/Passphrase/v1 - name: osh_infra_grafana_oslo_db_session_password - path: . - - dest: - path: .values.endpoints.oslo_db.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_infra_oslo_db_admin_password - path: . - - dest: - path: .values.endpoints.oslo_db_session.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_infra_oslo_db_admin_password - path: . - - # LDAP Configuration Details - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_infra_service_accounts - path: .osh_infra.ldap.admin.bind - dest: - path: .values.endpoints.ldap.auth.admin.bind_dn - - dest: - path: .values.endpoints.ldap.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_keystone_ldap_password - path: . - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .ldap.subdomain - dest: - path: .values.conf.ldap.config.base_dns.search - pattern: SUBDOMAIN - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .ldap.domain - dest: - path: .values.conf.ldap.config.base_dns.search - pattern: DOMAIN - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .ldap.subdomain - dest: - path: .values.conf.ldap.config.base_dns.group_search - pattern: SUBDOMAIN - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .ldap.domain - dest: - path: .values.conf.ldap.config.base_dns.group_search - pattern: DOMAIN - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .ldap.common_name - dest: - path: .values.conf.ldap.config.filters.group_search - pattern: COMMON_NAME - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .ldap.subdomain - dest: - path: .values.conf.ldap.config.filters.group_search - pattern: SUBDOMAIN - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .ldap.domain - dest: - path: .values.conf.ldap.config.filters.group_search - pattern: DOMAIN -data: - chart_name: grafana - release: grafana - namespace: osh-infra - wait: - timeout: 900 - labels: - release_group: airship-grafana - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-grafana - post: - create: [] - values: - labels: - grafana: - node_selector_key: openstack-control-plane - node_selector_value: enabled - job: - node_selector_key: openstack-control-plane - node_selector_value: enabled - conf: - ldap: - config: - base_dns: - search: "DC=SUBDOMAIN,DC=DOMAIN,DC=com" - group_search: "OU=Groups,DC=SUBDOMAIN,DC=DOMAIN,DC=com" - filters: - search: "(sAMAccountName=%s)" - group_search: "(memberof=CN=COMMON_NAME,OU=Application,OU=Groups,DC=SUBDOMAIN,DC=DOMAIN,DC=com)" - template: | - verbose_logging = true - [[servers]] - host = "{{ tuple "ldap" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}" - port = {{ tuple "ldap" "public" "ldap" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }} - use_ssl = false - start_tls = false - ssl_skip_verify = false - bind_dn = "{{ .Values.endpoints.ldap.auth.admin.bind_dn }}" - bind_password = '{{ .Values.endpoints.ldap.auth.admin.password }}' - search_filter = "{{ .Values.conf.ldap.config.filters.search }}" - search_base_dns = ["{{ .Values.conf.ldap.config.base_dns.search }}"] - group_search_base_dns = ["{{ .Values.conf.ldap.config.base_dns.group_search }}"] - [servers.attributes] - username = "sAMAccountName" - surname = "sn" - member_of = "memberof" - email = "mail" - [[servers.group_mappings]] - group_dn = "{{.Values.endpoints.ldap.auth.admin.bind_dn }}" - org_role = "Admin" - [[servers.group_mappings]] - group_dn = "*" - org_role = "Viewer" - pod: - replicas: - grafana: 2 - dependencies: - - osh-infra-helm-toolkit -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-dashboards/kibana.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-dashboards/kibana.yaml deleted file mode 100644 index 4685f72..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-dashboards/kibana.yaml +++ /dev/null @@ -1,126 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kibana - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.osh_infra.kibana - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh_infra.kibana - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.elasticsearch - dest: - path: .values.endpoints.elasticsearch - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.kibana - dest: - path: .values.endpoints.kibana - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.ldap - dest: - path: .values.endpoints.ldap - # Accounts - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_infra_service_accounts - path: .osh_infra.elasticsearch.admin - dest: - path: .values.endpoints.elasticsearch.auth.admin - - # Secrets - - dest: - path: .values.endpoints.elasticsearch.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_infra_elasticsearch_admin_password - path: . - - # LDAP Details - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_infra_service_accounts - path: .osh_infra.ldap.admin - dest: - path: .values.endpoints.ldap.auth.admin - - dest: - path: .values.endpoints.ldap.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_keystone_ldap_password - path: . -data: - chart_name: kibana - release: kibana - namespace: osh-infra - wait: - timeout: 900 - labels: - release_group: airship-kibana - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-kibana - create: [] - post: - create: [] - values: - conf: - apache: - host: | - - ProxyRequests off - ProxyPreserveHost On - - ProxyPass http://localhost:{{ tuple "kibana" "internal" "kibana" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}/ - ProxyPassReverse http://localhost:{{ tuple "kibana" "internal" "kibana" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}/ - - - AuthName "Kibana" - AuthType Basic - AuthBasicProvider file ldap - AuthUserFile /usr/local/apache2/conf/.htpasswd - AuthLDAPBindDN {{ .Values.endpoints.ldap.auth.admin.bind }} - AuthLDAPBindPassword {{ .Values.endpoints.ldap.auth.admin.password }} - AuthLDAPURL {{ tuple "ldap" "public" "ldap" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" }} - Require valid-user - - - labels: - kibana: - node_selector_key: openstack-control-plane - node_selector_value: enabled - job: - node_selector_key: openstack-control-plane - node_selector_value: enabled - dependencies: - - osh-infra-helm-toolkit -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-ingress-controller/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-ingress-controller/chart-group.yaml deleted file mode 100644 index a6dc398..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-ingress-controller/chart-group.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: osh-infra-ingress-controller - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: OpenStack Namespace Ingress - chart_group: - - osh-infra-ingress-controller diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-ingress-controller/ingress.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-ingress-controller/ingress.yaml deleted file mode 100644 index 38ed357..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-ingress-controller/ingress.yaml +++ /dev/null @@ -1,55 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: osh-infra-ingress-controller - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.osh.ingress - dest: - path: .source - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh.ingress - dest: - path: .values.images.tags -data: - chart_name: osh-infra-ingress-controller - release: osh-infra-ingress-controller - namespace: osh-infra - wait: - timeout: 900 - labels: - release_group: airship-osh-infra-ingress-controller - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-osh-infra-ingress-controller - values: - labels: - server: - node_selector_key: openstack-control-plane - node_selector_value: enabled - error_server: - node_selector_key: openstack-control-plane - node_selector_value: enabled - pod: - replicas: - ingress: 2 - error_page: 2 - dependencies: - - osh-helm-toolkit diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-logging/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-logging/chart-group.yaml deleted file mode 100644 index 0a10657..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-logging/chart-group.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: osh-infra-logging - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: OSH Infra Logging - chart_group: - - elasticsearch - - fluent-logging diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-logging/elasticsearch.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-logging/elasticsearch.yaml deleted file mode 100644 index 2e7a6b6..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-logging/elasticsearch.yaml +++ /dev/null @@ -1,186 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: elasticsearch-global - labels: - hosttype: elasticsearch-global - layeringDefinition: - abstract: true - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.osh_infra.elasticsearch - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh_infra.elasticsearch - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.elasticsearch - dest: - path: .values.endpoints.elasticsearch - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.prometheus_elasticsearch_exporter - dest: - path: .values.endpoints.prometheus_elasticsearch_exporter - - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.ldap - dest: - path: .values.endpoints.ldap - - # Accounts - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_infra_service_accounts - path: .osh_infra.elasticsearch.admin - dest: - path: .values.endpoints.elasticsearch.auth.admin - - # Secrets - - dest: - path: .values.endpoints.elasticsearch.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_infra_elasticsearch_admin_password - path: . - - # LDAP Details - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_infra_service_accounts - path: .osh_infra.ldap.admin - dest: - path: .values.endpoints.ldap.auth.admin - - dest: - path: .values.endpoints.ldap.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_keystone_ldap_password - path: . -data: - chart_name: elasticsearch - release: elasticsearch - namespace: osh-infra - wait: - timeout: 900 - labels: - release_group: airship-elasticsearch - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-elasticsearch - create: [] - post: - create: [] - values: - labels: - elasticsearch: - node_selector_key: openstack-control-plane - node_selector_value: enabled - job: - node_selector_key: openstack-control-plane - node_selector_value: enabled - monitoring: - prometheus: - enabled: true - conf: - apache: - host: | - - - ProxyPass http://localhost:{{ tuple "elasticsearch" "internal" "client" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}/ - ProxyPassReverse http://localhost:{{ tuple "elasticsearch" "internal" "client" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}/ - - - AuthName "Elasticsearch" - AuthType Basic - AuthBasicProvider file ldap - AuthUserFile /usr/local/apache2/conf/.htpasswd - AuthLDAPBindDN {{ .Values.endpoints.ldap.auth.admin.bind }} - AuthLDAPBindPassword {{ .Values.endpoints.ldap.auth.admin.password }} - AuthLDAPURL {{ tuple "ldap" "public" "ldap" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" }} - Require valid-user - - - elasticsearch: - env: - java_opts: "-Xms5g -Xmx5g" - curator: - #run every 6th hour - schedule: "0 */6 * * *" - action_file: - # Remember, leave a key empty if there is no value. None will be a string, - # not a Python "NoneType" - # - # Also remember that all examples have 'disable_action' set to True. If you - # want to use this action as a template, be sure to set this to False after - # copying it. - actions: - 1: - action: delete_indices - description: >- - "Delete indices older than 7 days" - options: - timeout_override: - continue_if_exception: False - ignore_empty_list: True - disable_action: False - filters: - - filtertype: pattern - kind: prefix - value: logstash- - - filtertype: age - source: name - direction: older - timestring: '%Y.%m.%d' - unit: days - unit_count: 7 - 2: - action: delete_indices - description: >- - "Delete indices by age if available disk space is - less than 80% total disk" - options: - timeout_override: 600 - continue_if_exception: False - ignore_empty_list: True - disable_action: False - filters: - - filtertype: pattern - kind: prefix - value: logstash- - - filtertype: space - source: creation_date - use_age: True - disk_space: 1200 - storage: - elasticsearch: - requests: - storage: 500Gi - dependencies: - - osh-infra-helm-toolkit -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-logging/fluent-logging.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-logging/fluent-logging.yaml deleted file mode 100644 index 28f9dd6..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-logging/fluent-logging.yaml +++ /dev/null @@ -1,171 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: fluent-logging-global - layeringDefinition: - abstract: true - layer: global - labels: - hosttype: fluent-logging-global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.osh_infra.fluent_logging - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh_infra.fluent_logging - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.elasticsearch - dest: - path: .values.endpoints.elasticsearch - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.fluentd - dest: - path: .values.endpoints.fluentd - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.prometheus_fluentd_exporter - dest: - path: .values.endpoints.prometheus_fluentd_exporter - # Accounts - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_infra_service_accounts - path: .osh_infra.elasticsearch.admin - dest: - path: .values.endpoints.elasticsearch.auth.admin - - # Secrets - - dest: - path: .values.endpoints.elasticsearch.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_infra_elasticsearch_admin_password - path: . - -data: - chart_name: fluent-logging - release: fluent-logging - namespace: osh-infra - wait: - timeout: 900 - labels: - release_group: airship-fluent-logging - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-fluent-logging - create: [] - post: - create: [] - values: - labels: - fluentd: - node_selector_key: openstack-control-plane - node_selector_value: enabled - fluentbit: - node_selector_key: openstack-control-plane - node_selector_value: enabled - prometheus_fluentd_exporter: - node_selector_key: openstack-control-plane - node_selector_value: enabled - job: - node_selector_key: openstack-control-plane - node_selector_value: enabled - dependencies: - static: - fluentbit: - jobs: "" - services: - - endpoint: internal - service: fluentd - fluentd: - jobs: "" - services: - - endpoint: internal - service: elasticsearch - manifests: - job_elasticsearch_template: false - conf: - fluentbit: - - service: - header: service - Flush: 5 - Daemon: Off - Log_Level: info - Parsers_File: parsers.conf - - containers_tail: - header: input - Name: tail - Tag: kube.* - Path: /var/log/containers/*.log - Parser: docker - DB: /var/log/flb_kube.db - DB.Sync: Normal - Buffer_Chunk_Size: 1M - Buffer_Max_Size: 1M - Mem_Buf_Limit: 5MB - - kube_filter: - header: filter - Name: kubernetes - Match: kube.* - Merge_JSON_Log: On - - fluentd_output: - header: output - Name: forward - Match: "*" - Host: ${FLUENTD_HOST} - Port: ${FLUENTD_PORT} - td_agent: - - metrics_agent: - header: source - type: monitor_agent - bind: 0.0.0.0 - port: 24220 - - fluentbit_forward: - header: source - type: forward - port: "#{ENV['FLUENTD_PORT']}" - bind: 0.0.0.0 - - elasticsearch: - header: match - type: elasticsearch - user: "#{ENV['ELASTICSEARCH_USERNAME']}" - password: "#{ENV['ELASTICSEARCH_PASSWORD']}" - expression: "**" - include_tag_key: true - host: "#{ENV['ELASTICSEARCH_HOST']}" - port: "#{ENV['ELASTICSEARCH_PORT']}" - logstash_format: true - buffer_chunk_limit: 10M - buffer_queue_limit: 32 - flush_interval: 20s - max_retry_wait: 300 - disable_retry_limit: "" - num_threads: 8 - dependencies: - - osh-infra-helm-toolkit -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-mariadb/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-mariadb/chart-group.yaml deleted file mode 100644 index 5aa0c00..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-mariadb/chart-group.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: osh-infra-mariadb - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: OpenStack-Infra MariaDB - chart_group: - - osh-infra-mariadb diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-mariadb/mariadb.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-mariadb/mariadb.yaml deleted file mode 100644 index 310cfec..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-mariadb/mariadb.yaml +++ /dev/null @@ -1,77 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: osh-infra-mariadb - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.osh.mariadb - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh.mariadb - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.oslo_db - dest: - path: .values.endpoints.olso_db - # Accounts - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_infra_service_accounts - path: .osh_infra.oslo_db.admin - dest: - path: .values.endpoints.oslo_db.auth.admin - - # Secrets - - dest: - path: .values.endpoints.oslo_db.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_infra_oslo_db_admin_password - path: . - -data: - chart_name: osh-infra-mariadb - release: osh-infra-mariadb - namespace: osh-infra - wait: - timeout: 900 - labels: - release_group: airship-osh-infra-mariadb - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-osh-infra-mariadb - values: - labels: - server: - node_selector_key: openstack-control-plane - node_selector_value: enabled - prometheus_mysql_exporter: - node_selector_key: openstack-control-plane - node_selector_value: enabled - dependencies: - - osh-helm-toolkit -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-monitoring/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-monitoring/chart-group.yaml deleted file mode 100644 index 4cb879c..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-monitoring/chart-group.yaml +++ /dev/null @@ -1,17 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: osh-infra-monitoring - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: OSH Infra Monitoring - chart_group: - - prometheus - - prometheus-alertmanager - - prometheus-node-exporter - - prometheus-kube-state-metrics - - nagios diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-monitoring/nagios.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-monitoring/nagios.yaml deleted file mode 100644 index 35ff41b..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-monitoring/nagios.yaml +++ /dev/null @@ -1,129 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: nagios - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.osh_infra.nagios - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh_infra.nagios - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.nagios - dest: - path: .values.endpoints.nagios - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.monitoring - dest: - path: .values.endpoints.monitoring - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.ldap - dest: - path: .values.endpoints.ldap - - # Accounts - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_infra_service_accounts - path: .osh_infra.nagios.admin - dest: - path: .values.endpoints.nagios.auth.admin - - # Secrets - - dest: - path: .values.endpoints.nagios.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_infra_nagios_admin_password - path: . - - # LDAP Details - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_infra_service_accounts - path: .osh_infra.ldap.admin - dest: - path: .values.endpoints.ldap.auth.admin - - dest: - path: .values.endpoints.ldap.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_keystone_ldap_password - path: . - -data: - chart_name: nagios - release: nagios - namespace: osh-infra - wait: - timeout: 900 - labels: - release_group: airship-nagios - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-nagios - create: [] - post: - create: [] - values: - conf: - apache: - host: | - - - ProxyPass http://localhost:{{ tuple "nagios" "internal" "nagios" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}/ - ProxyPassReverse http://localhost:{{ tuple "nagios" "internal" "nagios" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}/ - - - AuthName "Nagios" - AuthType Basic - AuthBasicProvider file ldap - AuthUserFile /usr/local/apache2/conf/.htpasswd - AuthLDAPBindDN {{ .Values.endpoints.ldap.auth.admin.bind }} - AuthLDAPBindPassword {{ .Values.endpoints.ldap.auth.admin.password }} - AuthLDAPURL {{ tuple "ldap" "public" "ldap" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" }} - Require valid-user - - - labels: - nagios: - node_selector_key: openstack-control-plane - node_selector_value: enabled - job: - node_selector_key: openstack-control-plane - node_selector_value: enabled - pod: - replicas: - nagios: 3 - dependencies: - - osh-infra-helm-toolkit -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-monitoring/prometheus-alertmanager.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-monitoring/prometheus-alertmanager.yaml deleted file mode 100644 index f694112..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-monitoring/prometheus-alertmanager.yaml +++ /dev/null @@ -1,68 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: prometheus-alertmanager - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.osh_infra.prometheus_alertmanager - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh_infra.prometheus_alertmanager - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.alerts - dest: - path: .values.endpoints.alerts - -data: - chart_name: prometheus-alertmanager - release: prometheus-alertmanager - namespace: osh-infra - wait: - timeout: 900 - labels: - release_group: airship-prometheus-alertmanager - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-prometheus-alertmanager - create: [] - post: - create: [] - values: - manifests: - ingress: false - service_ingress: false - labels: - alertmanager: - node_selector_key: openstack-control-plane - node_selector_value: enabled - job: - node_selector_key: openstack-control-plane - node_selector_value: enabled - dependencies: - - osh-infra-helm-toolkit -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-monitoring/prometheus-kube-state-metrics.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-monitoring/prometheus-kube-state-metrics.yaml deleted file mode 100644 index 4fe639a..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-monitoring/prometheus-kube-state-metrics.yaml +++ /dev/null @@ -1,77 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: prometheus-kube-state-metrics - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.osh_infra.prometheus_kube_state_metrics - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh_infra.prometheus_kube_state_metrics - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.kube_state_metrics - dest: - path: .values.endpoints.kube_state_metrics - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.kube_scheduler - dest: - path: .values.endpoints.kube_scheduler - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.kube_controller_manager - dest: - path: .values.endpoints.kube_controller_manager - -data: - chart_name: prometheus-kube-state-metrics - release: prometheus-kube-state-metrics - namespace: kube-system - wait: - timeout: 900 - labels: - release_group: airship-prometheus-kube-state-metrics - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-prometheus-kube-state-metrics - create: [] - post: - create: [] - values: - labels: - kube_state_metrics: - node_selector_key: openstack-control-plane - node_selector_value: enabled - job: - node_selector_key: openstack-control-plane - node_selector_value: enabled - dependencies: - - osh-infra-helm-toolkit -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-monitoring/prometheus-node-exporter.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-monitoring/prometheus-node-exporter.yaml deleted file mode 100644 index 73d21b4..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-monitoring/prometheus-node-exporter.yaml +++ /dev/null @@ -1,65 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: prometheus-node-exporter - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.osh_infra.prometheus_node_exporter - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh_infra.prometheus_node_exporter - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.node_metrics - dest: - path: .values.endpoints.node_metrics - -data: - chart_name: prometheus-node-exporter - release: prometheus-node-exporter - namespace: kube-system - wait: - timeout: 900 - labels: - release_group: airship-prometheus-node-exporter - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-prometheus-node-exporter - create: [] - post: - create: [] - values: - labels: - node_exporter: - node_selector_key: node-exporter - node_selector_value: enabled - job: - node_selector_key: openstack-control-plane - node_selector_value: enabled - dependencies: - - osh-infra-helm-toolkit -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-monitoring/prometheus.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-monitoring/prometheus.yaml deleted file mode 100644 index 9674e88..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-monitoring/prometheus.yaml +++ /dev/null @@ -1,80 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: prometheus - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.osh_infra.prometheus - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh_infra.prometheus - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.monitoring - dest: - path: .values.endpoints.monitoring - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.alerts - dest: - path: .values.endpoints.alerts - -data: - chart_name: prometheus - release: prometheus - namespace: osh-infra - wait: - timeout: 900 - labels: - release_group: airship-prometheus - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-prometheus - create: [] - post: - create: [] - values: - manifests: - ingress: false - service_ingress: false - labels: - prometheus: - node_selector_key: openstack-control-plane - node_selector_value: enabled - job: - node_selector_key: openstack-control-plane - node_selector_value: enabled - pod: - replicas: - prometheus: 3 - storage: - requests: - storage: 500Gi - dependencies: - - osh-infra-helm-toolkit -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-openstack-exporter/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-openstack-exporter/chart-group.yaml deleted file mode 100644 index 020a347..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-openstack-exporter/chart-group.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: osh-infra-prometheus-openstack-exporter - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Prometheus OpenStack Exporter - chart_group: - - prometheus-openstack-exporter diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-openstack-exporter/prometheus-openstack-exporter.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-openstack-exporter/prometheus-openstack-exporter.yaml deleted file mode 100644 index 40781c6..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh-infra/osh-infra-openstack-exporter/prometheus-openstack-exporter.yaml +++ /dev/null @@ -1,95 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: prometheus-openstack-exporter - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.osh_infra.prometheus_openstack_exporter - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh_infra.prometheus_openstack_exporter - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.prometheus_openstack_exporter - dest: - path: .values.endpoints.prometheus_openstack_exporter - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.identity - dest: - path: .values.endpoints.identity - - # Accounts - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.keystone.admin - dest: - path: .values.endpoints.identity.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_infra_service_accounts - path: .osh_infra.prometheus_openstack_exporter.user - dest: - path: .values.endpoints.identity.auth.user - - # Secrets - - dest: - path: .values.endpoints.identity.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_keystone_admin_password - path: . - - dest: - path: .values.endpoints.identity.auth.user.password - src: - schema: deckhand/Passphrase/v1 - name: osh_infra_openstack_exporter_password - path: . -data: - chart_name: prometheus-openstack-exporter - release: prometheus-openstack-exporter - namespace: openstack - wait: - timeout: 900 - labels: - release_group: airship-prometheus-openstack-exporter - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-prometheus-openstack-exporter - values: - labels: - openstack_exporter: - node_selector_key: openstack-control-plane - node_selector_value: enabled - job: - node_selector_key: openstack-control-plane - node_selector_value: enabled - dependencies: - - osh-infra-helm-toolkit -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/dependencies.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/dependencies.yaml deleted file mode 100644 index cf07b70..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/dependencies.yaml +++ /dev/null @@ -1,28 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: osh-helm-toolkit - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.osh.helm_toolkit - dest: - path: .source -data: - chart_name: helm-toolkit - release: osh-helm-toolkit - namespace: osh-helm-toolkit - wait: - timeout: 600 - labels: - release_group: airship-osh-helm-toolkit - upgrade: - no_hooks: true - values: {} - dependencies: [] diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-ceph-config/ceph-config.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-ceph-config/ceph-config.yaml deleted file mode 100644 index 532054d..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-ceph-config/ceph-config.yaml +++ /dev/null @@ -1,142 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-ceph-config - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.ceph-client - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ceph.ceph-client - dest: - path: .values.images.tags - - # IP addresses - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .storage.ceph.public_cidr - dest: - path: .values.network.public - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .storage.ceph.cluster_cidr - dest: - path: .values.network.cluster - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.identity - dest: - path: .values.endpoints.identity - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.object_store - dest: - path: .values.endpoints.object_store - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ceph.ceph_mon - dest: - path: .values.endpoints.ceph_mon - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ceph.ceph_mgr - dest: - path: .values.endpoints.ceph_mgr - - # Credentials - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.keystone.admin - dest: - path: .values.endpoints.identity.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.swift.keystone - dest: - path: .values.endpoints.identity.auth.swift - - # Secrets - - dest: - path: .values.endpoints.identity.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_keystone_admin_password - path: . - - dest: - path: .values.endpoints.identity.auth.swift.password - src: - schema: deckhand/Passphrase/v1 - name: ceph_swift_keystone_password - path: . - -data: - chart_name: openstack-ceph-config - release: openstack-ceph-config - namespace: openstack - wait: - timeout: 900 - labels: - release_group: airship-openstack-ceph-config - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-openstack-ceph-config - values: - labels: - job: - node_selector_key: openstack-control-plane - node_selector_value: enabled - provisioner: - node_selector_key: openstack-control-plane - node_selector_value: enabled - mds: - node_selector_key: ceph-mds - node_selector_value: enabled - rgw: - node_selector_key: ceph-rgw - node_selector_value: enabled - mgr: - node_selector_key: ceph-mgr - node_selector_value: enabled - deployment: - ceph: false - client_secrets: true - rbd_provisioner: false - cephfs_provisioner: false - rgw_keystone_user_and_endpoints: false - bootstrap: - enabled: false - conf: - rgw_ks: - enabled: true - dependencies: - - ceph-htk -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-ceph-config/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-ceph-config/chart-group.yaml deleted file mode 100644 index 338abe6..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-ceph-config/chart-group.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-ceph-config - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Ceph config for OpenStack namespace(s) - chart_group: - - openstack-ceph-config diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-cinder/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-cinder/chart-group.yaml deleted file mode 100644 index d84e661..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-cinder/chart-group.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-cinder - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Deploy Cinder - chart_group: - - cinder-rabbitmq - - cinder diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-cinder/cinder.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-cinder/cinder.yaml deleted file mode 100644 index 22968c2..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-cinder/cinder.yaml +++ /dev/null @@ -1,287 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: cinder - labels: - component: cinder - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.osh.cinder - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh.cinder - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.identity - dest: - path: .values.endpoints.identity - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.image - dest: - path: .values.endpoints.image - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.image_registry - dest: - path: .values.endpoints.image_registry - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.volume - dest: - path: .values.endpoints.volume - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.volumev2 - dest: - path: .values.endpoints.volumev2 - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.volumev3 - dest: - path: .values.endpoints.volumev3 - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.oslo_db - dest: - path: .values.endpoints.oslo_db - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.cinder_oslo_messaging - dest: - path: .values.endpoints.oslo_messaging - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.oslo_cache - dest: - path: .values.endpoints.oslo_cache - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.fluentd - dest: - path: .values.endpoints.fluentd - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.keystone.admin - dest: - path: .values.endpoints.identity.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.cinder.cinder - dest: - path: .values.endpoints.identity.auth.cinder - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.cinder.oslo_messaging.admin - dest: - path: .values.endpoints.oslo_messaging.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.cinder.oslo_messaging.cinder - dest: - path: .values.endpoints.oslo_messaging.auth.cinder - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.cinder.oslo_db - dest: - path: .values.endpoints.oslo_db.auth.cinder - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.cinder.oslo_db.database - dest: - path: .values.endpoints.oslo_db.path - pattern: DB_NAME - - # Secrets - - dest: - path: .values.endpoints.identity.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_keystone_admin_password - path: . - - dest: - path: .values.endpoints.identity.auth.cinder.password - src: - schema: deckhand/Passphrase/v1 - name: osh_cinder_password - path: . - - dest: - path: .values.endpoints.oslo_messaging.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_cinder_oslo_messaging_admin_password - path: . - - dest: - path: .values.endpoints.oslo_messaging.auth.cinder.password - src: - schema: deckhand/Passphrase/v1 - name: osh_cinder_oslo_messaging_password - path: . - - dest: - path: .values.endpoints.oslo_db.auth.cinder.password - src: - schema: deckhand/Passphrase/v1 - name: osh_cinder_oslo_db_password - path: . - - dest: - path: .values.endpoints.oslo_db.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_oslo_db_admin_password - path: . - - dest: - path: .values.endpoints.oslo_cache.auth.memcache_secret_key - src: - schema: deckhand/Passphrase/v1 - name: osh_oslo_cache_secret_key - path: . -data: - chart_name: cinder - release: cinder - namespace: openstack - wait: - timeout: 900 - labels: - release_group: airship-cinder - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-cinder - post: - create: [] - values: - pod: - replicas: - api: 2 - volume: 2 - scheduler: 2 - backup: 2 - labels: - api: - node_selector_key: openstack-control-plane - node_selector_value: enabled - backup: - node_selector_key: openstack-control-plane - node_selector_value: enabled - job: - node_selector_key: openstack-control-plane - node_selector_value: enabled - scheduler: - node_selector_key: openstack-control-plane - node_selector_value: enabled - test: - node_selector_key: openstack-control-plane - node_selector_value: enabled - volume: - node_selector_key: openstack-control-plane - node_selector_value: enabled - conf: - logging: - loggers: - keys: - - root - - cinder - handlers: - keys: - - stdout - - stderr - - "null" - - fluent - formatters: - keys: - - context - - default - - fluent - logger_root: - level: WARNING - handlers: null - logger_cinder: - level: INFO - handlers: - - stdout - - stderr - - fluent - qualname: cinder - logger_amqp: - level: WARNING - handlers: stderr - qualname: amqp - logger_amqplib: - level: WARNING - handlers: stderr - qualname: amqplib - logger_eventletwsgi: - level: WARNING - handlers: stderr - qualname: eventlet.wsgi.server - logger_sqlalchemy: - level: WARNING - handlers: stderr - qualname: sqlalchemy - logger_boto: - level: WARNING - handlers: stderr - qualname: boto - handler_null: - class: logging.NullHandler - formatter: default - args: () - handler_stdout: - class: StreamHandler - args: (sys.stdout,) - formatter: context - handler_stderr: - class: StreamHandler - args: (sys.stderr,) - formatter: context - handler_fluent: - class: fluent.handler.FluentHandler - args: ('openstack.cinder', 'fluentd-logging.osh-infra', 24224) - formatter: fluent - formatter_fluent: - class: oslo_log.formatters.FluentFormatter - formatter_context: - class: oslo_log.formatters.ContextFormatter - formatter_default: - format: "%(message)s" - dependencies: - - osh-helm-toolkit -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-cinder/rabbitmq.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-cinder/rabbitmq.yaml deleted file mode 100644 index 7475d62..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-cinder/rabbitmq.yaml +++ /dev/null @@ -1,95 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: cinder-rabbitmq - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.osh.rabbitmq - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh.rabbitmq - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.cinder_oslo_messaging - dest: - path: .values.endpoints.oslo_messaging - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.cinder_rabbitmq_exporter - dest: - path: .values.endpoints.prometheus_rabbitmq_exporter - # Credentials - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.cinder.oslo_messaging.admin - dest: - path: .values.endpoints.oslo_messaging.auth.user - - # Secrets - - - src: - schema: deckhand/Passphrase/v1 - name: osh_cinder_rabbitmq_erlang_cookie - path: . - dest: - path: .values.endpoints.oslo_messaging.auth.erlang_cookie - - src: - schema: deckhand/Passphrase/v1 - name: osh_cinder_oslo_messaging_admin_password - path: . - dest: - path: .values.endpoints.oslo_messaging.auth.user.password -data: - chart_name: cinder-rabbitmq - release: cinder-rabbitmq - namespace: openstack - wait: - timeout: 900 - labels: - release_group: airship-cinder-rabbitmq - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-cinder-rabbitmq - values: - pod: - replicas: - server: 1 - labels: - server: - node_selector_key: openstack-control-plane - node_selector_value: enabled - prometheus_rabbitmq_exporter: - node_selector_key: openstack-control-plane - node_selector_value: enabled - monitoring: - prometheus: - enabled: true - dependencies: - - osh-helm-toolkit -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-compute-kit/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-compute-kit/chart-group.yaml deleted file mode 100644 index fd889fb..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-compute-kit/chart-group.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-compute-kit - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Deploy Nova, Neutron, Openvswitch, and Libvirt - chart_group: - - libvirt - - openvswitch - - neutron-rabbitmq - - nova-rabbitmq - - neutron - - nova diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-compute-kit/libvirt.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-compute-kit/libvirt.yaml deleted file mode 100644 index 6cdfabe..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-compute-kit/libvirt.yaml +++ /dev/null @@ -1,48 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: libvirt - labels: - name: libvirt-global - component: libvirt - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.osh.libvirt - dest: - path: .source - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh.libvirt - dest: - path: .values.images.tags -data: - chart_name: libvirt - release: libvirt - namespace: openstack - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-libvirt - values: - labels: - agent: - libvirt: - node_selector_key: openstack-libvirt - node_selector_value: kernel - dependencies: - - osh-helm-toolkit diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-compute-kit/neutron-rabbitmq.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-compute-kit/neutron-rabbitmq.yaml deleted file mode 100644 index 195fa60..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-compute-kit/neutron-rabbitmq.yaml +++ /dev/null @@ -1,95 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: neutron-rabbitmq - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.osh.rabbitmq - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh.rabbitmq - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.neutron_oslo_messaging - dest: - path: .values.endpoints.oslo_messaging - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.neutron_rabbitmq_exporter - dest: - path: .values.endpoints.prometheus_rabbitmq_exporter - # Credentials - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.neutron.oslo_messaging.admin - dest: - path: .values.endpoints.oslo_messaging.auth.user - - # Secrets - - - src: - schema: deckhand/Passphrase/v1 - name: osh_neutron_rabbitmq_erlang_cookie - path: . - dest: - path: .values.endpoints.oslo_messaging.auth.erlang_cookie - - src: - schema: deckhand/Passphrase/v1 - name: osh_neutron_oslo_messaging_admin_password - path: . - dest: - path: .values.endpoints.oslo_messaging.auth.user.password -data: - chart_name: neutron-rabbitmq - release: neutron-rabbitmq - namespace: openstack - wait: - timeout: 900 - labels: - release_group: airship-neutron-rabbitmq - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-neutron-rabbitmq - values: - pod: - replicas: - server: 1 - labels: - server: - node_selector_key: openstack-control-plane - node_selector_value: enabled - prometheus_rabbitmq_exporter: - node_selector_key: openstack-control-plane - node_selector_value: enabled - monitoring: - prometheus: - enabled: true - dependencies: - - osh-helm-toolkit -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-compute-kit/neutron.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-compute-kit/neutron.yaml deleted file mode 100644 index e3401f4..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-compute-kit/neutron.yaml +++ /dev/null @@ -1,334 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: neutron - labels: - name: neutron-global - component: neutron - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.osh.neutron - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh.neutron - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.identity - dest: - path: .values.endpoints.identity - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.compute - dest: - path: .values.endpoints.compute - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.compute_metadata - dest: - path: .values.endpoints.image_registry - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.oslo_db - dest: - path: .values.endpoints.oslo_db - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.neutron_oslo_messaging - dest: - path: .values.endpoints.oslo_messaging - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.oslo_cache - dest: - path: .values.endpoints.oslo_cache - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.network - dest: - path: .values.endpoints.network - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.fluentd - dest: - path: .values.endpoints.fluentd - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.keystone.admin - dest: - path: .values.endpoints.identity.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.neutron.neutron - dest: - path: .values.endpoints.identity.auth.neutron - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.nova.nova - dest: - path: .values.endpoints.identity.auth.nova - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.neutron.oslo_messaging.admin - dest: - path: .values.endpoints.oslo_messaging.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.neutron.oslo_messaging.neutron - dest: - path: .values.endpoints.oslo_messaging.auth.neutron - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.neutron.oslo_db - dest: - path: .values.endpoints.oslo_db.auth.neutron - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.neutron.oslo_db.database - dest: - path: .values.endpoints.oslo_db.path - pattern: DB_NAME - - # Secrets - - dest: - path: .values.endpoints.identity.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_keystone_admin_password - path: . - - dest: - path: .values.endpoints.identity.auth.neutron.password - src: - schema: deckhand/Passphrase/v1 - name: osh_neutron_password - path: . - - dest: - path: .values.endpoints.identity.auth.nova.password - src: - schema: deckhand/Passphrase/v1 - name: osh_nova_password - path: . - - dest: - path: .values.endpoints.oslo_messaging.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_neutron_oslo_messaging_admin_password - path: . - - dest: - path: .values.endpoints.oslo_messaging.auth.neutron.password - src: - schema: deckhand/Passphrase/v1 - name: osh_neutron_oslo_messaging_password - path: . - - dest: - path: .values.endpoints.oslo_db.auth.neutron.password - src: - schema: deckhand/Passphrase/v1 - name: osh_neutron_oslo_db_password - path: . - - dest: - path: .values.endpoints.oslo_db.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_oslo_db_admin_password - path: . - - dest: - path: .values.endpoints.oslo_cache.auth.memcache_secret_key - src: - schema: deckhand/Passphrase/v1 - name: osh_oslo_cache_secret_key - path: . - - # Interfaces for neutron configuration - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .neutron.tunnel_device - dest: - path: .values.network.interface.tunnel - pattern: 'TUNNEL_DEVICE' - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .neutron.external_iface - dest: - path: .values.network.interface.external - pattern: 'EXTERNAL_INTERFACE' - -data: - chart_name: neutron - release: neutron - namespace: openstack - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-neutron - post: - create: [] - values: - pod: - replicas: - server: 2 - labels: - agent: - dhcp: - node_selector_key: openstack-control-plane - node_selector_value: enabled - l3: - # To enable the forcing of routers onto controllers that have - # a public cidr so that tenant floating IPs can route properly - node_selector_key: openstack-l3-agent - node_selector_value: enabled - metadata: - node_selector_key: openstack-control-plane - node_selector_value: enabled - job: - node_selector_key: openstack-control-plane - node_selector_value: enabled - lb: - node_selector_key: linuxbridge - node_selector_value: enabled - ovs: - node_selector_key: openvswitch - node_selector_value: enabled - server: - node_selector_key: openstack-control-plane - node_selector_value: enabled - test: - node_selector_key: openstack-control-plane - node_selector_value: enabled - network: - interface: - tunnel: 'TUNNEL_DEVICE' - external: 'EXTERNAL_INTERFACE' - conf: - logging: - loggers: - keys: - - root - - neutron - handlers: - keys: - - stdout - - stderr - - "null" - - fluent - formatters: - keys: - - context - - default - - fluent - logger_root: - level: WARNING - handlers: null - logger_neutron: - level: INFO - handlers: - - stdout - - stderr - - fluent - qualname: neutron - logger_amqp: - level: WARNING - handlers: stderr - qualname: amqp - logger_amqplib: - level: WARNING - handlers: stderr - qualname: amqplib - logger_eventletwsgi: - level: WARNING - handlers: stderr - qualname: eventlet.wsgi.server - logger_sqlalchemy: - level: WARNING - handlers: stderr - qualname: sqlalchemy - logger_boto: - level: WARNING - handlers: stderr - qualname: boto - handler_null: - class: logging.NullHandler - formatter: default - args: () - handler_stdout: - class: StreamHandler - args: (sys.stdout,) - formatter: context - handler_stderr: - class: StreamHandler - args: (sys.stderr,) - formatter: context - handler_fluent: - class: fluent.handler.FluentHandler - args: ('openstack.neutron', 'fluentd-logging.osh-infra', 24224) - formatter: fluent - formatter_fluent: - class: oslo_log.formatters.FluentFormatter - formatter_context: - class: oslo_log.formatters.ContextFormatter - formatter_default: - format: "%(message)s" - neutron: - DEFAULT: - l3_ha: True - min_l3_agents_per_router: 2 - max_l3_agents_per_router: 5 - l3_ha_network_type: vxlan - dhcp_agents_per_network: 2 - oslo_messaging_rabbit: - heartbeat_timeout_threshold: 0 - plugins: - ml2_conf: - ml2: - extension_drivers: port_security - mechanism_drivers: l2population,openvswitch - type_drivers: vlan,flat,vxlan - tenant_network_types: vxlan - ml2_type_vlan: - network_vlan_ranges: bond0 - openvswitch_agent: - agent: - tunnel_types: vxlan - ovs: - bridge_mappings: bond0:br-bond0 - dependencies: - - osh-helm-toolkit -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-compute-kit/nova-rabbitmq.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-compute-kit/nova-rabbitmq.yaml deleted file mode 100644 index e40de63..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-compute-kit/nova-rabbitmq.yaml +++ /dev/null @@ -1,95 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: nova-rabbitmq - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.osh.rabbitmq - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh.rabbitmq - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.nova_oslo_messaging - dest: - path: .values.endpoints.oslo_messaging - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.nova_rabbitmq_exporter - dest: - path: .values.endpoints.prometheus_rabbitmq_exporter - # Credentials - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.nova.oslo_messaging.admin - dest: - path: .values.endpoints.oslo_messaging.auth.user - - # Secrets - - - src: - schema: deckhand/Passphrase/v1 - name: osh_nova_rabbitmq_erlang_cookie - path: . - dest: - path: .values.endpoints.oslo_messaging.auth.erlang_cookie - - src: - schema: deckhand/Passphrase/v1 - name: osh_nova_oslo_messaging_admin_password - path: . - dest: - path: .values.endpoints.oslo_messaging.auth.user.password -data: - chart_name: nova-rabbitmq - release: nova-rabbitmq - namespace: openstack - wait: - timeout: 900 - labels: - release_group: airship-nova-rabbitmq - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-nova-rabbitmq - values: - pod: - replicas: - server: 1 - labels: - server: - node_selector_key: openstack-control-plane - node_selector_value: enabled - prometheus_rabbitmq_exporter: - node_selector_key: openstack-control-plane - node_selector_value: enabled - monitoring: - prometheus: - enabled: true - dependencies: - - osh-helm-toolkit -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-compute-kit/nova.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-compute-kit/nova.yaml deleted file mode 100644 index 78398fe..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-compute-kit/nova.yaml +++ /dev/null @@ -1,403 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: nova-global - labels: - name: nova-global - component: nova - layeringDefinition: - abstract: true - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.osh.nova - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh.nova - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.identity - dest: - path: .values.endpoints.identity - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.oslo_db - dest: - path: .values.endpoints.oslo_db - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.oslo_db - dest: - path: .values.endpoints.oslo_db_api - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.oslo_db - dest: - path: .values.endpoints.oslo_db_cell0 - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.nova_oslo_messaging - dest: - path: .values.endpoints.oslo_messaging - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.oslo_cache - dest: - path: .values.endpoints.oslo_cache - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.image - dest: - path: .values.endpoints.image - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.compute - dest: - path: .values.endpoints.compute - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.compute_metadata - dest: - path: .values.endpoints.compute_metadata - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.compute_novnc_proxy - dest: - path: .values.endpoints.compute_novnc_proxy - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.compute_spice_proxy - dest: - path: .values.endpoints.compute_spice_proxy - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.placement - dest: - path: .values.endpoints.placement - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.network - dest: - path: .values.endpoints.network - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.fluentd - dest: - path: .values.endpoints.fluentd - - # Service Accounts - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.keystone.admin - dest: - path: .values.endpoints.identity.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.nova.nova - dest: - path: .values.endpoints.identity.auth.nova - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.neutron.neutron - dest: - path: .values.endpoints.identity.auth.neutron - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.nova.placement - dest: - path: .values.endpoints.identity.auth.placement - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.nova.oslo_messaging.admin - dest: - path: .values.endpoints.oslo_messaging.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.nova.oslo_messaging.nova - dest: - path: .values.endpoints.oslo_messaging.auth.nova - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.nova.oslo_db.username - dest: - path: .values.endpoints.oslo_db.auth.nova.username - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.nova.oslo_db.database - dest: - path: .values.endpoints.oslo_db.path - pattern: DB_NAME - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.nova.oslo_db_api - dest: - path: .values.endpoints.oslo_db_api.auth.nova - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.nova.oslo_db_api.database - dest: - path: .values.endpoints.oslo_db_api.path - pattern: DB_NAME - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.nova.oslo_db_cell0 - dest: - path: .values.endpoints.oslo_db_cell0.auth.nova - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.nova.oslo_db_cell0.database - dest: - path: .values.endpoints.oslo_db_cell0.path - pattern: DB_NAME - - # Secrets - - dest: - path: .values.endpoints.identity.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_keystone_admin_password - path: . - - dest: - path: .values.endpoints.identity.auth.nova.password - src: - schema: deckhand/Passphrase/v1 - name: osh_nova_password - path: . - - dest: - path: .values.endpoints.identity.auth.neutron.password - src: - schema: deckhand/Passphrase/v1 - name: osh_neutron_password - path: . - - dest: - path: .values.endpoints.identity.auth.placement.password - src: - schema: deckhand/Passphrase/v1 - name: osh_placement_password - path: . - - dest: - path: .values.endpoints.oslo_messaging.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_nova_oslo_messaging_admin_password - path: . - - dest: - path: .values.endpoints.oslo_messaging.auth.nova.password - src: - schema: deckhand/Passphrase/v1 - name: osh_nova_oslo_messaging_password - path: . - - dest: - path: .values.endpoints.oslo_db.auth.nova.password - src: - schema: deckhand/Passphrase/v1 - name: osh_nova_oslo_db_password - path: . - - dest: - path: .values.endpoints.oslo_db_api.auth.nova.password - src: - schema: deckhand/Passphrase/v1 - name: osh_nova_oslo_db_password - path: . - - dest: - path: .values.endpoints.oslo_db_cell0.auth.nova.password - src: - schema: deckhand/Passphrase/v1 - name: osh_nova_oslo_db_password - path: . - - dest: - path: .values.endpoints.oslo_db.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_oslo_db_admin_password - path: . - - dest: - path: .values.endpoints.oslo_db_api.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_oslo_db_admin_password - path: . - - dest: - path: .values.endpoints.oslo_db_cell0.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_oslo_db_admin_password - path: . - - dest: - path: .values.endpoints.oslo_cache.auth.memcache_secret_key - src: - schema: deckhand/Passphrase/v1 - name: osh_oslo_cache_secret_key - path: . -data: - chart_name: nova - release: nova - namespace: openstack - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-nova - post: - create: [] - values: - labels: - agent: - compute: - node_selector_key: openstack-nova-compute - node_selector_value: enabled - api_metadata: - node_selector_key: openstack-control-plane - node_selector_value: enabled - conductor: - node_selector_key: openstack-control-plane - node_selector_value: enabled - consoleauth: - node_selector_key: openstack-control-plane - node_selector_value: enabled - job: - node_selector_key: openstack-control-plane - node_selector_value: enabled - novncproxy: - node_selector_key: openstack-control-plane - node_selector_value: enabled - osapi: - node_selector_key: openstack-control-plane - node_selector_value: enabled - placement: - node_selector_key: openstack-control-plane - node_selector_value: enabled - scheduler: - node_selector_key: openstack-control-plane - node_selector_value: enabled - spiceproxy: - node_selector_key: openstack-control-plane - node_selector_value: enabled - test: - node_selector_key: openstack-control-plane - node_selector_value: enabled - pod: - replicas: - api_metadata: 2 - placement: 1 - osapi: 2 - conductor: 2 - consoleauth: 1 - scheduler: 1 - novncproxy: 1 - conf: - logging: - loggers: - keys: - - root - - nova - handlers: - keys: - - stdout - - stderr - - "null" - - fluent - formatters: - keys: - - context - - default - - fluent - logger_root: - level: WARNING - handlers: null - logger_nova: - level: INFO - handlers: - - stdout - - stderr - - fluent - qualname: nova - logger_amqp: - level: WARNING - handlers: stderr - qualname: amqp - logger_amqplib: - level: WARNING - handlers: stderr - qualname: amqplib - logger_eventletwsgi: - level: WARNING - handlers: stderr - qualname: eventlet.wsgi.server - logger_sqlalchemy: - level: WARNING - handlers: stderr - qualname: sqlalchemy - logger_boto: - level: WARNING - handlers: stderr - qualname: boto - handler_null: - class: logging.NullHandler - formatter: default - args: () - handler_stdout: - class: StreamHandler - args: (sys.stdout,) - formatter: context - handler_stderr: - class: StreamHandler - args: (sys.stderr,) - formatter: context - handler_fluent: - class: fluent.handler.FluentHandler - args: ('openstack.nova', 'fluentd-logging.osh-infra', 24224) - formatter: fluent - formatter_fluent: - class: oslo_log.formatters.FluentFormatter - formatter_context: - class: oslo_log.formatters.ContextFormatter - formatter_default: - format: "%(message)s" - dependencies: - - osh-helm-toolkit -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-compute-kit/openvswitch.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-compute-kit/openvswitch.yaml deleted file mode 100644 index b0a4f7d..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-compute-kit/openvswitch.yaml +++ /dev/null @@ -1,62 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: openvswitch - layeringDefinition: - abstract: false - layer: global - labels: - name: openvswitch-global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.osh.openvswitch - dest: - path: .source - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh.openvswitch - dest: - path: .values.images.tags - # External Interface - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .openvswitch.external_iface - dest: - path: .values.network.interface.external - pattern: 'EXTERNAL_INTERFACE' -data: - chart_name: openvswitch - release: openvswitch - namespace: openstack - wait: - timeout: 900 - labels: - release_group: airship-openvswitch - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-openvswitch - values: - labels: - ovs: - node_selector_key: openvswitch - node_selector_value: enabled - network: - external_bridge: br-bond0 - interface: - external: 'EXTERNAL_INTERFACE' - dependencies: - - osh-helm-toolkit diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-glance/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-glance/chart-group.yaml deleted file mode 100644 index bad0e1e..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-glance/chart-group.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-glance - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Deploy Glance - chart_group: - - glance-rabbitmq - - glance diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-glance/glance.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-glance/glance.yaml deleted file mode 100644 index cf555d4..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-glance/glance.yaml +++ /dev/null @@ -1,296 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: glance - labels: - component: glance - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.osh.glance - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh.glance - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.identity - dest: - path: .values.endpoints.identity - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.image - dest: - path: .values.endpoints.image - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.image_registry - dest: - path: .values.endpoints.image_registry - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.oslo_db - dest: - path: .values.endpoints.oslo_db - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.glance_oslo_messaging - dest: - path: .values.endpoints.oslo_messaging - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.oslo_cache - dest: - path: .values.endpoints.oslo_cache - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.ceph_object_store - dest: - path: .values.endpoints.ceph_object_store - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.object_store - dest: - path: .values.endpoints.object_store - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.fluentd - dest: - path: .values.endpoints.fluentd - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.keystone.admin - dest: - path: .values.endpoints.identity.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.glance.glance - dest: - path: .values.endpoints.identity.auth.glance - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.glance.oslo_messaging.admin - dest: - path: .values.endpoints.oslo_messaging.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.glance.oslo_messaging.glance - dest: - path: .values.endpoints.oslo_messaging.auth.glance - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.glance.oslo_db - dest: - path: .values.endpoints.oslo_db.auth.glance - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.glance.oslo_db.database - dest: - path: .values.endpoints.oslo_db.path - pattern: DB_NAME - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.glance.ceph_object_store - dest: - path: .values.endpoints.ceph_object_store.auth.glance - - # Secrets - - dest: - path: .values.endpoints.identity.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_keystone_admin_password - path: . - - dest: - path: .values.endpoints.identity.auth.glance.password - src: - schema: deckhand/Passphrase/v1 - name: osh_glance_password - path: . - - dest: - path: .values.endpoints.oslo_messaging.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_glance_oslo_messaging_admin_password - path: . - - dest: - path: .values.endpoints.oslo_messaging.auth.glance.password - src: - schema: deckhand/Passphrase/v1 - name: osh_glance_oslo_messaging_password - path: . - - dest: - path: .values.endpoints.oslo_db.auth.glance.password - src: - schema: deckhand/Passphrase/v1 - name: osh_glance_oslo_db_password - path: . - - dest: - path: .values.endpoints.oslo_db.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_oslo_db_admin_password - path: . - - dest: - path: .values.endpoints.oslo_cache.auth.memcache_secret_key - src: - schema: deckhand/Passphrase/v1 - name: osh_oslo_cache_secret_key - path: . - - dest: - path: .values.endpoints.object_store.auth.glance.tmpurlkey - src: - schema: deckhand/Passphrase/v1 - name: ceph_swift_keystone_password - path: . - - dest: - path: .values.endpoints.ceph_object_store.auth.glance.tmpurlkey - src: - schema: deckhand/Passphrase/v1 - name: ceph_swift_keystone_password - path: . - - dest: - path: .values.endpoints.ceph_object_store.auth.glance.password - src: - schema: deckhand/Passphrase/v1 - name: osh_glance_password - path: . -data: - chart_name: glance - release: glance - namespace: openstack - wait: - timeout: 900 - labels: - release_group: airship-glance - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-glance - post: - create: [] - values: - pod: - replicas: - api: 2 - registry: 2 - labels: - api: - node_selector_key: openstack-control-plane - node_selector_value: enabled - job: - node_selector_key: openstack-control-plane - node_selector_value: enabled - registry: - node_selector_key: openstack-control-plane - node_selector_value: enabled - manifests: - job_bootstrap: false - conf: - logging: - loggers: - keys: - - root - - glance - handlers: - keys: - - stdout - - stderr - - "null" - - fluent - formatters: - keys: - - context - - default - - fluent - logger_root: - level: WARNING - handlers: null - logger_glance: - level: INFO - handlers: - - stdout - - stderr - - fluent - qualname: glance - logger_amqp: - level: WARNING - handlers: stderr - qualname: amqp - logger_amqplib: - level: WARNING - handlers: stderr - qualname: amqplib - logger_eventletwsgi: - level: WARNING - handlers: stderr - qualname: eventlet.wsgi.server - logger_sqlalchemy: - level: WARNING - handlers: stderr - qualname: sqlalchemy - logger_boto: - level: WARNING - handlers: stderr - qualname: boto - handler_null: - class: logging.NullHandler - formatter: default - args: () - handler_stdout: - class: StreamHandler - args: (sys.stdout,) - formatter: context - handler_stderr: - class: StreamHandler - args: (sys.stderr,) - formatter: context - handler_fluent: - class: fluent.handler.FluentHandler - args: ('openstack.glance', 'fluentd-logging.osh-infra', 24224) - formatter: fluent - formatter_fluent: - class: oslo_log.formatters.FluentFormatter - formatter_context: - class: oslo_log.formatters.ContextFormatter - formatter_default: - format: "%(message)s" - dependencies: - - osh-helm-toolkit -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-glance/rabbitmq.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-glance/rabbitmq.yaml deleted file mode 100644 index 6d46e81..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-glance/rabbitmq.yaml +++ /dev/null @@ -1,95 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: glance-rabbitmq - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.osh.rabbitmq - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh.rabbitmq - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.glance_oslo_messaging - dest: - path: .values.endpoints.oslo_messaging - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.glance_rabbitmq_exporter - dest: - path: .values.endpoints.prometheus_rabbitmq_exporter - # Credentials - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.glance.oslo_messaging.admin - dest: - path: .values.endpoints.oslo_messaging.auth.user - - # Secrets - - - src: - schema: deckhand/Passphrase/v1 - name: osh_glance_rabbitmq_erlang_cookie - path: . - dest: - path: .values.endpoints.oslo_messaging.auth.erlang_cookie - - src: - schema: deckhand/Passphrase/v1 - name: osh_glance_oslo_messaging_admin_password - path: . - dest: - path: .values.endpoints.oslo_messaging.auth.user.password -data: - chart_name: glance-rabbitmq - release: glance-rabbitmq - namespace: openstack - wait: - timeout: 900 - labels: - release_group: airship-glance-rabbitmq - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-glance-rabbitmq - values: - pod: - replicas: - server: 1 - labels: - server: - node_selector_key: openstack-control-plane - node_selector_value: enabled - prometheus_rabbitmq_exporter: - node_selector_key: openstack-control-plane - node_selector_value: enabled - monitoring: - prometheus: - enabled: true - dependencies: - - osh-helm-toolkit -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-heat/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-heat/chart-group.yaml deleted file mode 100644 index 36bee7e..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-heat/chart-group.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-heat - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Deploy Heat - chart_group: - - heat-rabbitmq - - heat diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-heat/heat.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-heat/heat.yaml deleted file mode 100644 index 0f4f285..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-heat/heat.yaml +++ /dev/null @@ -1,297 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: heat - labels: - name: heat-global - component: heat - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.osh.heat - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh.heat - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.identity - dest: - path: .values.endpoints.identity - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.orchestration - dest: - path: .values.endpoints.orchestration - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.cloudformation - dest: - path: .values.endpoints.cloudformation - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.cloudwatch - dest: - path: .values.endpoints.cloudwatch - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.oslo_db - dest: - path: .values.endpoints.oslo_db - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.heat_oslo_messaging - dest: - path: .values.endpoints.oslo_messaging - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.oslo_cache - dest: - path: .values.endpoints.oslo_cache - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.fluentd - dest: - path: .values.endpoints.fluentd - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.keystone.admin - dest: - path: .values.endpoints.identity.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.heat.heat - dest: - path: .values.endpoints.identity.auth.heat - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.heat.heat_trustee - dest: - path: .values.endpoints.identity.auth.heat_trustee - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.heat.heat_stack_user - dest: - path: .values.endpoints.identity.auth.heat_stack_user - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.heat.oslo_messaging.admin - dest: - path: .values.endpoints.oslo_messaging.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.heat.oslo_messaging.heat - dest: - path: .values.endpoints.oslo_messaging.auth.heat - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.heat.oslo_db - dest: - path: .values.endpoints.oslo_db.auth.heat - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.heat.oslo_db.database - dest: - path: .values.endpoints.oslo_db.path - pattern: DB_NAME - - # Secrets - - dest: - path: .values.endpoints.identity.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_keystone_admin_password - path: . - - dest: - path: .values.endpoints.identity.auth.heat.password - src: - schema: deckhand/Passphrase/v1 - name: osh_heat_password - path: . - - dest: - path: .values.endpoints.identity.auth.heat_trustee.password - src: - schema: deckhand/Passphrase/v1 - name: osh_heat_trustee_password - path: . - - dest: - path: .values.endpoints.identity.auth.heat_stack_user.password - src: - schema: deckhand/Passphrase/v1 - name: osh_heat_stack_user_password - path: . - - dest: - path: .values.endpoints.oslo_messaging.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_heat_oslo_messaging_admin_password - path: . - - dest: - path: .values.endpoints.oslo_messaging.auth.heat.password - src: - schema: deckhand/Passphrase/v1 - name: osh_heat_oslo_messaging_password - path: . - - dest: - path: .values.endpoints.oslo_db.auth.heat.password - src: - schema: deckhand/Passphrase/v1 - name: osh_heat_oslo_db_password - path: . - - dest: - path: .values.endpoints.oslo_db.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_oslo_db_admin_password - path: . - - dest: - path: .values.endpoints.oslo_cache.auth.memcache_secret_key - src: - schema: deckhand/Passphrase/v1 - name: osh_oslo_cache_secret_key - path: . -data: - chart_name: heat - release: heat - namespace: openstack - wait: - timeout: 900 - labels: - release_group: airship-heat - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-heat - post: - create: [] - values: - pod: - replicas: - api: 1 - cfn: 1 - cloudwatch: 1 - engine: 2 - labels: - api: - node_selector_key: openstack-control-plane - node_selector_value: enabled - cfn: - node_selector_key: openstack-control-plane - node_selector_value: enabled - cloudwatch: - node_selector_key: openstack-control-plane - node_selector_value: enabled - engine: - node_selector_key: openstack-control-plane - node_selector_value: enabled - job: - node_selector_key: openstack-control-plane - node_selector_value: enabled - conf: - logging: - loggers: - keys: - - root - - heat - handlers: - keys: - - stdout - - stderr - - "null" - - fluent - formatters: - keys: - - context - - default - - fluent - logger_root: - level: WARNING - handlers: null - logger_heat: - level: INFO - handlers: - - stdout - - stderr - - fluent - qualname: heat - logger_amqp: - level: WARNING - handlers: stderr - qualname: amqp - logger_amqplib: - level: WARNING - handlers: stderr - qualname: amqplib - logger_eventletwsgi: - level: WARNING - handlers: stderr - qualname: eventlet.wsgi.server - logger_sqlalchemy: - level: WARNING - handlers: stderr - qualname: sqlalchemy - logger_boto: - level: WARNING - handlers: stderr - qualname: boto - handler_null: - class: logging.NullHandler - formatter: default - args: () - handler_stdout: - class: StreamHandler - args: (sys.stdout,) - formatter: context - handler_stderr: - class: StreamHandler - args: (sys.stderr,) - formatter: context - handler_fluent: - class: fluent.handler.FluentHandler - args: ('openstack.heat', 'fluentd-logging.osh-infra', 24224) - formatter: fluent - formatter_fluent: - class: oslo_log.formatters.FluentFormatter - formatter_context: - class: oslo_log.formatters.ContextFormatter - formatter_default: - format: "%(message)s" - dependencies: - - osh-helm-toolkit -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-heat/rabbitmq.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-heat/rabbitmq.yaml deleted file mode 100644 index fe59eeb..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-heat/rabbitmq.yaml +++ /dev/null @@ -1,95 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: heat-rabbitmq - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.osh.rabbitmq - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh.rabbitmq - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.heat_oslo_messaging - dest: - path: .values.endpoints.oslo_messaging - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.heat_rabbitmq_exporter - dest: - path: .values.endpoints.prometheus_rabbitmq_exporter - # Credentials - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.heat.oslo_messaging.admin - dest: - path: .values.endpoints.oslo_messaging.auth.user - - # Secrets - - - src: - schema: deckhand/Passphrase/v1 - name: osh_heat_rabbitmq_erlang_cookie - path: . - dest: - path: .values.endpoints.oslo_messaging.auth.erlang_cookie - - src: - schema: deckhand/Passphrase/v1 - name: osh_heat_oslo_messaging_admin_password - path: . - dest: - path: .values.endpoints.oslo_messaging.auth.user.password -data: - chart_name: heat-rabbitmq - release: heat-rabbitmq - namespace: openstack - wait: - timeout: 900 - labels: - release_group: airship-heat-rabbitmq - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-heat-rabbitmq - values: - pod: - replicas: - server: 1 - labels: - server: - node_selector_key: openstack-control-plane - node_selector_value: enabled - prometheus_rabbitmq_exporter: - node_selector_key: openstack-control-plane - node_selector_value: enabled - monitoring: - prometheus: - enabled: true - dependencies: - - osh-helm-toolkit -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-horizon/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-horizon/chart-group.yaml deleted file mode 100644 index f59b955..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-horizon/chart-group.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-horizon - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Deploy Horizon - chart_group: - - horizon diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-horizon/horizon.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-horizon/horizon.yaml deleted file mode 100644 index 3e4fcb2..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-horizon/horizon.yaml +++ /dev/null @@ -1,114 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: horizon - labels: - component: horizon - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.osh.horizon - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh.horizon - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.identity - dest: - path: .values.endpoints.identity - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.dashboard - dest: - path: .values.endpoints.dashboard - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.oslo_db - dest: - path: .values.endpoints.oslo_db - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.oslo_cache - dest: - path: .values.endpoints.oslo_cache - - # Service Accounts - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.horizon.oslo_db - dest: - path: .values.endpoints.oslo_db.auth.horizon - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.horizon.oslo_db.database - dest: - path: .values.endpoints.oslo_db.path - pattern: DB_NAME - - # Secrets - - dest: - path: .values.endpoints.oslo_db.auth.keystone.password - src: - schema: deckhand/Passphrase/v1 - name: osh_horizon_oslo_db_password - path: . - - dest: - path: .values.endpoints.oslo_db.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_oslo_db_admin_password - path: . - - dest: - path: .values.endpoints.oslo_cache.auth.memcache_secret_key - src: - schema: deckhand/Passphrase/v1 - name: osh_oslo_cache_secret_key - path: . -data: - chart_name: horizon - release: horizon - namespace: openstack - install: - no_hooks: false - wait: - timeout: 900 - labels: - release_group: airship-horizon - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-horizon - post: - create: [] - values: - labels: - node_selector_key: openstack-control-plane - node_selector_value: enabled - dependencies: - - osh-helm-toolkit -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-ingress-controller/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-ingress-controller/chart-group.yaml deleted file mode 100644 index 431942a..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-ingress-controller/chart-group.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-ingress-controller - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: OpenStack Namespace Ingress - chart_group: - - openstack-ingress-controller diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-ingress-controller/ingress.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-ingress-controller/ingress.yaml deleted file mode 100644 index f8fe4b1..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-ingress-controller/ingress.yaml +++ /dev/null @@ -1,55 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-ingress-controller - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.osh.ingress - dest: - path: .source - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh.ingress - dest: - path: .values.images.tags -data: - chart_name: openstack-ingress-controller - release: openstack-ingress-controller - namespace: openstack - wait: - timeout: 900 - labels: - release_group: airship-openstack-ingress-controller - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-openstack-ingress-controller - values: - labels: - server: - node_selector_key: openstack-control-plane - node_selector_value: enabled - error_server: - node_selector_key: openstack-control-plane - node_selector_value: enabled - pod: - replicas: - ingress: 2 - error_page: 2 - dependencies: - - osh-helm-toolkit diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-keystone/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-keystone/chart-group.yaml deleted file mode 100644 index 007be8e..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-keystone/chart-group.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-keystone - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Deploy Keystone - chart_group: - - keystone-rabbitmq - - keystone diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-keystone/keystone.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-keystone/keystone.yaml deleted file mode 100644 index 368da51..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-keystone/keystone.yaml +++ /dev/null @@ -1,259 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: keystone - labels: - name: keystone-global - component: keystone - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.osh.keystone - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh.keystone - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.identity - dest: - path: .values.endpoints.identity - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.oslo_db - dest: - path: .values.endpoints.oslo_db - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.keystone_oslo_messaging - dest: - path: .values.endpoints.oslo_messaging - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.oslo_cache - dest: - path: .values.endpoints.oslo_cache - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.fluentd - dest: - path: .values.endpoints.fluentd - - # Service Accounts - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.keystone.admin - dest: - path: .values.endpoints.identity.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.keystone.oslo_messaging.admin - dest: - path: .values.endpoints.oslo_messaging.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.keystone.oslo_messaging.keystone - dest: - path: .values.endpoints.oslo_messaging.auth.keystone - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.keystone.oslo_db - dest: - path: .values.endpoints.oslo_db.auth.keystone - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.keystone.oslo_db.database - dest: - path: .values.endpoints.oslo_db.path - pattern: DB_NAME - - # Secrets - - dest: - path: .values.endpoints.identity.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_keystone_admin_password - path: . - - dest: - path: .values.endpoints.oslo_messaging.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_keystone_oslo_messaging_admin_password - path: . - - dest: - path: .values.endpoints.oslo_messaging.auth.keystone.password - src: - schema: deckhand/Passphrase/v1 - name: osh_keystone_oslo_messaging_password - path: . - - dest: - path: .values.endpoints.oslo_db.auth.keystone.password - src: - schema: deckhand/Passphrase/v1 - name: osh_keystone_oslo_db_password - path: . - - dest: - path: .values.endpoints.oslo_db.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_oslo_db_admin_password - path: . - - dest: - path: .values.endpoints.oslo_cache.auth.memcache_secret_key - src: - schema: deckhand/Passphrase/v1 - name: osh_oslo_cache_secret_key - path: . - -data: - chart_name: keystone - release: keystone - namespace: openstack - wait: - timeout: 900 - labels: - release_group: airship-keystone - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-keystone - post: - create: [] - values: - bootstrap: - script: | - openstack role create --or-show _member_ - openstack role add \ - --user="${OS_USERNAME}" \ - --user-domain="${OS_USER_DOMAIN_NAME}" \ - --project-domain="${OS_PROJECT_DOMAIN_NAME}" \ - --project="${OS_PROJECT_NAME}" \ - "_member_" - - #NOTE(portdirect): required for all users who operate heat stacks - openstack role create --or-show heat_stack_owner - openstack role add \ - --user="${OS_USERNAME}" \ - --user-domain="${OS_USER_DOMAIN_NAME}" \ - --project-domain="${OS_PROJECT_DOMAIN_NAME}" \ - --project="${OS_PROJECT_NAME}" \ - "heat_stack_owner" - conf: - logging: - loggers: - keys: - - root - - keystone - handlers: - keys: - - stdout - - stderr - - "null" - - fluent - formatters: - keys: - - context - - default - - fluent - logger_root: - level: WARNING - handlers: null - logger_keystone: - level: INFO - handlers: - - stdout - - stderr - - fluent - qualname: keystone - logger_amqp: - level: WARNING - handlers: stderr - qualname: amqp - logger_amqplib: - level: WARNING - handlers: stderr - qualname: amqplib - logger_eventletwsgi: - level: WARNING - handlers: stderr - qualname: eventlet.wsgi.server - logger_sqlalchemy: - level: WARNING - handlers: stderr - qualname: sqlalchemy - logger_boto: - level: WARNING - handlers: stderr - qualname: boto - handler_null: - class: logging.NullHandler - formatter: default - args: () - handler_stdout: - class: StreamHandler - args: (sys.stdout,) - formatter: context - handler_stderr: - class: StreamHandler - args: (sys.stderr,) - formatter: context - handler_fluent: - class: fluent.handler.FluentHandler - args: ('openstack.keystone', 'fluentd-logging.osh-infra', 24224) - formatter: fluent - formatter_fluent: - class: oslo_log.formatters.FluentFormatter - formatter_context: - class: oslo_log.formatters.ContextFormatter - formatter_default: - format: "%(message)s" - keystone: - identity: - driver: sql - default_domain_id: default - domain_specific_drivers_enabled: True - domain_configurations_from_database: True - domain_config_dir: /etc/keystonedomains - pod: - replicas: - api: 2 - labels: - api: - node_selector_key: openstack-control-plane - node_selector_value: enabled - job: - node_selector_key: openstack-control-plane - node_selector_value: enabled - dependencies: - - osh-helm-toolkit -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-keystone/rabbitmq.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-keystone/rabbitmq.yaml deleted file mode 100644 index 54c4d9b..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-keystone/rabbitmq.yaml +++ /dev/null @@ -1,95 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: keystone-rabbitmq - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.osh.rabbitmq - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh.rabbitmq - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.keystone_oslo_messaging - dest: - path: .values.endpoints.oslo_messaging - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.keystone_rabbitmq_exporter - dest: - path: .values.endpoints.prometheus_rabbitmq_exporter - # Credentials - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.keystone.oslo_messaging.admin - dest: - path: .values.endpoints.oslo_messaging.auth.user - - # Secrets - - - src: - schema: deckhand/Passphrase/v1 - name: osh_keystone_rabbitmq_erlang_cookie - path: . - dest: - path: .values.endpoints.oslo_messaging.auth.erlang_cookie - - src: - schema: deckhand/Passphrase/v1 - name: osh_keystone_oslo_messaging_admin_password - path: . - dest: - path: .values.endpoints.oslo_messaging.auth.user.password -data: - chart_name: keystone-rabbitmq - release: keystone-rabbitmq - namespace: openstack - wait: - timeout: 900 - labels: - release_group: airship-keystone-rabbitmq - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-keystone-rabbitmq - values: - pod: - replicas: - server: 1 - labels: - server: - node_selector_key: openstack-control-plane - node_selector_value: enabled - prometheus_rabbitmq_exporter: - node_selector_key: openstack-control-plane - node_selector_value: enabled - monitoring: - prometheus: - enabled: true - dependencies: - - osh-helm-toolkit -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-mariadb/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-mariadb/chart-group.yaml deleted file mode 100644 index 5e218fb..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-mariadb/chart-group.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-mariadb - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Deploy MariaDB - chart_group: - - openstack-mariadb diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-mariadb/mariadb.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-mariadb/mariadb.yaml deleted file mode 100644 index cae3239..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-mariadb/mariadb.yaml +++ /dev/null @@ -1,77 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-mariadb - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.osh.mariadb - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh.mariadb - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.oslo_db - dest: - path: .values.endpoints.olso_db - # Accounts - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.oslo_db.admin - dest: - path: .values.endpoints.oslo_db.auth.admin - - # Secrets - - dest: - path: .values.endpoints.oslo_db.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_oslo_db_admin_password - path: . - -data: - chart_name: openstack-mariadb - release: openstack-mariadb - namespace: openstack - wait: - timeout: 900 - labels: - release_group: airship-openstack-mariadb - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-openstack-mariadb - values: - labels: - server: - node_selector_key: openstack-control-plane - node_selector_value: enabled - prometheus_mysql_exporter: - node_selector_key: openstack-control-plane - node_selector_value: enabled - dependencies: - - osh-helm-toolkit -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-memcached/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-memcached/chart-group.yaml deleted file mode 100644 index f4d6b77..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-memcached/chart-group.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-memcached - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Deploy Memcached - chart_group: - - openstack-memcached diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-memcached/memcached.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-memcached/memcached.yaml deleted file mode 100644 index 5ce47ff..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-memcached/memcached.yaml +++ /dev/null @@ -1,57 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-memcached - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.osh.memcached - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh.memcached - dest: - path: .values.images.tags - - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.oslo_cache - dest: - path: .values.endpoints.oslo_cache -data: - chart_name: openstack-memcached - release: openstack-memcached - namespace: openstack - wait: - timeout: 900 - labels: - release_group: airship-openstack-memcached - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-openstack-memcached - values: - labels: - server: - node_selector_key: openstack-control-plane - node_selector_value: enabled - dependencies: - - osh-helm-toolkit -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-radosgw/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-radosgw/chart-group.yaml deleted file mode 100644 index 467aa1f..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-radosgw/chart-group.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-radosgw - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Deploy Radosgw - chart_group: - - radosgw diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-radosgw/radosgw.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-radosgw/radosgw.yaml deleted file mode 100644 index 0d03125..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/osh/openstack-radosgw/radosgw.yaml +++ /dev/null @@ -1,142 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: radosgw - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.ceph-client - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ceph.ceph-client - dest: - path: .values.images.tags - - # IP addresses - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .storage.ceph.public_cidr - dest: - path: .values.network.public - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .storage.ceph.cluster_cidr - dest: - path: .values.network.cluster - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.identity - dest: - path: .values.endpoints.identity - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.object_store - dest: - path: .values.endpoints.object_store - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ceph.ceph_mon - dest: - path: .values.endpoints.ceph_mon - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ceph.ceph_mgr - dest: - path: .values.endpoints.ceph_mgr - - # Credentials - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.keystone.admin - dest: - path: .values.endpoints.identity.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.swift.keystone - dest: - path: .values.endpoints.identity.auth.swift - - # Secrets - - dest: - path: .values.endpoints.identity.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_keystone_admin_password - path: . - - dest: - path: .values.endpoints.identity.auth.swift.password - src: - schema: deckhand/Passphrase/v1 - name: ceph_swift_keystone_password - path: . - -data: - chart_name: radosgw - release: radosgw - namespace: openstack - wait: - timeout: 900 - labels: - release_group: airship-radosgw - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-radosgw - values: - labels: - job: - node_selector_key: openstack-control-plane - node_selector_value: enabled - provisioner: - node_selector_key: openstack-control-plane - node_selector_value: enabled - mds: - node_selector_key: ceph-mds - node_selector_value: enabled - rgw: - node_selector_key: ceph-rgw - node_selector_value: enabled - mgr: - node_selector_key: ceph-mgr - node_selector_value: enabled - deployment: - ceph: false - client_secrets: false - rbd_provisioner: false - cephfs_provisioner: false - rgw_keystone_user_and_endpoints: true - bootstrap: - enabled: false - conf: - rgw_ks: - enabled: true - dependencies: - - ceph-htk -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/armada/armada.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/armada/armada.yaml deleted file mode 100644 index adf8229..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/armada/armada.yaml +++ /dev/null @@ -1,122 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-armada - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.armada - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.armada - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.identity - dest: - path: .values.endpoints.identity - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.armada - dest: - path: .values.endpoints.armada - - # Credentials - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.keystone.admin - dest: - path: .values.endpoints.identity.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.armada.keystone - dest: - path: .values.endpoints.identity.auth.user - - # Secrets - - dest: - path: .values.endpoints.identity.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_keystone_admin_password - path: . - - dest: - path: .values.endpoints.identity.auth.user.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_armada_keystone_password - path: . -data: - chart_name: armada - release: ucp-armada - namespace: ucp - wait: - timeout: 100 - labels: - release_group: airship-ucp-armada - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-ucp-armada - values: - pod: - replicas: - api: 2 - conf: - armada: - DEFAULT: - debug: true - tiller_namespace: kube-system - manifests: - deployment_tiller: false - service_tiller_deploy: false - dependencies: - - armada-htk -... ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: armada-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.armada-htk - dest: - path: .source -data: - chart_name: armada-htk - release: armada-htk - namespace: armada-htk - values: {} - dependencies: [] -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/armada/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/armada/chart-group.yaml deleted file mode 100644 index 01e6d06..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/armada/chart-group.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-armada - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Armada - sequenced: true - chart_group: - - ucp-tiller - - ucp-armada diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/armada/tiller.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/armada/tiller.yaml deleted file mode 100644 index df5e83d..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/armada/tiller.yaml +++ /dev/null @@ -1,70 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-tiller - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.tiller - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.tiller - dest: - path: .values.images.tags - -data: - chart_name: tiller - release: ucp-tiller - namespace: kube-system - wait: - timeout: 100 - labels: - release_group: airship-ucp-tiller - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-ucp-tiller - values: {} - dependencies: - - tiller-htk -... ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: tiller-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.tiller-htk - dest: - path: .source -data: - chart_name: tiller-htk - release: tiller-htk - namespace: tiller-htk - values: {} - dependencies: [] -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/ceph-config/ceph-config.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/ceph-config/ceph-config.yaml deleted file mode 100644 index 12a7227..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/ceph-config/ceph-config.yaml +++ /dev/null @@ -1,143 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-ceph-config - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.ceph-client - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ceph.ceph-client - dest: - path: .values.images.tags - - # IP addresses - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .storage.ceph.public_cidr - dest: - path: .values.network.public - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .storage.ceph.cluster_cidr - dest: - path: .values.network.cluster - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.identity - dest: - path: .values.endpoints.identity - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ceph.object_store - dest: - path: .values.endpoints.object_store - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ceph.ceph_mon - dest: - path: .values.endpoints.ceph_mon - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ceph.ceph_mgr - dest: - path: .values.endpoints.ceph_mgr - - # Credentials - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.keystone.admin - dest: - path: .values.endpoints.identity.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ceph.swift.keystone - dest: - path: .values.endpoints.identity.auth.swift - - # Secrets - - dest: - path: .values.endpoints.identity.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_keystone_admin_password - path: . - - dest: - path: .values.endpoints.identity.auth.swift.password - src: - schema: deckhand/Passphrase/v1 - name: ceph_swift_keystone_password - path: . - -data: - chart_name: ucp-ceph-config - release: ucp-ceph-config - namespace: ucp - wait: - timeout: 900 - labels: - release_group: airship-ucp-ceph-config - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-ucp-ceph-config - values: - labels: - job: - node_selector_key: ucp-control-plane - node_selector_value: enabled - provisioner: - node_selector_key: ucp-control-plane - node_selector_value: enabled - mds: - node_selector_key: ceph-mds - node_selector_value: enabled - rgw: - node_selector_key: ceph-rgw - node_selector_value: enabled - mgr: - node_selector_key: ceph-mgr - node_selector_value: enabled - deployment: - ceph: false - client_secrets: true - rbd_provisioner: false - cephfs_provisioner: false - rgw_keystone_user_and_endpoints: false - bootstrap: - enabled: false - conf: - rgw_ks: - enabled: true - - dependencies: - - ceph-htk -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/ceph-config/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/ceph-config/chart-group.yaml deleted file mode 100644 index 5534867..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/ceph-config/chart-group.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-ceph-config - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Ceph config for UCP namespace(s) - chart_group: - # NOTE: This will probably expand into one config per UCP namespace - # that requires ceph access. - - ucp-ceph-config diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/ceph/ceph-client-update.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/ceph/ceph-client-update.yaml deleted file mode 100644 index 45f2d32..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/ceph/ceph-client-update.yaml +++ /dev/null @@ -1,189 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-ceph-client-update-global - layeringDefinition: - abstract: true - layer: global - storagePolicy: cleartext - labels: - name: ucp-ceph-client-update-global - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.ceph-client - dest: - path: .source - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ceph.ceph-client - dest: - path: .values.images.tags - - # IP addresses - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .storage.ceph.public_cidr - dest: - path: .values.network.public - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .storage.ceph.cluster_cidr - dest: - path: .values.network.cluster - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.identity - dest: - path: .values.endpoints.identity - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ceph.object_store - dest: - path: .values.endpoints.object_store - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ceph.ceph_mon - dest: - path: .values.endpoints.ceph_mon - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ceph.ceph_mgr - dest: - path: .values.endpoints.ceph_mgr - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.keystone.admin - dest: - path: .values.endpoints.identity.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.swift.keystone - dest: - path: .values.endpoints.identity.auth.swift - - # Secrets - - dest: - path: .values.endpoints.identity.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_keystone_admin_password - path: . - - dest: - path: .values.endpoints.identity.auth.swift.password - src: - schema: deckhand/Passphrase/v1 - name: ceph_swift_keystone_password - path: . - - dest: - path: .values.conf.ceph.global.fsid - src: - schema: deckhand/Passphrase/v1 - name: ceph_fsid - path: . - -data: - chart_name: ucp-ceph-client - release: ucp-ceph-client - namespace: ceph - protected: - continue_processing: true - wait: - timeout: 900 - labels: - release_group: airship-ucp-ceph-client - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-ucp-ceph-client - values: - labels: - job: - node_selector_key: ucp-control-plane - node_selector_value: enabled - provisioner: - node_selector_key: ucp-control-plane - node_selector_value: enabled - mds: - node_selector_key: ceph-mds - node_selector_value: enabled - rgw: - node_selector_key: ceph-rgw - node_selector_value: enabled - mgr: - node_selector_key: ceph-mgr - node_selector_value: enabled - endpoints: - identity: - namespace: openstack - object_store: - namespace: ceph - ceph_mon: - namespace: ceph - deployment: - ceph: true - client_secrets: false - rbd_provisioner: true - cephfs_provisioner: true - rgw_keystone_user_and_endpoints: false - bootstrap: - enabled: true - pod: - replicas: - mds: 2 - mgr: 2 - rgw: 2 - - conf: - rgw_ks: - enabled: true - config: - #NOTE (portdirect): See http://tracker.ceph.com/issues/21226 - rgw_keystone_token_cache_size: '0' - pool: - - # NOTE(alanmeadows) spport 4.x 16.04 kernels (non-HWE) - crush: - tunables: 'hammer' - - # NOTE(alanmeadows): This is required ATM for bootstrapping a Ceph - # cluster with only one OSD. Depending on OSD targeting & site - # configuration this can be changed. - target: - osd: 1 - pg_per_osd: 100 - - default: - # NOTE(alanmeadows): This is required ATM for bootstrapping a Ceph - # cluster with only one OSD. Depending on OSD targeting & site - # configuration this can be changed. - crush_rule: replicated_rule - - ceph: - global: - # NOTE: This is required ATM for bootstrapping a Ceph - # cluster with only one OSD. Depending on OSD targeting & site - # configuration this can be changed. - osd_pool_default_size: 1 - - dependencies: - - ceph-htk -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/ceph/ceph-client.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/ceph/ceph-client.yaml deleted file mode 100644 index 540f4ac..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/ceph/ceph-client.yaml +++ /dev/null @@ -1,190 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-ceph-client-global - layeringDefinition: - abstract: true - layer: global - storagePolicy: cleartext - labels: - name: ucp-ceph-client-global - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.ceph-client - dest: - path: .source - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ceph.ceph-client - dest: - path: .values.images.tags - - # IP addresses - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .storage.ceph.public_cidr - dest: - path: .values.network.public - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .storage.ceph.cluster_cidr - dest: - path: .values.network.cluster - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_endpoints - path: .osh.identity - dest: - path: .values.endpoints.identity - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ceph.object_store - dest: - path: .values.endpoints.object_store - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ceph.ceph_mon - dest: - path: .values.endpoints.ceph_mon - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ceph.ceph_mgr - dest: - path: .values.endpoints.ceph_mgr - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.keystone.admin - dest: - path: .values.endpoints.identity.auth.admin - - - src: - schema: pegleg/AccountCatalogue/v1 - name: osh_service_accounts - path: .osh.swift.keystone - dest: - path: .values.endpoints.identity.auth.swift - - # Secrets - - dest: - path: .values.endpoints.identity.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: osh_keystone_admin_password - path: . - - dest: - path: .values.endpoints.identity.auth.swift.password - src: - schema: deckhand/Passphrase/v1 - name: ceph_swift_keystone_password - path: . - - dest: - path: .values.conf.ceph.global.fsid - src: - schema: deckhand/Passphrase/v1 - name: ceph_fsid - path: . - -data: - chart_name: ucp-ceph-client - release: ucp-ceph-client - namespace: ceph - protected: - continue_processing: true - wait: - timeout: 900 - labels: - release_group: airship-ucp-ceph-client - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-ucp-ceph-client - values: - labels: - job: - node_selector_key: ucp-control-plane - node_selector_value: enabled - provisioner: - node_selector_key: ucp-control-plane - node_selector_value: enabled - mds: - node_selector_key: ceph-mds - node_selector_value: enabled - rgw: - node_selector_key: ceph-rgw - node_selector_value: enabled - mgr: - node_selector_key: ceph-mgr - node_selector_value: enabled - endpoints: - identity: - namespace: openstack - object_store: - namespace: ceph - ceph_mon: - namespace: ceph - deployment: - ceph: true - client_secrets: false - rbd_provisioner: true - cephfs_provisioner: true - rgw_keystone_user_and_endpoints: false - bootstrap: - enabled: true - pod: - replicas: - mds: 1 - mgr: 1 - rgw: 1 - - conf: - rgw_ks: - enabled: true - config: - #NOTE (portdirect): See http://tracker.ceph.com/issues/21226 - rgw_keystone_token_cache_size: '0' - pool: - - # NOTE(alanmeadows) spport 4.x 16.04 kernels (non-HWE) - crush: - tunables: 'hammer' - - # NOTE(alanmeadows): This is required ATM for bootstrapping a Ceph - # cluster with only one OSD. Depending on OSD targeting & site - # configuration this can be changed. - target: - osd: 1 - pg_per_osd: 100 - - default: - # NOTE(alanmeadows): This is required ATM for bootstrapping a Ceph - # cluster with only one OSD. Depending on OSD targeting & site - # configuration this can be changed. - crush_rule: same_host - - ceph: - global: - # NOTE: This is required ATM for bootstrapping a Ceph - # cluster with only one OSD. Depending on OSD targeting & site - # configuration this can be changed. - osd_pool_default_size: 1 - - dependencies: - - ceph-htk -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/ceph/ceph-htk.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/ceph/ceph-htk.yaml deleted file mode 100644 index ebaac07..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/ceph/ceph-htk.yaml +++ /dev/null @@ -1,23 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ceph-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.ceph-htk - dest: - path: .source -data: - chart_name: ceph-htk - release: ceph-htk - namespace: ceph-htk - values: {} - dependencies: [] -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/ceph/ceph-ingress.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/ceph/ceph-ingress.yaml deleted file mode 100644 index 2e832b4..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/ceph/ceph-ingress.yaml +++ /dev/null @@ -1,64 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-ceph-ingress - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.ingress - dest: - path: .source - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.ingress - dest: - path: .values.images.tags -data: - chart_name: ucp-ceph-ingress - release: ucp-ceph-ingress - namespace: ceph - wait: - timeout: 300 - labels: - release_group: airship-ucp-ceph-ingress - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-ucp-ceph-ingress - values: - conf: - ingress: - proxy-body-size: 20m - labels: - server: - node_selector_key: ucp-control-plane - node_selector_value: enabled - error_server: - node_selector_key: ucp-control-plane - node_selector_value: enabled - pod: - replicas: - ingress: 2 - error_page: 2 - network: - ingress: - annotations: - nginx.ingress.kubernetes.io/proxy-body-size: 20m - nginx.ingress.kubernetes.io/proxy-read-timeout: "600" - dependencies: - - ucp-ingress-htk -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/ceph/ceph-mon.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/ceph/ceph-mon.yaml deleted file mode 100644 index 46b1924..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/ceph/ceph-mon.yaml +++ /dev/null @@ -1,150 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-ceph-mon - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - labels: - name: ucp-ceph-mon - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.ceph-mon - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ceph.ceph-mon - dest: - path: .values.images.tags - - # IP addresses - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .storage.ceph.public_cidr - dest: - path: .values.network.public - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .storage.ceph.cluster_cidr - dest: - path: .values.network.cluster - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.identity - dest: - path: .values.endpoints.identity - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ceph.object_store - dest: - path: .values.endpoints.object_store - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ceph.ceph_mon - dest: - path: .values.endpoints.ceph_mon - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.fluentd - dest: - path: .values.endpoints.fluentd - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ceph.ceph_mgr - dest: - path: .values.endpoints.ceph_mgr - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.keystone.admin - dest: - path: .values.endpoints.identity.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ceph.swift.keystone - dest: - path: .values.endpoints.identity.auth.swift - - # Secrets - - dest: - path: .values.endpoints.identity.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_keystone_admin_password - path: . - - dest: - path: .values.endpoints.identity.auth.swift.password - src: - schema: deckhand/Passphrase/v1 - name: ceph_swift_keystone_password - path: . - - dest: - path: .values.conf.ceph.global.fsid - src: - schema: deckhand/Passphrase/v1 - name: ceph_fsid - path: . - -data: - chart_name: ucp-ceph-mon - release: ucp-ceph-mon - namespace: ceph - protected: - continue_processing: true - wait: - timeout: 1800 - labels: - release_group: airship-ucp-ceph-mon - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-ucp-ceph-mon - values: - logging: - fluentd: true - labels: - job: - node_selector_key: ucp-control-plane - node_selector_value: enabled - mon: - node_selector_key: ceph-mon - node_selector_value: enabled - endpoints: - identity: - namespace: openstack - object_store: - namespace: ceph - ceph_mon: - namespace: ceph - fluentd: - namespace: osh-infra - deployment: - ceph: true - storage_secrets: true - bootstrap: - enabled: true - dependencies: - - ceph-htk -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/ceph/ceph-osd.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/ceph/ceph-osd.yaml deleted file mode 100644 index e26983c..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/ceph/ceph-osd.yaml +++ /dev/null @@ -1,153 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-ceph-osd-global - layeringDefinition: - abstract: true - layer: global - storagePolicy: cleartext - labels: - name: ucp-ceph-osd-global - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.ceph-osd - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ceph.ceph-osd - dest: - path: .values.images.tags - - # IP addresses - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .storage.ceph.public_cidr - dest: - path: .values.network.public - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .storage.ceph.cluster_cidr - dest: - path: .values.network.cluster - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.identity - dest: - path: .values.endpoints.identity - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ceph.object_store - dest: - path: .values.endpoints.object_store - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ceph.ceph_mon - dest: - path: .values.endpoints.ceph_mon - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.fluentd - dest: - path: .values.endpoints.fluentd - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ceph.ceph_mgr - dest: - path: .values.endpoints.ceph_mgr - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.keystone.admin - dest: - path: .values.endpoints.identity.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ceph.swift.keystone - dest: - path: .values.endpoints.identity.auth.swift - - # Secrets - - dest: - path: .values.endpoints.identity.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_keystone_admin_password - path: . - - dest: - path: .values.endpoints.identity.auth.swift.password - src: - schema: deckhand/Passphrase/v1 - name: ceph_swift_keystone_password - path: . - - dest: - path: .values.conf.ceph.global.fsid - src: - schema: deckhand/Passphrase/v1 - name: ceph_fsid - path: . - -data: - chart_name: ucp-ceph-osd - release: ucp-ceph-osd - namespace: ceph - protected: - continue_processing: true - wait: - timeout: 900 - labels: - release_group: airship-ucp-ceph-osd - install: - no_hooks: false - upgrade: - no_hooks: false - values: - logging: - fluentd: true - labels: - osd: - node_selector_key: ceph-osd - node_selector_value: enabled - endpoints: - identity: - namespace: openstack - object_store: - namespace: ceph - ceph_mon: - namespace: ceph - fluentd: - namespace: osh-infra - bootstrap: - enabled: true - conf: - storage: - osd: - - data: - type: directory - location: /var/lib/openstack-helm/ceph/osd/osd-one - journal: - type: directory - location: /var/lib/openstack-helm/ceph/osd/journal-one - osd: - # NOTE(alanmeadows): This is required ATM for bootstrapping a Ceph - # cluster with only one OSD. Depending on OSD targeting & site - # configuration this can be changed. - osd_crush_chooseleaf_type: 0 - dependencies: - - ceph-htk -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/ceph/chart-group-update.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/ceph/chart-group-update.yaml deleted file mode 100644 index 6f819b1..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/ceph/chart-group-update.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-ceph-update - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Ceph post-install update - sequenced: true - chart_group: - - ucp-ceph-ingress - - ucp-ceph-mon - - ucp-ceph-osd - - ucp-ceph-client-update -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/ceph/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/ceph/chart-group.yaml deleted file mode 100644 index 3a3ded0..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/ceph/chart-group.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-ceph - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Ceph Storage - sequenced: true - chart_group: - - ucp-ceph-ingress - - ucp-ceph-mon - - ucp-ceph-osd - - ucp-ceph-client -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/core/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/core/chart-group.yaml deleted file mode 100644 index 147b8bc..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/core/chart-group.yaml +++ /dev/null @@ -1,17 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-core - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Common UCP Components - chart_group: - - ucp-ingress - - ucp-mariadb - - ucp-postgresql - - ucp-rabbitmq -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/core/ingress.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/core/ingress.yaml deleted file mode 100644 index 935718b..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/core/ingress.yaml +++ /dev/null @@ -1,85 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-ingress - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.ingress - dest: - path: .source - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.ingress - dest: - path: .values.images.tags -data: - chart_name: ingress - release: ingress - namespace: ucp - wait: - timeout: 300 - labels: - release_group: airship-ingress - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-ingress - values: - conf: - ingress: - proxy-body-size: 20m - labels: - server: - node_selector_key: ucp-control-plane - node_selector_value: enabled - error_server: - node_selector_key: ucp-control-plane - node_selector_value: enabled - pod: - replicas: - ingress: 2 - error_page: 2 - network: - ingress: - annotations: - nginx.ingress.kubernetes.io/proxy-body-size: 20m - nginx.ingress.kubernetes.io/proxy-read-timeout: "600" - dependencies: - - ucp-ingress-htk ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-ingress-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.ingress-htk - dest: - path: .source -data: - chart_name: ucp-ingress-htk - release: ucp-ingress-htk - namespace: ucp-ingress-htk - values: {} - dependencies: [] diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/core/mariadb.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/core/mariadb.yaml deleted file mode 100644 index 4b8e535..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/core/mariadb.yaml +++ /dev/null @@ -1,109 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-mariadb - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.mariadb - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.mariadb - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.oslo_db - dest: - path: .values.endpoints.olso_db - # Accounts - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.oslo_db.admin - dest: - path: .values.endpoints.oslo_db.auth.admin - - # Secrets - - dest: - path: .values.endpoints.oslo_db.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_oslo_db_admin_password - path: . - -data: - chart_name: ucp-mariadb - release: ucp-mariadb - namespace: ucp - wait: - timeout: 300 - labels: - release_group: airship-ucp-mariadb - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-ucp-mariadb - values: - labels: - server: - node_selector_key: ucp-control-plane - node_selector_value: enabled - prometheus_mysql_exporter: - node_selector_key: ucp-control-plane - node_selector_value: enabled - ingress: - node_selector_key: ucp-control-plane - node_selector_value: enabled - error_server: - node_selector_key: ucp-control-plane - node_selector_value: enabled - pod: - replicas: - server: 1 - dependencies: - - mariadb-htk -... ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: mariadb-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.mariadb-htk - dest: - path: .source -data: - chart_name: mariadb-htk - release: mariadb-htk - namespace: mariadb-htk - values: {} - dependencies: [] -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/core/postgresql.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/core/postgresql.yaml deleted file mode 100644 index 85845ff..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/core/postgresql.yaml +++ /dev/null @@ -1,105 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-postgresql - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.postgresql - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.postgresql - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.postgresql - dest: - path: .values.endpoints.postgresql - # Credentials - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.postgres.admin - dest: - path: .values.endpoints.postgresql.auth.admin - - # Secrets - - dest: - path: .values.endpoints.postgresql.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_postgres_admin_password - path: . -data: - chart_name: ucp-postgresql - release: ucp-postgresql - namespace: ucp - wait: - timeout: 600 - labels: - release_group: airship-ucp-postgresql - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-ucp-postgresql - create: [] - post: - create: [] - values: - conf: - postgresql: - max_connections: 1000 - shared_buffers: 2GB - development: - enabled: false - labels: - server: - node_selector_key: ucp-control-plane - node_selector_value: enabled - dependencies: - - postgres-htk -... ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: postgres-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.postgresql-htk - dest: - path: .source -data: - chart_name: postgres-htk - release: postgres-htk - namespace: postgres-htk - values: {} - dependencies: [] -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/core/rabbitmq.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/core/rabbitmq.yaml deleted file mode 100644 index 7c87724..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/core/rabbitmq.yaml +++ /dev/null @@ -1,110 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-rabbitmq - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.rabbitmq - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.rabbitmq - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.oslo_messaging - dest: - path: .values.endpoints.oslo_messaging - - # Credentials - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.oslo_messaging.admin - dest: - path: .values.endpoints.oslo_messaging.auth.user - - # Secrets - - - src: - schema: deckhand/Passphrase/v1 - name: ucp_rabbitmq_erlang_cookie - path: . - dest: - path: .values.endpoints.oslo_messaging.auth.erlang_cookie - - src: - schema: deckhand/Passphrase/v1 - name: ucp_oslo_messaging_password - path: . - dest: - path: .values.endpoints.oslo_messaging.auth.user.password -data: - chart_name: ucp-rabbitmq - release: ucp-rabbitmq - namespace: ucp - wait: - timeout: 300 - labels: - release_group: airship-ucp-rabbitmq - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-ucp-rabbitmq - values: - pod: - replicas: - server: 1 - labels: - server: - node_selector_key: ucp-control-plane - node_selector_value: enabled - prometheus_rabbitmq_exporter: - node_selector_key: ucp-control-plane - node_selector_value: enabled - dependencies: - - ucp-rabbitmq-htk -... ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-rabbitmq-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.rabbitmq-htk - dest: - path: .source -data: - chart_name: ucp-rabbitmq-htk - release: ucp-rabbitmq-htk - namespace: ucp-rabbitmq-htk - values: {} - dependencies: [] -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/deckhand/barbican.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/deckhand/barbican.yaml deleted file mode 100644 index 5cda19c..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/deckhand/barbican.yaml +++ /dev/null @@ -1,261 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-barbican - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.barbican - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.barbican - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.identity - dest: - path: .values.endpoints.identity - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.key_manager - dest: - path: .values.endpoints.key_manager - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.oslo_db - dest: - path: .values.endpoints.oslo_db - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.oslo_cache - dest: - path: .values.endpoints.oslo_cache - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.oslo_messaging - dest: - path: .values.endpoints.oslo_messaging - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.fluentd - dest: - path: .values.endpoints.fluentd - # Credentials - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.barbican.keystone - dest: - path: .values.endpoints.identity.auth.barbican - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.keystone.admin - dest: - path: .values.endpoints.identity.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.barbican.oslo_db - dest: - path: .values.endpoints.oslo_db.auth.barbican - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.barbican.oslo_db.database - dest: - path: .values.endpoints.oslo_db.path - pattern: DB_NAME - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.barbican.oslo_messaging - dest: - path: .values.endpoints.oslo_messaging.auth - - # Secrets - - dest: - path: .values.endpoints.identity.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_keystone_admin_password - path: . - - dest: - path: .values.endpoints.oslo_db.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_oslo_db_admin_password - path: . - - dest: - path: .values.endpoints.identity.auth.barbican.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_barbican_keystone_password - path: . - - dest: - path: .values.endpoints.oslo_db.auth.barbican.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_barbican_oslo_db_password - path: . - - dest: - path: .values.endpoints.oslo_messaging.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_oslo_messaging_password - path: . - - dest: - path: .values.endpoints.oslo_messaging.auth.barbican.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_oslo_messaging_password - path: . -data: - chart_name: ucp-barbican - release: ucp-barbican - namespace: ucp - wait: - timeout: 300 - labels: - release_group: airship-ucp-barbican - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-ucp-barbican - post: - create: [] - values: - conf: - logging: - loggers: - keys: - - root - - barbican - handlers: - keys: - - stdout - - stderr - - "null" - - fluent - formatters: - keys: - - context - - default - - fluent - logger_root: - level: WARNING - handlers: null - logger_barbican: - level: INFO - handlers: - - stdout - - stderr - - fluent - qualname: barbican - logger_amqp: - level: WARNING - handlers: stderr - qualname: amqp - logger_amqplib: - level: WARNING - handlers: stderr - qualname: amqplib - logger_eventletwsgi: - level: WARNING - handlers: stderr - qualname: eventlet.wsgi.server - logger_sqlalchemy: - level: WARNING - handlers: stderr - qualname: sqlalchemy - logger_boto: - level: WARNING - handlers: stderr - qualname: boto - handler_null: - class: logging.NullHandler - formatter: default - args: () - handler_stdout: - class: StreamHandler - args: (sys.stdout,) - formatter: context - handler_stderr: - class: StreamHandler - args: (sys.stderr,) - formatter: context - handler_fluent: - class: fluent.handler.FluentHandler - args: ('ucp.barbican', 'fluentd-logging.osh-infra', 24224) - formatter: fluent - formatter_fluent: - class: oslo_log.formatters.FluentFormatter - formatter_context: - class: oslo_log.formatters.ContextFormatter - formatter_default: - format: "%(message)s" - labels: - api: - node_selector_key: ucp-control-plane - node_selector_value: enabled - job: - node_selector_key: ucp-control-plane - node_selector_value: enabled - test: - node_selector_key: ucp-control-plane - node_selector_value: enabled - pod: - replicas: - api: 2 - dependencies: - - ucp-barbican-htk -... ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-barbican-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.barbican-htk - dest: - path: .source -data: - chart_name: ucp-barbican-htk - release: ucp-barbican-htk - namespace: ucp-barbican-htk - values: {} - dependencies: [] -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/deckhand/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/deckhand/chart-group.yaml deleted file mode 100644 index e26aba3..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/deckhand/chart-group.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-deckhand - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Deckhand - chart_group: - # NOTE: Find and add the dogtag chart - # - ucp-dogtag - - ucp-barbican - - ucp-deckhand diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/deckhand/deckhand.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/deckhand/deckhand.yaml deleted file mode 100644 index 0cddf87..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/deckhand/deckhand.yaml +++ /dev/null @@ -1,173 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-deckhand - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.deckhand - dest: - path: .source - - # Images - - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.deckhand - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.identity - dest: - path: .values.endpoints.identity - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.postgresql - dest: - path: .values.endpoints.postgresql - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.deckhand - dest: - path: .values.endpoints.deckhand - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.key_manager - dest: - path: .values.endpoints.key_manager - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.oslo_cache - dest: - path: .values.endpoints.oslo_cache - # Credentials - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.postgres.admin - dest: - path: .values.endpoints.postgresql.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.deckhand.postgres - dest: - path: .values.endpoints.postgresql.auth.user - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.deckhand.postgres.database - dest: - path: .values.endpoints.postgresql.path - pattern: DB_NAME - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.deckhand.keystone - dest: - path: .values.endpoints.identity.auth.user - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.keystone.admin - dest: - path: .values.endpoints.identity.auth.admin - - # Secrets - - dest: - path: .values.endpoints.identity.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_keystone_admin_password - path: . - - dest: - path: .values.endpoints.postgresql.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_postgres_admin_password - path: . - - dest: - path: .values.endpoints.identity.auth.user.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_deckhand_keystone_password - path: . - - dest: - path: .values.endpoints.postgresql.auth.user.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_deckhand_postgres_password - path: . -data: - chart_name: ucp-deckhand - release: ucp-deckhand - namespace: ucp - wait: - timeout: 600 - labels: - release_group: airship-ucp-deckhand - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-ucp-deckhand - post: - create: [] - values: - pod: - replicas: - deckhand: 2 - conf: - deckhand: - DEFAULT: - debug: true - use_stderr: true - use_syslog: true - keystone_authtoken: - memcache_security_strategy: None - dependencies: - - deckhand-htk -... ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: deckhand-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.deckhand-htk - dest: - path: .source -data: - chart_name: deckhand-htk - release: deckhand-htk - namespace: deckhand-htk - values: {} - dependencies: [] -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/divingbell/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/divingbell/chart-group.yaml deleted file mode 100644 index e67a6e2..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/divingbell/chart-group.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-divingbell - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Divingbell - chart_group: - - ucp-divingbell diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/divingbell/divingbell.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/divingbell/divingbell.yaml deleted file mode 100644 index 2e30ea9..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/divingbell/divingbell.yaml +++ /dev/null @@ -1,103 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-divingbell-global - layeringDefinition: - abstract: true - layer: global - labels: - name: ucp-divingbell-global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.divingbell - dest: - path: .source - # Image Source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.divingbell - dest: - path: .values.images -data: - chart_name: ucp-divingbell - release: ucp-divingbell - namespace: ucp - wait: - timeout: 300 - labels: - release_group: airship-ucp-divingbell - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-ucp-divingbell - values: - conf: - sysctl: - # Larger connection tracking table - net.nf_conntrack_max: '1048576' - # Reboot the node 60 seconds after a kernel panic, instead of default - # value of 0 (i.e. never reboot) - kernel.panic: '60' - # Accept gratuitous ARP to support failover scenarios - # https://bugs.launchpad.net/fuel/+bug/1456272 - net.ipv4.conf.default.arp_accept: '1' - net.ipv4.conf.all.arp_accept: '1' - # Increased network backlog to optimize performance on fast networks - net.core.netdev_max_backlog: '261144' - # Optimizations for RabbitMQ failover - # https://bugs.launchpad.net/oslo.messaging/+bug/856764/comments/19 - net.ipv4.tcp_keepalive_intvl: '3' - net.ipv4.tcp_keepalive_time: '30' - net.ipv4.tcp_keepalive_probes: '8' - net.ipv4.tcp_retries2: '5' - # Larger thresholds - # "Neighbour table overflow" errors that filled kernel logs - net.ipv4.neigh.default.gc_thresh1: '4096' - net.ipv4.neigh.default.gc_thresh2: '8192' - net.ipv4.neigh.default.gc_thresh3: '16384' - # It was necessary to set rp_filter to zero to support certain - # multi-homed storage backends - net.ipv4.conf.default.rp_filter: '0' - # Enable byte/packet count for new connections to enable creation of - # rules for the connbytes netfilter module - net.netfilter.nf_conntrack_acct: '1' - # Added in response to error messages seen on genesis host when services - # were restarted. "Failed to add /run/systemd/ask-password to directory - # watch: No space left on device". https://bit.ly/2Mj5qn2 TDP bug 427616 - fs.inotify.max_user_watches: '1048576' - dependencies: - - ucp-divingbell-htk ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-divingbell-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.divingbell-htk - dest: - path: .source -data: - chart_name: ucp-divingbell-htk - release: ucp-divingbell-htk - namespace: ucp-divingbell-htk - values: {} - dependencies: [] -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/drydock/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/drydock/chart-group.yaml deleted file mode 100644 index 498e5e3..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/drydock/chart-group.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-drydock - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Drydock - chart_group: - - ucp-maas - - ucp-drydock diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/drydock/drydock.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/drydock/drydock.yaml deleted file mode 100644 index 00c63f1..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/drydock/drydock.yaml +++ /dev/null @@ -1,191 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-drydock - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.drydock - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.drydock - dest: - path: .values.images.tags - - # Endpoints - - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.identity - dest: - path: .values.endpoints.identity - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.postgresql - dest: - path: .values.endpoints.postgresql - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.physicalprovisioner - dest: - path: .values.endpoints.physicalprovisioner - - # Drydock IPs - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .node_ports.drydock_api - dest: - path: .values.network.drydock.node_port.port - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .node_ports.drydock_api - dest: - path: .values.endpoints.physicalprovisioner.port.api.nodeport - - # MaaS IPs - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .genesis.ip - dest: - path: .values.conf.drydock.maasdriver.maas_api_url - pattern: 'MAAS_IP' - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .node_ports.maas_api - dest: - path: .values.conf.drydock.maasdriver.maas_api_url - pattern: 'MAAS_PORT' - - # Credentials - - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.postgres.admin - dest: - path: .values.endpoints.postgresql.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.drydock.postgres - dest: - path: .values.endpoints.postgresql.auth.user - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.drydock.postgres.database - dest: - path: .values.endpoints.postgresql.path - pattern: DB_NAME - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.drydock.keystone - dest: - path: .values.endpoints.identity.auth.user - - # Secrets - - dest: - path: .values.endpoints.identity.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_keystone_admin_password - path: . - - dest: - path: .values.endpoints.postgresql.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_postgres_admin_password - path: . - - dest: - path: .values.endpoints.identity.auth.user.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_drydock_keystone_password - path: . - - dest: - path: .values.endpoints.postgresql.auth.user.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_drydock_postgres_password - path: . - -data: - chart_name: drydock - release: drydock - namespace: ucp - wait: - timeout: 600 - labels: - release_group: airship-drydock - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-drydock - values: - labels: - node_selector_key: ucp-control-plane - node_selector_value: enabled - network: - drydock: - node_port: - enabled: true - conf: - drydock: - database: - pool_size: 200 - maasdriver: - maas_api_url: http://MAAS_IP:MAAS_PORT/MAAS/api/2.0/ - plugins: - ingester: drydock_provisioner.ingester.plugins.deckhand.DeckhandIngester - dependencies: - - drydock-htk -... ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: drydock-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.drydock-htk - dest: - path: .source -data: - chart_name: drydock-htk - release: drydock-htk - namespace: drydock-htk - values: {} - dependencies: [] -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/drydock/maas.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/drydock/maas.yaml deleted file mode 100644 index 62a59b2..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/drydock/maas.yaml +++ /dev/null @@ -1,226 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-maas-global - layeringDefinition: - abstract: true - layer: global - labels: - name: ucp-maas-global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.maas - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.maas - dest: - path: .values.images.tags - - # Drydock IPs - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .bootstrap.ip - dest: - path: .values.conf.drydock.bootaction_url - pattern: '(DRYDOCK_IP)' - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .node_ports.drydock_api - dest: - path: .values.conf.drydock.bootaction_url - pattern: '(DRYDOCK_PORT)' - - # MaaS IPs - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .bootstrap.ip - dest: - path: .values.conf.maas.url.maas_url - pattern: '(MAAS_IP)' - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .node_ports.maas_api - dest: - path: .values.conf.maas.url.maas_url - pattern: '(MAAS_PORT)' - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .node_ports.maas_api - dest: - path: .values.network.gui.node_port.port - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .node_ports.maas_proxy - dest: - path: .values.network.proxy.node_port.port - - # MaaS Config - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .dns.upstream_servers_joined - dest: - path: .values.conf.maas.dns.dns_servers - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .ntp.servers_joined - dest: - path: .values.conf.maas.ntp.ntp_servers - - src: - schema: deckhand/Passphrase/v1 - name: maas-region-key - path: . - dest: - path: .values.secrets.maas_region.value - - # Endpoint substitutions - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.postgresql - dest: - path: .values.endpoints.maas_db - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.maas_region_ui - dest: - path: .values.endpoints.maas_region_ui - - # Account and credential substitutions - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.postgres.admin - dest: - path: .values.endpoints.maas_db.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.maas.postgres - dest: - path: .values.endpoints.maas_db.auth.user - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.maas.postgres.database - dest: - path: .values.endpoints.maas_db.path - pattern: DB_NAME - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.maas.admin - dest: - path: .values.endpoints.maas_region_ui.auth.admin - - # Secrets - - dest: - path: .values.endpoints.maas_region_ui.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_maas_admin_password - path: . - - dest: - path: .values.endpoints.maas_db.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_postgres_admin_password - path: . - - dest: - path: .values.endpoints.maas_db.auth.user.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_maas_postgres_password - path: . -data: - chart_name: maas - release: maas - namespace: ucp - wait: - timeout: 600 - labels: - release_group: airship-maas - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-maas - values: - labels: - rack: - node_selector_key: maas-control-plane - node_selector_value: enabled - region: - node_selector_key: maas-control-plane - node_selector_value: enabled - network: - proxy: - node_port: - enabled: true - conf: - cache: - enabled: true - drydock: - bootaction_url: http://DRYDOCK_IP:DRYDOCK_PORT/api/v1.0/bootactions/nodes/ - maas: - credentials: - secret: - namespace: ucp - url: - maas_url: http://MAAS_IP:MAAS_PORT/MAAS - proxy: - proxy_enabled: 'false' - ntp: - use_external_only: 'true' - disable_ntpd_region: true - disable_ntpd_rack: true - dns: - require_dnssec: 'no' - dependencies: - - maas-htk -... ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: maas-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.maas-htk - dest: - path: .source -data: - chart_name: maas-htk - release: maas-htk - namespace: maas-htk - values: {} - dependencies: [] -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/keystone/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/keystone/chart-group.yaml deleted file mode 100644 index 1baf7e7..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/keystone/chart-group.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-keystone - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: UCP Keystone components - chart_group: - - ucp-keystone-memcached - - ucp-keystone diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/keystone/keystone.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/keystone/keystone.yaml deleted file mode 100644 index fa667dd..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/keystone/keystone.yaml +++ /dev/null @@ -1,243 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-keystone - labels: - component: keystone - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.keystone - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.keystone - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.identity - dest: - path: .values.endpoints.identity - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.oslo_db - dest: - path: .values.endpoints.oslo_db - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.oslo_messaging - dest: - path: .values.endpoints.oslo_messaging - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.oslo_cache - dest: - path: .values.endpoints.oslo_cache - - src: - schema: pegleg/EndpointCatalogue/v1 - name: osh_infra_endpoints - path: .osh_infra.fluentd - dest: - path: .values.endpoints.fluentd - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.keystone.admin - dest: - path: .values.endpoints.identity.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.keystone.oslo_messaging - dest: - path: .values.endpoints.oslo_messaging.auth - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.keystone.oslo_db - dest: - path: .values.endpoints.oslo_db.auth.keystone - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.keystone.oslo_db.database - dest: - path: .values.endpoints.oslo_db.path - pattern: DB_NAME - - # Secrets - - dest: - path: .values.endpoints.identity.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_keystone_admin_password - path: . - - dest: - path: .values.endpoints.oslo_messaging.auth.keystone.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_oslo_messaging_password - path: . - - dest: - path: .values.endpoints.oslo_messaging.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_oslo_messaging_password - path: . - - dest: - path: .values.endpoints.oslo_db.auth.keystone.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_keystone_oslo_db_password - path: . - - dest: - path: .values.endpoints.oslo_db.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_oslo_db_admin_password - path: . -data: - chart_name: ucp-keystone - release: ucp-keystone - namespace: ucp - wait: - timeout: 600 - labels: - release_group: airship-ucp-keystone - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-ucp-keystone - post: - create: [] - values: - conf: - logging: - loggers: - keys: - - root - - keystone - handlers: - keys: - - stdout - - stderr - - "null" - - fluent - formatters: - keys: - - context - - default - - fluent - logger_root: - level: WARNING - handlers: null - logger_keystone: - level: INFO - handlers: - - stdout - - stderr - - fluent - qualname: keystone - logger_amqp: - level: WARNING - handlers: stderr - qualname: amqp - logger_amqplib: - level: WARNING - handlers: stderr - qualname: amqplib - logger_eventletwsgi: - level: WARNING - handlers: stderr - qualname: eventlet.wsgi.server - logger_sqlalchemy: - level: WARNING - handlers: stderr - qualname: sqlalchemy - logger_boto: - level: WARNING - handlers: stderr - qualname: boto - handler_null: - class: logging.NullHandler - formatter: default - args: () - handler_stdout: - class: StreamHandler - args: (sys.stdout,) - formatter: context - handler_stderr: - class: StreamHandler - args: (sys.stderr,) - formatter: context - handler_fluent: - class: fluent.handler.FluentHandler - args: ('ucp.keystone', 'fluentd-logging.osh-infra', 24224) - formatter: fluent - formatter_fluent: - class: oslo_log.formatters.FluentFormatter - formatter_context: - class: oslo_log.formatters.ContextFormatter - formatter_default: - format: "%(message)s" - pod: - replicas: - api: 2 - labels: - api: - node_selector_key: ucp-control-plane - node_selector_value: enabled - job: - node_selector_key: ucp-control-plane - node_selector_value: enabled - - - dependencies: - - ucp-keystone-htk -... ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-keystone-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.keystone-htk - dest: - path: .source -data: - chart_name: ucp-keystone-htk - release: ucp-keystone-htk - namespace: ucp-keystone-htk - values: {} - dependencies: [] -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/keystone/memcached.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/keystone/memcached.yaml deleted file mode 100644 index be7fad9..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/keystone/memcached.yaml +++ /dev/null @@ -1,80 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-keystone-memcached - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.memcached - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.memcached - dest: - path: .values.images.tags - - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.oslo_cache - dest: - path: .values.endpoints.oslo_cache -data: - chart_name: ucp-keystone-memcached - release: ucp-keystone-memcached - namespace: ucp - wait: - timeout: 600 - labels: - release_group: airship-ucp-keystone-memcached - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-ucp-keystone-memcached - values: - labels: - server: - node_selector_key: ucp-control-plane - node_selector_value: enabled - dependencies: - - ucp-memcached-htk -... ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-memcached-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.memcached-htk - dest: - path: .source -data: - chart_name: ucp-memcached-htk - release: ucp-memcached-htk - namespace: ucp-memcached-htk - values: {} - dependencies: [] -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/promenade/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/promenade/chart-group.yaml deleted file mode 100644 index dcea446..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/promenade/chart-group.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-promenade - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Promenade - chart_group: - - ucp-promenade diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/promenade/promenade.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/promenade/promenade.yaml deleted file mode 100644 index 9f708ef..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/promenade/promenade.yaml +++ /dev/null @@ -1,135 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-promenade-global - layeringDefinition: - abstract: true - layer: global - labels: - name: ucp-promenade-global - storagePolicy: cleartext - substitutions: - - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.promenade - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.promenade - dest: - path: .values.images.tags - - # Endpoints - - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.identity - dest: - path: .values.endpoints.identity - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.kubernetesprovisioner - dest: - path: .values.endpoints.kubernetesprovisioner - - # Credentials - - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.keystone.admin - dest: - path: .values.endpoints.identity.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.promenade.keystone - dest: - path: .values.endpoints.identity.auth.user - - # Secrets - - dest: - path: .values.endpoints.identity.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_keystone_admin_password - path: . - - dest: - path: .values.endpoints.identity.auth.user.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_promenade_keystone_password - path: . - -data: - chart_name: promenade - release: ucp-promenade - namespace: ucp - wait: - timeout: 600 - labels: - release_group: airship-ucp-promenade - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-ucp-promenade - values: - pod: - replicas: - api: 2 - env: - promenade_api: - # this aligns with drydocks timeouts and allows alow responses to - # download the external kubernetes client .tgz to still succeed - - name: UWSGI_TIMEOUT - value: "900" - conf: - paste: - filter:authtoken: - paste.filter_factory: keystonemiddleware.auth_token:filter_factory - admin_tenant_name: service - admin_user: promenade - delay_auth_decision: true - identity_uri: http://keystone-api.ucp.svc.cluster.local/ - service_token_roles_required: true - dependencies: - - promenade-htk -... ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: promenade-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.promenade-htk - dest: - path: .source -data: - chart_name: promenade-htk - release: promenade-htk - namespace: promenade-htk - values: {} - dependencies: [] -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/shipyard/chart-group.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/shipyard/chart-group.yaml deleted file mode 100644 index 4dffc6e..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/shipyard/chart-group.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-shipyard - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Shipyard - chart_group: - - ucp-shipyard diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/shipyard/shipyard.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/shipyard/shipyard.yaml deleted file mode 100644 index f9fc1d4..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/charts/ucp/shipyard/shipyard.yaml +++ /dev/null @@ -1,315 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-shipyard - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.shipyard - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.shipyard - dest: - path: .values.images.tags - - # Node ports - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .node_ports.shipyard_api - dest: - path: .values.network.shipyard.node_port - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .node_ports.airflow_web - dest: - path: .values.network.airflow.web.node_port - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.identity - dest: - path: .values.endpoints.identity - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.postgresql - dest: - path: .values.endpoints.postgresql_shipyard_db - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.postgresql - dest: - path: .values.endpoints.postgresql_airflow_db - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.postgresql_airflow_celery - dest: - path: .values.endpoints.postgresql_airflow_celery_db - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.shipyard - dest: - path: .values.endpoints.shipyard - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.airflow_web - dest: - path: .values.endpoints.airflow_web - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.airflow_flower - dest: - path: .values.endpoints.airflow_flower - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.oslo_messaging - dest: - path: .values.endpoints.olso_messaging - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.oslo_cache - dest: - path: .values.endpoints.oslo_cache - - # Database path - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.shipyard.postgres.database - dest: - path: .values.endpoints.postgresql_shipyard_db.path - pattern: 'DB_NAME' - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.airflow.postgres.database - dest: - path: .values.endpoints.postgresql_airflow_db.path - pattern: 'DB_NAME' - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.airflow.postgres.database - dest: - path: .values.endpoints.postgresql_airflow_celery_db.path - pattern: 'DB_NAME' - # Credentials - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.postgres.admin - dest: - path: .values.endpoints.postgresql_shipyard_db.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.postgres.admin - dest: - path: .values.endpoints.postgresql_airflow_db.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.postgres.admin - dest: - path: .values.endpoints.postgresql_airflow_celery_db.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.keystone.admin - dest: - path: .values.endpoints.identity.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.shipyard.postgres - dest: - path: .values.endpoints.postgresql_shipyard_db.auth.user - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.airflow.postgres - dest: - path: .values.endpoints.postgresql_airflow_db.auth.user - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.airflow.postgres - dest: - path: .values.endpoints.postgresql_airflow_celery_db.auth.user - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.airflow.oslo_messaging - dest: - path: .values.endpoints.oslo_messaging.auth.user - - # Secrets - - dest: - path: .values.endpoints.identity.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_keystone_admin_password - path: . - - dest: - path: .values.endpoints.postgresql_shipyard_db.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_postgres_admin_password - path: . - - dest: - path: .values.endpoints.postgresql_airflow_db.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_postgres_admin_password - path: . - - dest: - path: .values.endpoints.postgresql_airflow_celery_db.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_postgres_admin_password - path: . - - dest: - path: .values.endpoints.identity.auth.shipyard.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_shipyard_keystone_password - path: . - - dest: - path: .values.endpoints.postgresql_shipyard_db.auth.user.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_shipyard_postgres_password - path: . - - dest: - path: .values.endpoints.postgresql_airflow_db.auth.user.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_airflow_postgres_password - path: . - - dest: - path: .values.endpoints.postgresql_airflow_celery_db.auth.user.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_airflow_postgres_password - path: . - - src: - schema: deckhand/Passphrase/v1 - name: ucp_oslo_messaging_password - path: . - dest: - path: .values.endpoints.oslo_messaging.auth.user.password - -data: - chart_name: shipyard - release: ucp-shipyard - namespace: ucp - wait: - timeout: 600 - labels: - release_group: airship-ucp-shipyard - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-ucp-shipyard - values: - endpoints: - postgresql_airflow_db: - name: postgresql - hosts: - default: postgresql - path: /DB_NAME - scheme: postgresql+psycopg2 - port: - postgresql: - default: 5432 - host_fqdn_override: - default: null - postgresql_shipyard_db: - name: postgresql - hosts: - default: postgresql - path: /DB_NAME - scheme: postgresql+psycopg2 - port: - postgresql: - default: 5432 - host_fqdn_override: - default: null - prod_environment: true - pod: - replicas: - shipyard: - api: 2 - airflow: - web: 2 - worker: 2 - flower: 2 - scheduler: 2 - labels: - job: - node_selector_key: ucp-control-plane - node_selector_value: enabled - network: - shipyard: - enable_node_port: true - airflow: - web: - enable_node_port: true - conf: - shipyard: - keystone_authtoken: - memcache_security_strategy: None - dependencies: - - shipyard-htk -... ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: shipyard-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.shipyard-htk - dest: - path: .source -data: - chart_name: shipyard-htk - release: shipyard-htk - namespace: shipyard-htk - values: {} - dependencies: [] -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/config/Docker.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/config/Docker.yaml deleted file mode 100644 index e0bf29c..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/config/Docker.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -schema: promenade/Docker/v1 -metadata: - schema: metadata/Document/v1 - name: docker-global - labels: - promenade: enabled - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - config: - live-restore: true - storage-driver: overlay2 -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/config/Kubelet.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/config/Kubelet.yaml deleted file mode 100644 index 245e351..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/config/Kubelet.yaml +++ /dev/null @@ -1,25 +0,0 @@ ---- -schema: promenade/Kubelet/v1 -metadata: - schema: metadata/Document/v1 - name: kubelet - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.pause - dest: - path: .images.pause -data: - arguments: - - --cni-bin-dir=/opt/cni/bin - - --cni-conf-dir=/etc/cni/net.d - - --eviction-max-pod-grace-period=-1 - - --network-plugin=cni - - --node-status-update-frequency=5s - - --max-pods=200 - - --pods-per-core=10 diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/config/versions.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/config/versions.yaml deleted file mode 100644 index b246881..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/config/versions.yaml +++ /dev/null @@ -1,908 +0,0 @@ ---- -schema: pegleg/SoftwareVersions/v1 -metadata: - schema: metadata/Document/v1 - name: software-versions - layeringDefinition: - abstract: false - layer: global - labels: - name: software-versions-global - storagePolicy: cleartext -data: - charts: - kubernetes: - calico: - etcd: - type: git - location: https://git.openstack.org/openstack/airship-promenade - subpath: charts/etcd - reference: 7a06bef72c0bfd799c2353b8213627f6a0826251 - etcd-htk: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: c0c5199fb20335b3e8839163129372059a876ce8 - calico: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: calico - reference: c0c5199fb20335b3e8839163129372059a876ce8 - calico-htk: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: c0c5199fb20335b3e8839163129372059a876ce8 - apiserver: - type: git - location: https://git.openstack.org/openstack/airship-promenade - subpath: charts/apiserver - reference: 7a06bef72c0bfd799c2353b8213627f6a0826251 - apiserver-htk: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: c0c5199fb20335b3e8839163129372059a876ce8 - controller-manager: - type: git - location: https://git.openstack.org/openstack/airship-promenade - subpath: charts/controller_manager - reference: 7a06bef72c0bfd799c2353b8213627f6a0826251 - controller-manager-htk: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: c0c5199fb20335b3e8839163129372059a876ce8 - coredns: - type: git - location: https://git.openstack.org/openstack/airship-promenade - subpath: charts/coredns - reference: 7a06bef72c0bfd799c2353b8213627f6a0826251 - coredns-htk: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: c0c5199fb20335b3e8839163129372059a876ce8 - haproxy: - type: git - location: https://git.openstack.org/openstack/airship-promenade - subpath: charts/haproxy - reference: 7a06bef72c0bfd799c2353b8213627f6a0826251 - haproxy-htk: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: c0c5199fb20335b3e8839163129372059a876ce8 - etcd: - type: git - location: https://git.openstack.org/openstack/airship-promenade - subpath: charts/etcd - reference: 7a06bef72c0bfd799c2353b8213627f6a0826251 - etcd-htk: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: c0c5199fb20335b3e8839163129372059a876ce8 - ingress: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: ingress - reference: c0c5199fb20335b3e8839163129372059a876ce8 - ingress-htk: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: c0c5199fb20335b3e8839163129372059a876ce8 - proxy: - type: git - location: https://git.openstack.org/openstack/airship-promenade - subpath: charts/proxy - reference: 7a06bef72c0bfd799c2353b8213627f6a0826251 - proxy-htk: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: c0c5199fb20335b3e8839163129372059a876ce8 - scheduler: - type: git - location: https://git.openstack.org/openstack/airship-promenade - subpath: charts/scheduler - reference: 7a06bef72c0bfd799c2353b8213627f6a0826251 - scheduler-htk: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: c0c5199fb20335b3e8839163129372059a876ce8 - osh_infra: - helm_toolkit: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: c0c5199fb20335b3e8839163129372059a876ce8 - elasticsearch: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: elasticsearch - reference: c0c5199fb20335b3e8839163129372059a876ce8 - fluent_logging: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: fluent-logging - reference: c0c5199fb20335b3e8839163129372059a876ce8 - kibana: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: kibana - reference: c0c5199fb20335b3e8839163129372059a876ce8 - prometheus: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: prometheus - reference: c0c5199fb20335b3e8839163129372059a876ce8 - prometheus_node_exporter: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: prometheus-node-exporter - reference: c0c5199fb20335b3e8839163129372059a876ce8 - prometheus_kube_state_metrics: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: prometheus-kube-state-metrics - reference: c0c5199fb20335b3e8839163129372059a876ce8 - prometheus_alertmanager: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: prometheus-alertmanager - reference: c0c5199fb20335b3e8839163129372059a876ce8 - grafana: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: grafana - reference: c0c5199fb20335b3e8839163129372059a876ce8 - prometheus_openstack_exporter: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: prometheus-openstack-exporter - reference: 59d74756ef2fdd0279f59f199879cc985cfef47d - nagios: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: nagios - reference: c0c5199fb20335b3e8839163129372059a876ce8 - osh: - helm_toolkit: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: 5ae782ff52a2604fb1f392d77a018896f29dae49 - barbican: - type: git - location: https://git.openstack.org/openstack/openstack-helm - subpath: barbican - reference: 332a3da0054e154c003256107a0907774531df79 - cinder: - type: git - location: https://git.openstack.org/openstack/openstack-helm - subpath: cinder - reference: 332a3da0054e154c003256107a0907774531df79 - glance: - type: git - location: https://git.openstack.org/openstack/openstack-helm - subpath: glance - reference: 332a3da0054e154c003256107a0907774531df79 - heat: - type: git - location: https://git.openstack.org/openstack/openstack-helm - subpath: heat - reference: 332a3da0054e154c003256107a0907774531df79 - horizon: - type: git - location: https://git.openstack.org/openstack/openstack-helm - subpath: horizon - reference: 332a3da0054e154c003256107a0907774531df79 - ingress: - type: git - location: https://git.openstack.org/openstack/openstack-helm - subpath: ingress - reference: 332a3da0054e154c003256107a0907774531df79 - keystone: - type: git - location: https://git.openstack.org/openstack/openstack-helm - subpath: keystone - reference: 332a3da0054e154c003256107a0907774531df79 - libvirt: - type: git - location: https://git.openstack.org/openstack/openstack-helm - subpath: libvirt - reference: 82d99e8f7a7c892555d97adc08b01b8e8cc1ff81 - mariadb: - type: git - location: https://git.openstack.org/openstack/openstack-helm - subpath: mariadb - reference: 332a3da0054e154c003256107a0907774531df79 - memcached: - type: git - location: https://git.openstack.org/openstack/openstack-helm - subpath: memcached - reference: 332a3da0054e154c003256107a0907774531df79 - neutron: - type: git - location: https://git.openstack.org/openstack/openstack-helm - subpath: neutron - reference: 332a3da0054e154c003256107a0907774531df79 - nova: - type: git - location: https://git.openstack.org/openstack/openstack-helm - subpath: nova - reference: 332a3da0054e154c003256107a0907774531df79 - openvswitch: - type: git - location: https://git.openstack.org/openstack/openstack-helm - subpath: openvswitch - reference: 20d863ce9d18203f2c6a1d679d0cec2bd4fa550d - rabbitmq: - type: git - location: https://git.openstack.org/openstack/openstack-helm - subpath: rabbitmq - reference: 332a3da0054e154c003256107a0907774531df79 - ucp: - armada: - type: git - location: https://git.openstack.org/openstack/airship-armada - subpath: charts/armada - reference: 0a5b74440c81ac9d7f84cf7b553f21bed01401e6 - armada-htk: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: 59d74756ef2fdd0279f59f199879cc985cfef47d - barbican: - type: git - location: https://git.openstack.org/openstack/openstack-helm - subpath: barbican - reference: 8dc986740c83487261efa6540f89d5dbea211f98 - barbican-htk: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: 59d74756ef2fdd0279f59f199879cc985cfef47d - ceph-mon: - type: git - location: https://git.openstack.org/openstack/openstack-helm - subpath: ceph-mon - reference: e19be77f087995faccf06dd834a203fb2154a5f3 - ceph-osd: - type: git - location: https://git.openstack.org/openstack/openstack-helm - subpath: ceph-osd - reference: e19be77f087995faccf06dd834a203fb2154a5f3 - ceph-client: - type: git - location: https://git.openstack.org/openstack/openstack-helm - subpath: ceph-client - reference: e19be77f087995faccf06dd834a203fb2154a5f3 - ceph-htk: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: 59d74756ef2fdd0279f59f199879cc985cfef47d - deckhand: - type: git - location: https://git.openstack.org/openstack/airship-deckhand - subpath: charts/deckhand - reference: 0ac33c233d59a731bf289db23ec4a882ff359168 - deckhand-htk: - type: git - location: https://git.openstack.org/openstack/openstack-helm - subpath: helm-toolkit - reference: 3aeba707e36f36909e51e1cb0a81565ee28e0afa - divingbell: - type: git - location: https://git.openstack.org/openstack/airship-divingbell - subpath: divingbell - reference: 4e074ec0c24ec285dc3ac02e2a347a0033dad454 - divingbell-htk: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: 59d74756ef2fdd0279f59f199879cc985cfef47d - drydock: - type: git - location: https://git.openstack.org/openstack/airship-drydock - subpath: charts/drydock - reference: 7b6af1bdc9bdc8e8084dd825598100f9e1db163b - drydock-htk: - type: git - location: https://git.openstack.org/openstack/openstack-helm - subpath: helm-toolkit - reference: 3aeba707e36f36909e51e1cb0a81565ee28e0afa - ingress: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: ingress - reference: c0c5199fb20335b3e8839163129372059a876ce8 - ingress-htk: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: c0c5199fb20335b3e8839163129372059a876ce8 - postgresql: - type: git - location: https://git.openstack.org/openstack/openstack-helm - subpath: postgresql - reference: fbfcb51c31e21331ceb20b6108b739c5e2ad48f5 - postgresql-htk: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: c0c5199fb20335b3e8839163129372059a876ce8 - promenade: - type: git - location: https://git.openstack.org/openstack/airship-promenade - subpath: charts/promenade - reference: 7a06bef72c0bfd799c2353b8213627f6a0826251 - promenade-htk: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: 59d74756ef2fdd0279f59f199879cc985cfef47d - keystone: - type: git - location: https://git.openstack.org/openstack/openstack-helm - subpath: keystone - reference: 8dc986740c83487261efa6540f89d5dbea211f98 - keystone-htk: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: 59d74756ef2fdd0279f59f199879cc985cfef47d - maas: - type: git - location: https://git.openstack.org/openstack/airship-maas - subpath: charts/maas - reference: 10d4966810bab5d815245820db7dc5ae160e6c4f - maas-htk: - type: git - location: https://git.openstack.org/openstack/openstack-helm - subpath: helm-toolkit - reference: 3aeba707e36f36909e51e1cb0a81565ee28e0afa - mariadb: - type: git - location: https://git.openstack.org/openstack/openstack-helm - subpath: mariadb - reference: fbfcb51c31e21331ceb20b6108b739c5e2ad48f5 - mariadb-htk: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: c0c5199fb20335b3e8839163129372059a876ce8 - memcached: - type: git - location: https://git.openstack.org/openstack/openstack-helm - subpath: memcached - reference: 8dc986740c83487261efa6540f89d5dbea211f98 - memcached-htk: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: 59d74756ef2fdd0279f59f199879cc985cfef47d - rabbitmq: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: rabbitmq - reference: 61829c0d45afbfe52dcbf15157048a59614aa2d0 - rabbitmq-htk: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: aac1c4e8c02680a159235c6097db0ed66cfbe104 - shipyard: - type: git - location: https://git.openstack.org/openstack/airship-shipyard - subpath: charts/shipyard - reference: 165c845e3e7459d2a4892ed4ca910b00675e7561 - shipyard-htk: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: 59d74756ef2fdd0279f59f199879cc985cfef47d - tiller: - type: git - location: https://git.openstack.org/openstack/airship-armada - subpath: charts/tiller - reference: 0a5b74440c81ac9d7f84cf7b553f21bed01401e6 - tiller-htk: - type: git - location: https://git.openstack.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: 59d74756ef2fdd0279f59f199879cc985cfef47d - files: - kubelet: https://dl.k8s.io/v1.10.2/kubernetes-node-linux-amd64.tar.gz - - images_refs: - images: - dep_check: &dep_check quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - heat: &heat docker.io/openstackhelm/heat:ocata - neutron: &neutron docker.io/openstackhelm/neutron:ocata - neutron_sriov_agent: &neutron_sriov docker.io/openstackhelm/neutron:ocata-sriov-1804 - neutron_sriov_agent_init: &neutron_sriov_init docker.io/openstackhelm/neutron:ocata-sriov-1804 - horizon: &horizon docker.io/openstackhelm/horizon:ocata - cinder: &cinder docker.io/openstackhelm/cinder:ocata - keystone: &keystone docker.io/openstackhelm/keystone:ocata - nova: &nova docker.io/openstackhelm/nova:ocata - glance: &glance docker.io/openstackhelm/glance:ocata - rabbitmq: &rabbitmq docker.io/rabbitmq:3.7-management - rally_test: &rally_test docker.io/kolla/ubuntu-source-rally:4.0.0 - memcached: &memcached docker.io/memcached:1.5.5 - mariadb_db: &mariadb_db docker.io/mariadb:10.2.13 - nova_novncproxy: &nova_novncproxy docker.io/kolla/ubuntu-source-nova-novncproxy:3.0.3 - nova_spiceproxy: &nova_spiceproxy docker.io/kolla/ubuntu-source-nova-spicehtml5proxy:3.0.3 - ceph_daemon: &ceph_daemon docker.io/ceph/daemon:tag-build-master-luminous-ubuntu-16.04 - openvswitch: &openvswitch docker.io/openstackhelm/openvswitch:v2.8.1 - os_barbican: &os_barbican docker.io/openstackhelm/barbican:ocata - libvirt: &libvirt docker.io/openstackhelm/libvirt:ubuntu-xenial-1.3.1 - ingress_controller: &ingress_controller quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.9.0 - ingress_error_pages: &ingress_error_pages gcr.io/google-containers/defaultbackend:1.0 - # should probably be moved to https://quay.io/repository/airshipit/ - storage_init: &storage_init docker.io/port/ceph-config-helper:v1.10.2 - keystone: &ref_keystone - ks_endpoints: *heat - ks_service: *heat - ks_user: *heat - - images: - ucp: - armada: - api: quay.io/airshipit/armada:0a5b74440c81ac9d7f84cf7b553f21bed01401e6 - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - ks_endpoints: docker.io/openstackhelm/heat:ocata - ks_service: docker.io/openstackhelm/heat:ocata - ks_user: docker.io/openstackhelm/heat:ocata - image_repo_sync: docker.io/docker:17.07.0 - helm: docker.io/lachlanevenson/k8s-helm:v2.9.1 - tiller: gcr.io/kubernetes-helm/tiller:v2.9.1 - promenade: - promenade: quay.io/airshipit/promenade:7a06bef72c0bfd799c2353b8213627f6a0826251 - ks_user: docker.io/openstackhelm/heat:ocata - ks_service: docker.io/openstackhelm/heat:ocata - ks_endpoints: docker.io/openstackhelm/heat:ocata - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - image_repo_sync: docker.io/docker:17.07.0 - deckhand: - deckhand: quay.io/airshipit/deckhand:0ac33c233d59a731bf289db23ec4a882ff359168 - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - db_init: docker.io/postgres:9.5 - db_sync: quay.io/airshipit/deckhand:0ac33c233d59a731bf289db23ec4a882ff359168 - ks_endpoints: docker.io/openstackhelm/heat:ocata - ks_service: docker.io/openstackhelm/heat:ocata - ks_user: docker.io/openstackhelm/heat:ocata - barbican: - bootstrap: docker.io/openstackhelm/heat:ocata - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - scripted_test: docker.io/openstackhelm/heat:ocata - db_init: docker.io/openstackhelm/heat:ocata - barbican_db_sync: docker.io/openstackhelm/barbican:ocata - db_drop: docker.io/openstackhelm/heat:ocata - ks_endpoints: docker.io/openstackhelm/heat:ocata - ks_service: docker.io/openstackhelm/heat:ocata - ks_user: docker.io/openstackhelm/heat:ocata - barbican_api: docker.io/openstackhelm/barbican:ocata - rabbit_init: docker.io/rabbitmq:3.7-management - divingbell: - divingbell: docker.io/ubuntu:16.04 - drydock: - drydock: quay.io/airshipit/drydock:7b6af1bdc9bdc8e8084dd825598100f9e1db163b - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - ks_user: docker.io/openstackhelm/heat:ocata - ks_service: docker.io/openstackhelm/heat:ocata - ks_endpoints: docker.io/openstackhelm/heat:ocata - drydock_db_init: docker.io/postgres:9.5 - drydock_db_sync: quay.io/airshipit/drydock:7b6af1bdc9bdc8e8084dd825598100f9e1db163b - ingress: - entrypoint: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - ingress: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.9.0 - error_pages: gcr.io/google-containers/defaultbackend:1.0 - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - image_repo_sync: docker.io/docker:17.07.0 - shipyard: - # should probably point to docker.io/puckel/docker-airflow:xxxxxx - airflow: quay.io/airshipit/airflow:165c845e3e7459d2a4892ed4ca910b00675e7561 - shipyard: quay.io/airshipit/shipyard:165c845e3e7459d2a4892ed4ca910b00675e7561 - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - shipyard_db_init: docker.io/postgres:9.5 - shipyard_db_sync: quay.io/airshipit/shipyard:165c845e3e7459d2a4892ed4ca910b00675e7561 - airflow_db_init: docker.io/postgres:9.5 - # should probably point to docker.io/puckel/docker-airflow:xxxxxx - airflow_db_sync: quay.io/airshipit/airflow:165c845e3e7459d2a4892ed4ca910b00675e7561 - ks_user: docker.io/openstackhelm/heat:ocata - ks_service: docker.io/openstackhelm/heat:ocata - ks_endpoints: docker.io/openstackhelm/heat:ocata - image_repo_sync: docker.io/docker:17.07.0 - maas: - db_init: docker.io/postgres:9.5 - db_sync: quay.io/airshipit/maas-region-controller:10d4966810bab5d815245820db7dc5ae160e6c4f - maas_rack: quay.io/airshipit/maas-rack-controller:10d4966810bab5d815245820db7dc5ae160e6c4f - maas_region: quay.io/airshipit/maas-region-controller:10d4966810bab5d815245820db7dc5ae160e6c4f - bootstrap: quay.io/airshipit/maas-region-controller:10d4966810bab5d815245820db7dc5ae160e6c4f - export_api_key: quay.io/airshipit/maas-region-controller:10d4966810bab5d815245820db7dc5ae160e6c4f - maas_cache: quay.io/airshipit/sstream-cache:10d4966810bab5d815245820db7dc5ae160e6c4f - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - keystone: - bootstrap: docker.io/openstackhelm/heat:ocata - test: docker.io/kolla/ubuntu-source-rally:4.0.0 - db_init: docker.io/openstackhelm/heat:ocata - keystone_db_sync: docker.io/openstackhelm/keystone:ocata - db_drop: docker.io/openstackhelm/heat:ocata - ks_user: docker.io/openstackhelm/heat:ocata - keystone_fernet_setup: docker.io/openstackhelm/keystone:ocata - keystone_fernet_rotate: docker.io/openstackhelm/keystone:ocata - keystone_credential_setup: docker.io/openstackhelm/keystone:ocata - keystone_credential_rotate: docker.io/openstackhelm/keystone:ocata - keystone_api: docker.io/openstackhelm/keystone:ocata - keystone_domain_manage: docker.io/openstackhelm/keystone:ocata - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - rabbit_init: docker.io/rabbitmq:3.7-management - image_repo_sync: docker.io/docker:17.07.0 - tiller: - tiller: gcr.io/kubernetes-helm/tiller:v2.9.1 - mariadb: - mariadb: docker.io/mariadb:10.2.13 - ingress: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.9.0 - error_pages: gcr.io/google-containers/defaultbackend:1.0 - prometheus_create_mysql_user: docker.io/mariadb:10.2.13 - prometheus_mysql_exporter: docker.io/prom/mysqld-exporter:v0.10.0 - prometheus_mysql_exporter_helm_tests: docker.io/openstackhelm/heat:ocata - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - image_repo_sync: docker.io/docker:17.07.0 - postgresql: - postgresql: docker.io/postgres:9.5 - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - image_repo_sync: docker.io/docker:17.07.0 - memcached: - memcached: docker.io/memcached:1.5.5 - prometheus_memcached_exporter: docker.io/prom/memcached-exporter:v0.4.1 - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - image_repo_sync: docker.io/docker:17.07.0 - rabbitmq: - prometheus_rabbitmq_exporter: docker.io/kbudde/rabbitmq-exporter:v0.21.0 - prometheus_rabbitmq_exporter_helm_tests: docker.io/openstackhelm/heat:ocata - rabbitmq: docker.io/rabbitmq:3.7.4 - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - scripted_test: docker.io/rabbitmq:3.7-management - image_repo_sync: docker.io/docker:17.07.0 - osh: - memcached: - dep_check: *dep_check - memcached: *memcached - barbican: - bootstrap: *heat - dep_check: *dep_check - scripted_test: *heat - db_init: *heat - barbican_db_sync: *os_barbican - db_drop: *heat - <<: *ref_keystone - barbican_api: *os_barbican - rabbit_init: *rabbitmq - cinder: - test: *rally_test - db_init: *heat - cinder_db_sync: *cinder - db_drop: *heat - <<: *ref_keystone - cinder_api: *cinder - bootstrap: *heat - cinder_scheduler: *cinder - cinder_volume: *cinder - cinder_volume_usage_audit: *cinder - cinder_storage_init: *storage_init - cinder_backup: *cinder - cinder_backup_storage_init: *storage_init - dep_check: *dep_check - rabbit_init: *rabbitmq - glance: - test: *rally_test - glance_storage_init: *storage_init - db_init: *heat - glance_db_sync: *glance - db_drop: *heat - <<: *ref_keystone - glance_api: *glance - glance_registry: *glance - # Bootstrap image requires curl - bootstrap: *heat - dep_check: *dep_check - rabbit_init: *rabbitmq - heat: - bootstrap: *heat - db_init: *heat - heat_db_sync: *heat - db_drop: *heat - <<: *ref_keystone - heat_api: *heat - heat_cfn: *heat - heat_cloudwatch: *heat - heat_engine: *heat - heat_engine_cleaner: *heat - dep_check: *dep_check - rabbit_init: *rabbitmq - horizon: - db_init: *heat - horizon_db_sync: *horizon - db_drop: *heat - horizon: *horizon - dep_check: *dep_check - ingress: - entrypoint: *dep_check - ingress: *ingress_controller - error_pages: *ingress_error_pages - dep_check: *dep_check - keystone: - bootstrap: *heat - test: *rally_test - db_init: *heat - keystone_db_sync: *keystone - db_drop: *heat - <<: *ref_keystone - keystone_fernet_setup: *keystone - keystone_fernet_rotate: *keystone - keystone_credential_setup: *keystone - keystone_credential_rotate: *keystone - keystone_api: *keystone - keystone_domain_manage: *keystone - dep_check: *dep_check - rabbit_init: *rabbitmq - libvirt: - libvirt: *libvirt - dep_check: *dep_check - mariadb: - mariadb: *mariadb_db - ingress: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.9.0 - error_pages: gcr.io/google-containers/defaultbackend:1.0 - prometheus_create_mysql_user: *mariadb_db - prometheus_mysql_exporter: docker.io/prom/mysqld-exporter:v0.10.0 - prometheus_mysql_exporter_helm_tests: *heat - dep_check: *dep_check - image_repo_sync: docker.io/docker:17.07.0 - neutron: - bootstrap: *heat - test: *rally_test - db_init: *heat - neutron_db_sync: *neutron - db_drop: *heat - <<: *ref_keystone - neutron_server: *neutron - neutron_dhcp: *neutron - neutron_metadata: *neutron - neutron_l3: *neutron - neutron_openvswitch_agent: *neutron - neutron_linuxbridge_agent: *neutron - neutron_sriov_agent: *neutron_sriov - neutron_sriov_agent_init: *neutron_sriov_init - dep_check: *dep_check - rabbit_init: *rabbitmq - nova: - bootstrap: *heat - db_drop: *heat - db_init: *heat - dep_check: *dep_check - <<: *ref_keystone - nova_api: *nova - nova_cell_setup: *nova - nova_cell_setup_init: *heat - nova_compute: *nova - nova_compute_ssh: *nova - nova_conductor: *nova - nova_consoleauth: *nova - nova_db_sync: *nova - nova_novncproxy: *nova - nova_novncproxy_assets: *nova_novncproxy - nova_placement: *nova - nova_scheduler: *nova - nova_spiceproxy: *nova - nova_spiceproxy_assets: *nova_spiceproxy - test: *rally_test - rabbit_init: *rabbitmq - openvswitch: - openvswitch_db_server: *openvswitch - openvswitch_vswitchd: *openvswitch - dep_check: *dep_check - rabbitmq: - prometheus_rabbitmq_exporter: docker.io/kbudde/rabbitmq-exporter:v0.21.0 - prometheus_rabbitmq_exporter_helm_tests: *heat - rabbitmq: docker.io/rabbitmq:3.7.4 - dep_check: *dep_check - osh_infra: - elasticsearch: - apache_proxy: docker.io/httpd:2.4 - memory_init: *heat - curator: docker.io/bobrik/curator:5.2.0 - elasticsearch: docker.io/elasticsearch:5.6.4 - helm_tests: *heat - prometheus_elasticsearch_exporter: docker.io/justwatch/elasticsearch_exporter:1.0.1 - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - snapshot_repository: *heat - image_repo_sync: docker.io/docker:17.07.0 - fluent_logging: - fluentbit: docker.io/fluent/fluent-bit:0.12.14 - fluentd: docker.io/kolla/ubuntu-source-fluentd:ocata - # should be moved to somewhere... - prometheus_fluentd_exporter: docker.io/srwilkers/fluentd_exporter:v0.1 - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - helm_tests: *heat - elasticsearch_template: *heat - image_repo_sync: docker.io/docker:17.07.0 - kibana: - apache_proxy: docker.io/httpd:2.4 - kibana: docker.elastic.co/kibana/kibana:5.6.4 - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - image_repo_sync: docker.io/docker:17.07.0 - prometheus: - prometheus: docker.io/prom/prometheus:v2.0.0 - helm_tests: *heat - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - image_repo_sync: docker.io/docker:17.07.0 - prometheus_node_exporter: - node_exporter: docker.io/prom/node-exporter:v0.15.0 - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - image_repo_sync: docker.io/docker:17.07.0 - prometheus_kube_state_metrics: - kube_state_metrics: docker.io/bitnami/kube-state-metrics:1.3.1 - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - image_repo_sync: docker.io/docker:17.07.0 - prometheus_alertmanager: - alertmanager: docker.io/prom/alertmanager:v0.11.0 - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - image_repo_sync: docker.io/docker:17.07.0 - prometheus_openstack_exporter: - prometheus_openstack_exporter: quay.io/attcomdev/prometheus-openstack-exporter:3231f14419f0c47547ce2551b7d884cd222104e6 - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - image_repo_sync: docker.io/docker:17.07.0 - <<: *ref_keystone - grafana: - grafana: docker.io/grafana/grafana:5.0.0 - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - db_init: *heat - grafana_db_session_sync: *heat - image_repo_sync: docker.io/docker:17.07.0 - nagios: - apache_proxy: docker.io/httpd:2.4 - # should probably be moved to airshipit - # 'latest' refers to '4852dfd1455db6fb2330744c599b0c2ada3c78f5', however latest pushed is '11b061a3afe6e4671d98900d7249b5ad5090fd73' - nagios: quay.io/attcomdev/nagios:4852dfd1455db6fb2330744c599b0c2ada3c78f5 - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - image_repo_sync: docker.io/docker:17.07.0 - ceph: - ceph-mon: - fluentbit: docker.io/fluent/fluent-bit:0.12.14 - ceph_bootstrap: *ceph_daemon - ceph_config_helper: docker.io/port/ceph-config-helper:v1.10.2 - ceph_mon: *ceph_daemon - ceph_mon_check: docker.io/port/ceph-config-helper:v1.10.2 - dep_check: *dep_check - image_repo_sync: docker.io/docker:17.07.0 - ceph-osd: - fluentbit: docker.io/fluent/fluent-bit:0.12.14 - ceph_osd: *ceph_daemon - ceph_bootstrap: *ceph_daemon - dep_check: *dep_check - image_repo_sync: docker.io/docker:17.07.0 - ceph-client: - ceph_bootstrap: *ceph_daemon - ceph_cephfs_provisioner: quay.io/external_storage/cephfs-provisioner:v0.1.1 - ceph_config_helper: docker.io/port/ceph-config-helper:v1.10.2 - ceph_mds: *ceph_daemon - ceph_mgr: *ceph_daemon - ceph_rbd_pool: docker.io/port/ceph-config-helper:v1.10.2 - ceph_rbd_provisioner: quay.io/external_storage/rbd-provisioner:v0.1.1 - ceph_rgw: *ceph_daemon - dep_check: *dep_check - <<: *ref_keystone - image_repo_sync: docker.io/docker:17.07.0 - kubernetes: - apiserver: - anchor: gcr.io/google-containers/hyperkube-amd64:v1.10.2 - apiserver: gcr.io/google-containers/hyperkube-amd64:v1.10.2 - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - controller-manager: - anchor: gcr.io/google-containers/hyperkube-amd64:v1.10.2 - controller_manager: gcr.io/google-containers/hyperkube-amd64:v1.10.2 - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - coredns: - coredns: docker.io/coredns/coredns:1.1.2 - test: docker.io/coredns/coredns:1.1.2 - haproxy: - haproxy: docker.io/haproxy:1.8.3 - anchor: gcr.io/google-containers/hyperkube-amd64:v1.10.2 - test: docker.io/python:3.6 - etcd: - # quay.io/coreos/etcd:v3.2.14 - etcd: quay.io/coreos/etcd:v3.2.14 - etcdctl: quay.io/coreos/etcd:v3.2.14 - ingress: - entrypoint: *dep_check - ingress: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.9.0 - error_pages: gcr.io/google-containers/defaultbackend:1.0 - dep_check: *dep_check - image_repo_sync: docker.io/docker:17.07.0 - - kubectl: gcr.io/google-containers/hyperkube-amd64:v1.10.2 - pause: gcr.io/google-containers/pause-amd64:3.1 - - scheduler: - anchor: gcr.io/google-containers/hyperkube-amd64:v1.10.2 - scheduler: gcr.io/google-containers/hyperkube-amd64:v1.10.2 - proxy: - proxy: gcr.io/google-containers/hyperkube-amd64:v1.10.2 - calico: - etcd: - etcd: quay.io/coreos/etcd:v3.2.14 - etcdctl: quay.io/coreos/etcd:v3.2.14 - calico: - calico_etcd: quay.io/coreos/etcd:v3.2.14 - calico_node: quay.io/calico/node:v2.6.9 - calico_cni: quay.io/calico/cni:v1.11.5 - calico_ctl: quay.io/calico/ctl:v1.6.4 - calico_settings: quay.io/calico/ctl:v1.6.4 - calico_kube_policy_controller: quay.io/calico/kube-policy-controller:v0.7.0 - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - image_repo_sync: docker.io/docker:17.07.0 - - packages: - repositories: - main_archive: - repo_type: apt - url: 'http://us.archive.ubuntu.com/ubuntu' - distributions: - - 'xenial' - components: - - 'main' - - 'universe' - - 'multiverse' - subrepos: - - 'security' - - 'updates' - - 'backports' - docker: - repo_type: apt - url: 'http://apt.dockerproject.org/repo' - distributions: - - ubuntu-xenial - components: - - main - gpgkey: |- - -----BEGIN PGP PUBLIC KEY BLOCK----- - - mQINBFWln24BEADrBl5p99uKh8+rpvqJ48u4eTtjeXAWbslJotmC/CakbNSqOb9o - ddfzRvGVeJVERt/Q/mlvEqgnyTQy+e6oEYN2Y2kqXceUhXagThnqCoxcEJ3+KM4R - mYdoe/BJ/J/6rHOjq7Omk24z2qB3RU1uAv57iY5VGw5p45uZB4C4pNNsBJXoCvPn - TGAs/7IrekFZDDgVraPx/hdiwopQ8NltSfZCyu/jPpWFK28TR8yfVlzYFwibj5WK - dHM7ZTqlA1tHIG+agyPf3Rae0jPMsHR6q+arXVwMccyOi+ULU0z8mHUJ3iEMIrpT - X+80KaN/ZjibfsBOCjcfiJSB/acn4nxQQgNZigna32velafhQivsNREFeJpzENiG - HOoyC6qVeOgKrRiKxzymj0FIMLru/iFF5pSWcBQB7PYlt8J0G80lAcPr6VCiN+4c - NKv03SdvA69dCOj79PuO9IIvQsJXsSq96HB+TeEmmL+xSdpGtGdCJHHM1fDeCqkZ - hT+RtBGQL2SEdWjxbF43oQopocT8cHvyX6Zaltn0svoGs+wX3Z/H6/8P5anog43U - 65c0A+64Jj00rNDr8j31izhtQMRo892kGeQAaaxg4Pz6HnS7hRC+cOMHUU4HA7iM - zHrouAdYeTZeZEQOA7SxtCME9ZnGwe2grxPXh/U/80WJGkzLFNcTKdv+rwARAQAB - tDdEb2NrZXIgUmVsZWFzZSBUb29sIChyZWxlYXNlZG9ja2VyKSA8ZG9ja2VyQGRv - Y2tlci5jb20+iQI4BBMBAgAiBQJVpZ9uAhsvBgsJCAcDAgYVCAIJCgsEFgIDAQIe - AQIXgAAKCRD3YiFXLFJgnbRfEAC9Uai7Rv20QIDlDogRzd+Vebg4ahyoUdj0CH+n - Ak40RIoq6G26u1e+sdgjpCa8jF6vrx+smpgd1HeJdmpahUX0XN3X9f9qU9oj9A4I - 1WDalRWJh+tP5WNv2ySy6AwcP9QnjuBMRTnTK27pk1sEMg9oJHK5p+ts8hlSC4Sl - uyMKH5NMVy9c+A9yqq9NF6M6d6/ehKfBFFLG9BX+XLBATvf1ZemGVHQusCQebTGv - 0C0V9yqtdPdRWVIEhHxyNHATaVYOafTj/EF0lDxLl6zDT6trRV5n9F1VCEh4Aal8 - L5MxVPcIZVO7NHT2EkQgn8CvWjV3oKl2GopZF8V4XdJRl90U/WDv/6cmfI08GkzD - YBHhS8ULWRFwGKobsSTyIvnbk4NtKdnTGyTJCQ8+6i52s+C54PiNgfj2ieNn6oOR - 7d+bNCcG1CdOYY+ZXVOcsjl73UYvtJrO0Rl/NpYERkZ5d/tzw4jZ6FCXgggA/Zxc - jk6Y1ZvIm8Mt8wLRFH9Nww+FVsCtaCXJLP8DlJLASMD9rl5QS9Ku3u7ZNrr5HWXP - HXITX660jglyshch6CWeiUATqjIAzkEQom/kEnOrvJAtkypRJ59vYQOedZ1sFVEL - MXg2UCkD/FwojfnVtjzYaTCeGwFQeqzHmM241iuOmBYPeyTY5veF49aBJA1gEJOQ - TvBR8Q== - =Fm3p - -----END PGP PUBLIC KEY BLOCK----- - named: - docker: docker-engine=1.13.1-0~ubuntu-xenial - socat: socat=1.7.3.1-1 - unnamed: - - ceph-common=10.2.11-0ubuntu0.16.04.2 -... diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/manifests/bootstrap.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/manifests/bootstrap.yaml deleted file mode 100644 index aca7cc3..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/manifests/bootstrap.yaml +++ /dev/null @@ -1,29 +0,0 @@ ---- -schema: armada/Manifest/v1 -metadata: - schema: metadata/Document/v1 - name: cluster-bootstrap - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - release_prefix: airship - chart_groups: - - kubernetes-proxy - - kubernetes-container-networking - - kubernetes-dns - - kubernetes-etcd - - kubernetes-haproxy - - kubernetes-core - - ingress-kube-system - - ucp-ceph - - ucp-ceph-config - - ucp-core - - ucp-keystone - - ucp-divingbell - - ucp-armada - - ucp-deckhand - - ucp-drydock - - ucp-promenade - - ucp-shipyard diff --git a/site_type/sriov/airship-treasuremap/global/v4.0/software/manifests/full-site.yaml b/site_type/sriov/airship-treasuremap/global/v4.0/software/manifests/full-site.yaml deleted file mode 100644 index ed3a501..0000000 --- a/site_type/sriov/airship-treasuremap/global/v4.0/software/manifests/full-site.yaml +++ /dev/null @@ -1,52 +0,0 @@ ---- -schema: armada/Manifest/v1 -metadata: - schema: metadata/Document/v1 - name: full-site-global - layeringDefinition: - abstract: true - layer: global - labels: - name: full-site-global - storagePolicy: cleartext -data: - release_prefix: airship - chart_groups: - - kubernetes-proxy - - kubernetes-container-networking - - kubernetes-dns - - kubernetes-etcd - - kubernetes-haproxy - - kubernetes-core - - ingress-kube-system - - ucp-ceph-update - - ucp-ceph-config - - ucp-core - - ucp-keystone - - ucp-divingbell - - ucp-armada - - ucp-deckhand - - ucp-drydock - - ucp-promenade - - ucp-shipyard - - osh-infra-ingress-controller - - osh-infra-ceph-config - - osh-infra-logging - - osh-infra-monitoring - - osh-infra-mariadb - - osh-infra-dashboards - - openstack-ingress-controller - - openstack-ceph-config - - openstack-mariadb - - openstack-memcached - - openstack-compute-services - - openstack-keystone - - openstack-radosgw - - openstack-glance - - openstack-cinder - - openstack-compute-kit - - openstack-heat - - osh-infra-prometheus-openstack-exporter - - openstack-horizon - - openstack-barbican -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/baremetal/bootactions/promjoin.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/baremetal/bootactions/promjoin.yaml deleted file mode 100644 index 1042934..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/baremetal/bootactions/promjoin.yaml +++ /dev/null @@ -1,32 +0,0 @@ ---- -# This file defines a boot action which is responsible for fetching the node's -# promjoin script from the promenade API. This is the script responsible for -# installing kubernetes on the node and joining the kubernetes cluster. -# #GLOBAL-CANDIDATE# -schema: 'drydock/BootAction/v1' -metadata: - schema: 'metadata/Document/v1' - name: promjoin - storagePolicy: 'cleartext' - layeringDefinition: - abstract: false - layer: site - labels: - application: 'drydock' -data: - signaling: false - # TODO(alanmeadows) move what is global about this document - assets: - - path: /opt/promjoin.sh - type: file - permissions: '555' - # The ip= parameter must match the MaaS network name of the network used - # to contact kubernetes. With a standard, reference Airship deployment where - # L2 networks are shared between all racks, the network name (i.e. calico) - # should be correct. - location: promenade+http://promenade-api.ucp.svc.cluster.local/api/v1.0/join-scripts?design_ref={{ action.design_ref | urlencode }}&hostname={{ node.hostname }}&ip={{ node.network.calico.ip }}{% for k, v in node.labels.items() %}&labels.dynamic={{ k }}={{ v }}{% endfor %} - location_pipeline: - - template - data_pipeline: - - utf8_decode -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/baremetal/nodes.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/baremetal/nodes.yaml deleted file mode 100644 index ee88a16..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/baremetal/nodes.yaml +++ /dev/null @@ -1,254 +0,0 @@ ---- -# Drydock BaremetalNode resources for a specific rack are stored in this file. -# -# NOTE: For new sites, you should complete the networks/physical/networks.yaml -# file before working on this file. -# -# In this file, you should make the number of `drydock/BaremetalNode/v1` -# resources equal the number of bare metal nodes you have, either by deleting -# excess BaremetalNode definitions (if there are too many), or by copying and -# pasting the last BaremetalNode in the file until you have the correct number -# of baremetal nodes (if there are too few). -# -# Then in each file, address all additional NEWSITE-CHANGEME markers to update -# the data in these files with the right values for your new site. -# -# *NOTE: The Genesis node is counted as one of the control plane nodes. Note -# that the Genesis node does not appear on this bare metal list, because the -# procedure to reprovision the Genesis host with MaaS has not yet been -# implemented. Therefore there will be only three bare metal nodes in this file -# with the 'masters' tag, as the genesis roles are assigned in a difference -# place (profiles/genesis.yaml). -# NOTE: The host profiles for the control plane are further divided into two -# variants: primary and secondary. The only significance this has is that the -# "primary" nodes are active Ceph nodes, whereas the "secondary" nodes are Ceph -# standby nodes. For Ceph quorum, this means that the control plane split will -# be 3 primary + 1 standby host profile, and the Genesis node counts toward one -# of the 3 primary profiles. Other control plane services are not affected by -# primary vs secondary designation. -# -# TODO: Include the hostname naming convention -# -schema: 'drydock/BaremetalNode/v1' -metadata: - schema: 'metadata/Document/v1' - # NEWSITE-CHANGEME: Replace with the hostname of the first node in the rack, - # after (excluding) genesis. - name: cab23-r720-12 - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - # NEWSITE-CHANGEME: The IPv4 address assigned to each logical network on this - # node. In the reference Airship deployment, this is all logical Networks defined - # in networks/physical/networks.yaml. IP addresses are manually assigned, by-hand. - # (what could possibly go wrong!) The instructions differ for each logical - # network, which are laid out below. - addressing: - # The iDrac/iLo IP of the node. It's important that this match up with the - # node's hostname above, so that the rack number and node position encoded - # in the hostname are accurate and matching the node that IPMI operations - # will be performed against (for poweron, poweroff, PXE boot to wipe disk or - # reconfigure identity, etc - very important to get right for these reasons). - # These addresses should already be assigned to nodes racked and stacked in - # the environment; these are not addresses which MaaS assigns. - - network: oob - address: 10.23.104.12 - # The IP of the node on the PXE network. Refer to the static IP range - # defined for the PXE network in networks/physical/networks.yaml. Begin allocating - # IPs from this network, starting with the second IP (inclusive) from the - # allocation range of this subnet (Genesis node will have the first IP). - # Ex: If the start IP for the PXE "static" network is 10.23.20.11, then - # genesis will have 10.23.20.11, this node will have 10.23.20.12, and - # so on with incrementing IP addresses with each additional node. - - network: pxe - address: 10.23.20.12 - # Genesis node gets first IP, all other nodes increment IPs from there - # within the allocation range defined for the network in - # networks/physical/networks.yaml - - network: oam - address: 10.23.21.12 - # Genesis node gets first IP, all other nodes increment IPs from there - # within the allocation range defined for the network in - # networks/physical/networks.yaml - - network: storage - address: 10.23.23.12 - # Genesis node gets first IP, all other nodes increment IPs from there - # within the allocation range defined for the network in - # networks/physical/networks.yaml - - network: overlay - address: 10.23.24.12 - # Genesis node gets first IP, all other nodes increment IPs from there - # within the allocation range defined for the network in - # networks/physical/networks.yaml - - network: calico - address: 10.23.22.12 - # NEWSITE-CHANGEME: Set the host profile for the node. - # Note that there are different host profiles depending if this is a control - # plane vs data plane node, and different profiles that map to different types - # hardware. Control plane host profiles are further broken down into "primary" - # and "secondary" profiles (refer to the Notes section at the top of this doc). - # Select the host profile that matches up to your type of - # hardware and function. E.g., the r720 here refers to Dell R720 hardware, the - # 'cp' refers to a control plane profile, and the "primary" means it will be - # an active member in the ceph quorum. Refer to profiles/host/ for the list - # of available host profiles specific to this site (otherwise, you may find - # a general set of host profiles at the "type" or "global" layers/folders. - # If you have hardware that is not on this list of profiles, you may need to - # create a new host profile for that hardware. - # Regarding control plane vs other data plane profiles, refer to the notes at - # the beginning of this file. There should be one control plane node per rack, - # including Genesis. Note Genesis won't actually be listed in this file as a - # BaremetalNode, but the rest are. - # This is the second "primary" control plane node after Genesis. - host_profile: cp_r720-primary - metadata: - tags: - # NEWSITE-CHANGEME: See previous comment. Apply 'masters' tag for control - # plane node, and 'workers' tag for data plane hosts. - - 'masters' - # NEWSITE-CHANGEME: Refer to site engineering package or other supporting - # documentation for the specific rack name. This should be a rack name that - # is meaningful to data center personnel (i.e. a rack they could locate if - # you gave them this rack designation). - rack: cab23 -... ---- -schema: 'drydock/BaremetalNode/v1' -metadata: - schema: 'metadata/Document/v1' - # NEWSITE-CHANGEME: The next node's hostname - name: cab23-r720-13 - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - # NEWSITE-CHANGEME: The next node's IPv4 addressing - addressing: - - network: oob - address: 10.23.104.13 - - network: pxe - address: 10.23.20.13 - - network: oam - address: 10.23.21.13 - - network: storage - address: 10.23.23.13 - - network: overlay - address: 10.23.24.13 - - network: calico - address: 10.23.22.13 - # NEWSITE-CHANGEME: The next node's host profile - host_profile: cp_r720-primary - metadata: - # NEWSITE-CHANGEME: The next node's rack designation - rack: cab23 - # NEWSITE-CHANGEME: The next node's role desigatnion - tags: - - 'masters' -... ---- -schema: 'drydock/BaremetalNode/v1' -metadata: - schema: 'metadata/Document/v1' - # NEWSITE-CHANGEME: The next node's hostname - name: cab23-r720-14 - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - # NEWSITE-CHANGEME: The next node's IPv4 addressing - addressing: - - network: oob - address: 10.23.104.14 - - network: pxe - address: 10.23.20.14 - - network: oam - address: 10.23.21.14 - - network: storage - address: 10.23.23.14 - - network: overlay - address: 10.23.24.14 - - network: calico - address: 10.23.22.14 - # NEWSITE-CHANGEME: The next node's host profile - # This is the third "primary" control plane profile after genesis - host_profile: cp_r740-secondary - metadata: - # NEWSITE-CHANGEME: The next node's rack designation - rack: cab23 - # NEWSITE-CHANGEME: The next node's role desigatnion - tags: - - 'masters' -... ---- -schema: 'drydock/BaremetalNode/v1' -metadata: - schema: 'metadata/Document/v1' - # NEWSITE-CHANGEME: The next node's hostname - name: cab23-r720-17 - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - # NEWSITE-CHANGEME: The next node's IPv4 addressing - addressing: - - network: oob - address: 10.23.104.17 - - network: pxe - address: 10.23.20.17 - - network: oam - address: 10.23.21.17 - - network: storage - address: 10.23.23.17 - - network: overlay - address: 10.23.24.17 - - network: calico - address: 10.23.22.17 - # NEWSITE-CHANGEME: The next node's host profile - # This is the one and only appearance of the "secondary" control plane profile - host_profile: dp_r720 - metadata: - # NEWSITE-CHANGEME: The next node's rack designation - rack: cab23 - # NEWSITE-CHANGEME: The next node's role desigatnion - tags: - - 'workers' -... ---- -schema: 'drydock/BaremetalNode/v1' -metadata: - schema: 'metadata/Document/v1' - # NEWSITE-CHANGEME: The next node's hostname - name: cab23-r720-19 - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - # NEWSITE-CHANGEME: The next node's IPv4 addressing - addressing: - - network: oob - address: 10.23.104.19 - - network: pxe - address: 10.23.20.19 - - network: oam - address: 10.23.21.19 - - network: storage - address: 10.23.23.19 - - network: overlay - address: 10.23.24.19 - - network: calico - address: 10.23.22.19 - # NEWSITE-CHANGEME: The next node's host profile - host_profile: dp_r720 - metadata: - # NEWSITE-CHANGEME: The next node's rack designation - rack: cab23 - # NEWSITE-CHANGEME: The next node's role desigatnion - tags: - - 'workers' -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/deployment/deployment-configuration.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/deployment/deployment-configuration.yaml deleted file mode 100644 index 676e219..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/deployment/deployment-configuration.yaml +++ /dev/null @@ -1,41 +0,0 @@ ---- -# The purpose of this file is to provide shipyard related deployment config -# parameters. This should not require modification for a new site. However, -# shipyard deployment strategies can be very useful in getting around certain -# failures, like misbehaving nodes that hold up the deployment. See more at -# https://github.com/openstack/airship-shipyard/blob/master/docs/source/site-definition-documents.rst#using-a-deployment-strategy -schema: shipyard/DeploymentConfiguration/v1 -metadata: - schema: metadata/Document/v1 - name: deployment-configuration - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - physical_provisioner: - deployment_strategy: deployment-strategy - deploy_interval: 30 - deploy_timeout: 3600 - destroy_interval: 30 - destroy_timeout: 900 - join_wait: 120 - prepare_node_interval: 30 - prepare_node_timeout: 1800 - prepare_site_interval: 10 - prepare_site_timeout: 300 - verify_interval: 10 - verify_timeout: 60 - kubernetes_provisioner: - drain_timeout: 3600 - drain_grace_period: 1800 - clear_labels_timeout: 1800 - remove_etcd_timeout: 1800 - etcd_ready_timeout: 600 - armada: - get_releases_timeout: 300 - get_status_timeout: 300 - manifest: 'full-site' - post_apply_timeout: 2700 - validate_design_timeout: 600 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/pki/pki-catalog.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/pki/pki-catalog.yaml deleted file mode 100644 index 758c3ab..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/pki/pki-catalog.yaml +++ /dev/null @@ -1,358 +0,0 @@ ---- -# The purpose of this file is to define the PKI certificates for the environment -# -# NOTE: When deploying a new site, this file should not be configured until -# baremetal/nodes.yaml is complete. -# -schema: promenade/PKICatalog/v1 -metadata: - schema: metadata/Document/v1 - name: cluster-certificates - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - certificate_authorities: - kubernetes: - description: CA for Kubernetes components - certificates: - - document_name: apiserver - description: Service certificate for Kubernetes apiserver - common_name: apiserver - hosts: - - localhost - - 127.0.0.1 - # FIXME: Repetition of api_service_ip in common-addresses; use - # substitution - - 10.96.0.1 - kubernetes_service_names: - - kubernetes.default.svc.cluster.local - - # NEWSITE-CHANGEME: The following should be a list of all the nodes in - # the environment (genesis, control plane, data plane, everything). - # Add/delete from this list as necessary until all nodes are listed. - # For each node, the `hosts` list should be comprised of: - # 1. The node's hostname, as already defined in baremetal/nodes.yaml - # 2. The node's oam IP address, as already defined in baremetal/nodes.yaml - # 3. The node's Calico IP address, as already defined in baremetal/nodes.yaml - # NOTE: This list also needs to include the Genesis node, which is not - # listed in baremetal/nodes.yaml, but by convention should be allocated - # the first non-reserved IP in each logical network allocation range - # defined in networks/physical/networks.yaml - # NOTE: The genesis node needs to be defined twice (the first two entries - # on this list) with all of the same paramters except the document_name. - # In the first case the document_name is `kubelet-genesis`, and in the - # second case the document_name format is `kubelete-YOUR_GENESIS_HOSTNAME`. - - document_name: kubelet-genesis - common_name: system:node:cab23-r720-11 - hosts: - - cab23-r720-11 - - 10.23.21.11 - - 10.23.22.11 - groups: - - system:nodes - - document_name: kubelet-cab23-r720-11 - common_name: system:node:cab23-r720-11 - hosts: - - cab23-r720-11 - - 10.23.21.11 - - 10.23.22.11 - groups: - - system:nodes - - document_name: kubelet-cab23-r720-12 - common_name: system:node:cab23-r720-12 - hosts: - - cab23-r720-12 - - 10.23.21.12 - - 10.23.22.12 - groups: - - system:nodes - - document_name: kubelet-cab23-r720-13 - common_name: system:node:cab23-r720-13 - hosts: - - cab23-r720-13 - - 10.23.21.13 - - 10.23.22.13 - groups: - - system:nodes - - document_name: kubelet-cab23-r720-14 - common_name: system:node:cab23-r720-14 - hosts: - - cab23-r720-14 - - 10.23.21.14 - - 10.23.22.14 - groups: - - system:nodes - - document_name: kubelet-cab23-r720-17 - common_name: system:node:cab23-r720-17 - hosts: - - cab23-r720-17 - - 10.23.21.17 - - 10.23.22.17 - groups: - - system:nodes - - document_name: kubelet-cab23-r720-19 - common_name: system:node:cab23-r720-19 - hosts: - - cab23-r720-19 - - 10.23.21.19 - - 10.23.22.19 - groups: - - system:nodes - # End node list - - document_name: scheduler - description: Service certificate for Kubernetes scheduler - common_name: system:kube-scheduler - - document_name: controller-manager - description: certificate for controller-manager - common_name: system:kube-controller-manager - - document_name: admin - common_name: admin - groups: - - system:masters - - document_name: armada - common_name: armada - groups: - - system:masters - kubernetes-etcd: - description: Certificates for Kubernetes's etcd servers - certificates: - - document_name: apiserver-etcd - description: etcd client certificate for use by Kubernetes apiserver - common_name: apiserver - # NOTE(mark-burnett): hosts not required for client certificates - - document_name: kubernetes-etcd-anchor - description: anchor - common_name: anchor - # NEWSITE-CHANGEME: The following should be a list of the control plane - # nodes in the environment, including genesis. - # For each node, the `hosts` list should be comprised of: - # 1. The node's hostname, as already defined in baremetal/nodes.yaml - # 2. The node's oam IP address, as already defined in baremetal/nodes.yaml - # 3. The node's Calico IP address, as already defined in baremetal/nodes.yaml - # 4. 127.0.0.1 - # 5. localhost - # 6. kubernetes-etcd.kube-system.svc.cluster.local - # NOTE: This list also needs to include the Genesis node, which is not - # listed in baremetal/nodes.yaml, but by convention should be allocated - # the first non-reserved IP in each logical network allocation range - # defined in networks/physical/networks.yaml, except for the kubernetes - # service_cidr where it should start with the second IP in the range. - # NOTE: The genesis node is defined twice with the same `hosts` data: - # Once with its hostname in the common/document name, and once with - # `genesis` defined instead of the host. For now, this duplicated - # genesis definition is required. FIXME: Remove duplicate definition - # after Promenade addresses this issue. - - document_name: kubernetes-etcd-genesis - common_name: kubernetes-etcd-genesis - hosts: - - cab23-r720-11 - - 10.23.21.11 - - 10.23.22.11 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - - document_name: kubernetes-etcd-cab23-r720-11 - common_name: kubernetes-etcd-cab23-r720-11 - hosts: - - cab23-r720-11 - - 10.23.21.11 - - 10.23.22.11 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - - document_name: kubernetes-etcd-cab23-r720-12 - common_name: kubernetes-etcd-cab23-r720-12 - hosts: - - cab23-r720-12 - - 10.23.21.12 - - 10.23.22.12 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - - document_name: kubernetes-etcd-cab23-r720-13 - common_name: kubernetes-etcd-cab23-r720-13 - hosts: - - cab23-r720-13 - - 10.23.21.13 - - 10.23.22.13 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - - document_name: kubernetes-etcd-cab23-r720-14 - common_name: kubernetes-etcd-cab23-r720-14 - hosts: - - cab23-r720-14 - - 10.23.21.14 - - 10.23.22.14 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - # End node list - kubernetes-etcd-peer: - certificates: - # NEWSITE-CHANGEME: This list should be identical to the previous list, - # except that `-peer` has been appended to the document/common names. - - document_name: kubernetes-etcd-genesis-peer - common_name: kubernetes-etcd-genesis-peer - hosts: - - cab23-r720-11 - - 10.23.21.11 - - 10.23.22.11 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - - document_name: kubernetes-etcd-cab23-r720-11-peer - common_name: kubernetes-etcd-cab23-r720-11-peer - hosts: - - cab23-r720-11 - - 10.23.21.11 - - 10.23.22.11 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - - document_name: kubernetes-etcd-cab23-r720-12-peer - common_name: kubernetes-etcd-cab23-r720-12-peer - hosts: - - cab23-r720-12 - - 10.23.21.12 - - 10.23.22.12 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - - document_name: kubernetes-etcd-cab23-r720-13-peer - common_name: kubernetes-etcd-cab23-r720-13-peer - hosts: - - cab23-r720-13 - - 10.23.21.13 - - 10.23.22.13 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - - document_name: kubernetes-etcd-cab23-r720-14-peer - common_name: kubernetes-etcd-cab23-r720-14-peer - hosts: - - cab23-r720-14 - - 10.23.21.14 - - 10.23.22.14 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - # End node list - calico-etcd: - description: Certificates for Calico etcd client traffic - certificates: - - document_name: calico-etcd-anchor - description: anchor - common_name: anchor - # NEWSITE-CHANGEME: The following should be a list of the control plane - # nodes in the environment, including genesis. - # For each node, the `hosts` list should be comprised of: - # 1. The node's hostname, as already defined in baremetal/nodes.yaml - # 2. The node's oam IP address, as already defined in baremetal/nodes.yaml - # 3. The node's Calico IP address, as already defined in baremetal/nodes.yaml - # 4. 127.0.0.1 - # 5. localhost - # 6. The calico/etcd/service_ip defined in networks/common-addresses.yaml - # NOTE: This list also needs to include the Genesis node, which is not - # listed in baremetal/nodes.yaml, but by convention should be allocated - # the first non-reserved IP in each logical network allocation range - # defined in networks/physical/networks.yaml - - document_name: calico-etcd-cab23-r720-11 - common_name: calico-etcd-cab23-r720-11 - hosts: - - cab23-r720-11 - - 10.23.21.11 - - 10.23.22.11 - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-etcd-cab23-r720-12 - common_name: calico-etcd-cab23-r720-12 - hosts: - - cab23-r720-12 - - 10.23.21.12 - - 10.23.22.12 - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-etcd-cab23-r720-13 - common_name: calico-etcd-cab23-r720-13 - hosts: - - cab23-r720-13 - - 10.23.21.13 - - 10.23.22.13 - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-etcd-cab23-r720-14 - common_name: calico-etcd-cab23-r720-14 - hosts: - - cab23-r720-14 - - 10.23.21.14 - - 10.23.22.14 - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-node - common_name: calcico-node - # End node list - calico-etcd-peer: - description: Certificates for Calico etcd clients - certificates: - # NEWSITE-CHANGEME: This list should be identical to the previous list, - # except that `-peer` has been appended to the document/common names. - - document_name: calico-etcd-cab23-r720-11-peer - common_name: calico-etcd-cab23-r720-11-peer - hosts: - - cab23-r720-11 - - 10.23.21.11 - - 10.23.22.11 - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-etcd-cab23-r720-12-peer - common_name: calico-etcd-cab23-r720-12-peer - hosts: - - cab23-r720-12 - - 10.23.21.12 - - 10.23.22.12 - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-etcd-cab23-r720-13-peer - common_name: calico-etcd-cab23-r720-13-peer - hosts: - - cab23-r720-13 - - 10.23.21.13 - - 10.23.22.13 - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-etcd-cab23-r720-14-peer - common_name: calico-etcd-cab23-r720-14-peer - hosts: - - cab23-r720-14 - - 10.23.21.14 - - 10.23.22.14 - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-node-peer - common_name: calcico-node-peer - # End node list - keypairs: - - name: service-account - description: Service account signing key for use by Kubernetes controller-manager. -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/profiles/genesis.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/profiles/genesis.yaml deleted file mode 100644 index ff793b7..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/profiles/genesis.yaml +++ /dev/null @@ -1,44 +0,0 @@ ---- -# The purpose of this file is to apply proper labels to Genesis node so the -# proper services are installed and proper configuration applied. This should -# not need to be changed for a new site. -# #GLOBAL-CANDIDATE# -schema: promenade/Genesis/v1 -metadata: - schema: metadata/Document/v1 - name: genesis-site - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: genesis-global - actions: - - method: merge - path: . - storagePolicy: cleartext -data: - labels: - dynamic: - - beta.kubernetes.io/fluentd-ds-ready=true - - calico-etcd=enabled - - ceph-mds=enabled - - ceph-mon=enabled - - ceph-osd=enabled - - ceph-rgw=enabled - - ceph-mgr=enabled - - ceph-bootstrap=enabled - - kube-dns=enabled - - kube-ingress=enabled - - kubernetes-apiserver=enabled - - kubernetes-controller-manager=enabled - - kubernetes-etcd=enabled - - kubernetes-scheduler=enabled - - promenade-genesis=enabled - - ucp-control-plane=enabled - - maas-control-plane=enabled - - ceph-osd-bootstrap=enabled - - openstack-control-plane=enabled - - openvswitch=enabled - - openstack-l3-agent=enabled - - node-exporter=enabled -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/certificates/certificates.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/certificates/certificates.yaml deleted file mode 100644 index 37b9e14..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/certificates/certificates.yaml +++ /dev/null @@ -1,2805 +0,0 @@ ---- -# Certs genrated by Promenade, see docs at -# https://treasuremap.readthedocs.io/en/latest/deployment.html#site-new-site-pki-pki-catalog-yaml -data: | - -----BEGIN CERTIFICATE----- - MIIDSDCCAjCgAwIBAgIUegkh/antB1XyDVHdP5dv+0MZyBcwDQYJKoZIhvcNAQEL - BQAwKjETMBEGA1UEChMKS3ViZXJuZXRlczETMBEGA1UEAxMKa3ViZXJuZXRlczAe - Fw0xODA4MjAyMzQzMDBaFw0yMzA4MTkyMzQzMDBaMCoxEzARBgNVBAoTCkt1YmVy - bmV0ZXMxEzARBgNVBAMTCmt1YmVybmV0ZXMwggEiMA0GCSqGSIb3DQEBAQUAA4IB - DwAwggEKAoIBAQC1jUTdodnxFzC6OD/Rre2Qqw/BTycKvWW3Bkby5abZGRxgMkV5 - SxTSMazjPYjEA7+rhXqKgmn+OaV1trZvYbH0rZcRyGSC8D5Wj5SCtuGO6EUqx8SQ - 1tklnHbFKtMDjN8V201SV/ydUfXcFFlD8jUXUkb4iSZV+hkhOO3ZlTqBo4/vkYMK - N+7Dsv1Tfs3sHY4MDuiI/Fz8Uj5bMrKc/gVdPnrYPRsLQ/xlkfufsUuy0VlokrpQ - uYQjorvYbhpl6B7XT8mJsf3WQwB5A1E8bxFp0IR3tEaMIzXeSvrIS7ajxu0zVY/B - qS+uwRNtkCxs2cNsqPoQQBYTkhAoffWnBGYbAgMBAAGjZjBkMA4GA1UdDwEB/wQE - AwIBBjASBgNVHRMBAf8ECDAGAQH/AgECMB0GA1UdDgQWBBTIAmvhlCafX+fLJ7FY - /p5ZjYibADAfBgNVHSMEGDAWgBTIAmvhlCafX+fLJ7FY/p5ZjYibADANBgkqhkiG - 9w0BAQsFAAOCAQEAm4qCucz52aD2AqP9m9r6ZRPlzAesImR7eXOD+ix4r9uMfM85 - YYAZcRhf4/RWwfIWvngeXWTUirAEbwNfXEkbMddTkrBZ7q7BaqYH/1BNXRahBd2G - CJDQa6HMEvSLOkH/vAf/BY3d6WprS69YWVC4ffj0+FqBOMD5KLxPfM1gdashV0XB - yIFo4HPYXn3J3H7HRc17ZizOaPghY/ldNWsmoj1YPlxA9exDPQ4jI91VcSCDZbD/ - YyIntJzMZZ28xFPQFhww2oRD5LpDvfq+P6gBz08FKE+lmRKirANVzBltS2I8xzMV - FSCBNl+qV3evUg57xzgjifVHxmfSuLszLtTkOA== - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubernetes - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateAuthority/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIIDUjCCAjqgAwIBAgIUV1YkAwvB59dO83zhqvvcdywidd4wDQYJKoZIhvcNAQEL - BQAwLzETMBEGA1UEChMKS3ViZXJuZXRlczEYMBYGA1UEAxMPa3ViZXJuZXRlcy1l - dGNkMB4XDTE4MDgyMDIzNDMwMFoXDTIzMDgxOTIzNDMwMFowLzETMBEGA1UEChMK - S3ViZXJuZXRlczEYMBYGA1UEAxMPa3ViZXJuZXRlcy1ldGNkMIIBIjANBgkqhkiG - 9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzUobHwzHYA4KMu7PGtqreil8uhm++fs2XqrN - mW+LBH1HuuiB6iUZqgx9zEHpll4bMr/YLp9cdYu9uVy21zglHAyostBcqbe2dx9S - 8ErcUsEGFllORBMN7tIFE6VB6ldLqoV6jyQ3F+LSJwhOOzqBWuozSlBLuOv/Q1xU - Mnc0ndlbrtVejWZUFt5ItOt/pyXbZ3zAFmCH3bMCm8vftxjphNFrWVvHPaAySvKu - 93SMMyFl9szFjP17BP5PwmjsYxkbNL8Fn26akEQvaFV8YbPEJSaxAst8J+QAbXUa - BR/7NuC6kxRI0kTQw/nAjeaRV3AuWm+wBbuXtO5c3cyDsxcM2QIDAQABo2YwZDAO - BgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBAjAdBgNVHQ4EFgQUnSYC - 0OZmL0av6dRaIZe3txRXx8cwHwYDVR0jBBgwFoAUnSYC0OZmL0av6dRaIZe3txRX - x8cwDQYJKoZIhvcNAQELBQADggEBACPw+ckz/nVMEOVPrJUmXQhaI/wCXHgOw/rY - sIqsRF9PGvWgU5I1CjhnHQLUy5YY/yf2g3EgQFFUh5u44PCuCMIQejun1SwFP4tI - d/CQQwDHMdGYlajApvKITcbpTdzU3yI9jVbf7szDaeYBDcF8uko7h+8FbE+vO/Ub - /jWGy58n4SfjEOQ2zKxa+kIhI8yAKrgl+nC9tkuWD3Veymc6yYD7umXw5uTP4gVp - zTRaZ13J2MmERXNYtfx7VRq6xvcpVhDH496uWuyxUSrOt9gmfrNfeixWxUoDUHBR - t7f+igcy4zwv75PAcKI0lOHjbcF6d6+1CdNVQt3XOR9UWl63lp8= - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubernetes-etcd - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateAuthority/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIIDXDCCAkSgAwIBAgIUb75pk6FxXqBl9NLZaUuFBJupnoYwDQYJKoZIhvcNAQEL - BQAwNDETMBEGA1UEChMKS3ViZXJuZXRlczEdMBsGA1UEAxMUa3ViZXJuZXRlcy1l - dGNkLXBlZXIwHhcNMTgwODIwMjM0MzAwWhcNMjMwODE5MjM0MzAwWjA0MRMwEQYD - VQQKEwpLdWJlcm5ldGVzMR0wGwYDVQQDExRrdWJlcm5ldGVzLWV0Y2QtcGVlcjCC - ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOtZKHMDL/H5Q0qYA+07HRpt - +4AsXRrL5DaiGp0qnq8fisX/mwODDJxWacCsrXnFZvcj+2brBzi8oQHpEw4BueYs - 8RYlT3tPMOQBfHl9m69ZG6150r0WsrI2MiPLrsMSDAIreaOLc1ptmGMWqyEy/UpA - fgtiMq810euhLfrHKPRXxYfndMN82NAnAT2VPqnFIj5r5npPG8gL/ALN2DgcBkiC - 3T+FiZxAq3thm2FKFJizYGtCN6t4grmhX8uZdBnFjLhP9t5umZFsPcpEzpiF9gIs - 1wd3UcDhc/mzJlmkVax8yrvvuhkPrbuQugNiCbkN2LS9iAapGYP8lNg1oR5k4N8C - AwEAAaNmMGQwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQIwHQYD - VR0OBBYEFBK6v8RVwFvzEsP3RlVZSAZ1LJufMB8GA1UdIwQYMBaAFBK6v8RVwFvz - EsP3RlVZSAZ1LJufMA0GCSqGSIb3DQEBCwUAA4IBAQAG/FupcGdFBrWVw/pG2Tgh - 3z227ev4Z7pVazolPiGJpQOTZ2dIdnSs4HwovCxSewToXLd9k+wcIV1NEzyllw9I - +OgdLHHHJirZd4RJdwlCIfYh1uXS4g85Mat+jDoBkzCX2FIkEm9m6h291UrlOqy+ - im4hkJLF7AwJD6U0GPqoOVNx/jPlAzXolZ6YTjZ2LHGj6Liu7Tc2LO+S0c3wVAXL - hbl2FE8KT6qYAoMxNLJlAvnFNi/mPMpab6PLgE8DYTSByvj2F5WqdaTlbCZZV0bV - DnTxj0SG0H8p0Y8fpz76/E1Okr1H07XxzNxHudS2KClUHMNMnrtmDIGjbZAMWmt7 - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubernetes-etcd-peer - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateAuthority/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIIDSjCCAjKgAwIBAgIUCKu+Ga+ilp0+4UGjAakITGRCA3cwDQYJKoZIhvcNAQEL - BQAwKzETMBEGA1UEChMKS3ViZXJuZXRlczEUMBIGA1UEAxMLY2FsaWNvLWV0Y2Qw - HhcNMTgwODIwMjM0MzAwWhcNMjMwODE5MjM0MzAwWjArMRMwEQYDVQQKEwpLdWJl - cm5ldGVzMRQwEgYDVQQDEwtjYWxpY28tZXRjZDCCASIwDQYJKoZIhvcNAQEBBQAD - ggEPADCCAQoCggEBAJ++NV1PWCvuWzpSHABlD1adP30RUSbgqaC38EeM4rhhZLmJ - 48Bbo7EuueponhuNcCKDOWXPJEh67Scw9Qh4SLovRz72fu9KP5qPxjRIOYSh4V+F - qiE+iGz/tSvlInlykmCb7H15cOXMZcE1hH0CIC78GRmZAZCUJXW76xS7c3lm0jGW - /egE4IZ1r29LJo6KZFM3m3HTKlHV9XSluPjhWGU/atpi+TQvDX/Hv6yrseOkv0XX - T5n+Z/e5xmtEwnbzDHpMy3EwSDoxYHQrlEfRMv9w+XsFp4rfJ7ZofgrJk63StzDr - OxKBWXID44Uk6aV6TrWkIgk3E3QcKZn/Plh0i/kCAwEAAaNmMGQwDgYDVR0PAQH/ - BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQIwHQYDVR0OBBYEFPL7h/k7n+hgJLzZ - a1WNuQxLmDl7MB8GA1UdIwQYMBaAFPL7h/k7n+hgJLzZa1WNuQxLmDl7MA0GCSqG - SIb3DQEBCwUAA4IBAQAqAuDjjC1UVUplI0XHTOVhuoNSAirOihtncXTVEdcR4Pqt - YT6s+oh+wV7V4wPAsisRCeIOpFzvp22QaF6l0+Gn9B8AHt5zs3+GuoYmuX7UXreJ - SVrnh+wI20E1fzj1lDYzgdekZW12SbJQs6LCJ5JfX1bTCjBL7ysIPzE0EWnqGGTp - qWa7dlzHLcU/PWHWXyNta5IlUZ/GCjMpLSMYXPO0a6Z5d0QGJXe9Iz4mkljwC3un - XXKzuKtpxxQZJ1+w70wfLHujnhUr3v5IDLDlxl698YRRopHyfNP1TZ7xUOMtkVqg - KMiLE1Ki0t7Jr3OYPOCmtuvk4bFoG0TIgA7XDGPS - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: calico-etcd - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateAuthority/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIIDVDCCAjygAwIBAgIUagTlPOZ8jX10HMhcsHgh9Ec//00wDQYJKoZIhvcNAQEL - BQAwMDETMBEGA1UEChMKS3ViZXJuZXRlczEZMBcGA1UEAxMQY2FsaWNvLWV0Y2Qt - cGVlcjAeFw0xODA4MjAyMzQzMDBaFw0yMzA4MTkyMzQzMDBaMDAxEzARBgNVBAoT - Ckt1YmVybmV0ZXMxGTAXBgNVBAMTEGNhbGljby1ldGNkLXBlZXIwggEiMA0GCSqG - SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDoMT11MMWnPgQ9lOjLzx51o2BW5NuJyD+B - NuzzAmT607Q6oo5wQ8oyDHeOH0h1heL71/iqcoAzalHFKNLAek9pcjW5RudpLuRt - FLRC6zKedn7n9Mg4H4K8cahatK8rSrYOrz0UF3p/XuoxXN1uQCwIX3+aOT0hlq3E - ONo9+LqSVh0RhSn3Qc1BaGsMDA8ATs0jiCWU8V5Lkw8IUb1wBCe4iwfi1XRn8eV8 - jTW8dwnRB8yH8/5oVsD7dzOTjaUQg6w0nnn7SPFPhFOpwbX4Wd9fj1mq9uY6GIFC - JNj/UpnFRVtDO+8gJJxWV83SGhcvuJoXH5LoPmFS47TrMoBbGvM7AgMBAAGjZjBk - MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgECMB0GA1UdDgQWBBRL - fKY8JuyVlmEm4a6VB65X0x5aYTAfBgNVHSMEGDAWgBRLfKY8JuyVlmEm4a6VB65X - 0x5aYTANBgkqhkiG9w0BAQsFAAOCAQEACQlBvcV8mZncmP+zTiq5190uBm3Nf6Lr - EkLcCxmlB4PADUjK082C7oBm9z5QViimUg7fqdQSwZ3ujMYTIKgDADbTlLLKAGK5 - 9C6KB3cSOiFSmZInhZs5HUMIPlybmYOv0yQfGCqOKYzPaCqp5arOjn4CDEqc8QG9 - cAX/86Lnq1g2SfDIvq49t8BRsbahIN/Z+HPu1FhdahSDw35hGqkZ7DR8YeQrOSM+ - O6jgMKGgM0LtNno/rVytkPv/kdA79T3ZaoMoTYtR9D803RQe8XaX7GNBKUqptE2O - nCEazqPjNiB3GiP/oKxQwc/6o0fVqV5G/0nwZWQEKkpwUVCWMbJu7w== - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: calico-etcd-peer - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateAuthority/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEpAIBAAKCAQEAtY1E3aHZ8Rcwujg/0a3tkKsPwU8nCr1ltwZG8uWm2RkcYDJF - eUsU0jGs4z2IxAO/q4V6ioJp/jmldba2b2Gx9K2XEchkgvA+Vo+UgrbhjuhFKsfE - kNbZJZx2xSrTA4zfFdtNUlf8nVH13BRZQ/I1F1JG+IkmVfoZITjt2ZU6gaOP75GD - Cjfuw7L9U37N7B2ODA7oiPxc/FI+WzKynP4FXT562D0bC0P8ZZH7n7FLstFZaJK6 - ULmEI6K72G4aZege10/JibH91kMAeQNRPG8RadCEd7RGjCM13kr6yEu2o8btM1WP - wakvrsETbZAsbNnDbKj6EEAWE5IQKH31pwRmGwIDAQABAoIBABTEsVENN8o9leRn - lN1eoSOAfg/mBxhSbDVQsYMNxFVnaviSJ6JldV9KMXXZTzDlIOL1JPx9SLS9UXEy - 0pHRQjM0PGjbXKwh4W+zgxCk7Q6VAXyQV6sd+L81s9yANp1cWxS7/o9h41L30kE3 - zrJYHbyqO9YokksZjhBf282dJZE4vFrrEjwYVq+qDcFlWbpN3hlVq0c4s/BlJL1G - 9IVA35DTlS9LAjIsPCKzAYg0wZY+9X01ym7iFG0UWbhKJctmBniOobc1adytLI4Y - MEEQnR3UBUOjs/ifYYeUqz/WEhSqpr5cOt1+cP+ReJyUBa4gpxMC9Me2M9L/liOE - vyw7MnECgYEAzorHV0UaK4Ftbu2N7FgEOQmwkR/GErBjZ0rhikyOI0PCGXq6Km94 - 79wDQDjXUqlCxlS4WcN2+N434rV+S1eOHkzLV7VCAAR5nm8upeYNaNyxGAz7PubL - ZbKcPaYqHkY6SxG2LhJ8/Mo4nPr0Vb5SSaTLEuxibSssCF65n5wO7fMCgYEA4QaQ - SV6n3FKaVDJF3molaAWwTrUNnZynVOpJpuyT6hmmyl8cG0k+wznah8xlD4GH5AjH - pIP0VjxGC2nDG4bUDESL8pqFDsmXE5f1kziTXsdWtE7TZ5Z6IC2oBIR2sTvAwwO1 - 8e47TyHG19VOWaoc5WOtsceZ7ZIPmYYgKvv0qTkCgYAMhWNCSiElBAqjT+lrq4ZO - AuVeVuPGHEVabLKxlKSFRMVOkB8bFXjqaZcU3J1JGJPAvEAUyQG8YpRWvRPz81Hd - SmCFZ6qhn6PT0/+q9QBZHA/sWlUc4hbwilxobFtfTHiaNm+p6VsEZCn8ckY/sHMC - nefltMjev2BC/aMZJvfMuwKBgQCbwABEWDjVPXNGTZmgjVWgvzc98wEek1waYSNj - XyIuCV0xe00n8bV4SOXh0m4solodUppkW1TWD1fn9Gcv+U1xxEwdOihYiN2BmU9H - fAQ8uLphiKG4dCXJefBuWAUTPSl5kWrwrhTs+5L2ttRJKX5go3KIt3/qOIuFlplT - RxsbuQKBgQCnymwu10mxY6ezSHJjZd3Al8Pj7KsNiURVP7A4c3QhQdCpyXDIfU43 - RAYTprsQ/dM5U7n4vXZnvnSYBVwrLirfEVsE6A6h55LkMEpEkKpwro3Jgs4mFMm0 - ksjM1xPJ0p0jLT+fL1f6sTAONmYb0ra5xl5mrgzHn1zkZ/IlmnpfaQ== - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubernetes - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateAuthorityKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEowIBAAKCAQEAzUobHwzHYA4KMu7PGtqreil8uhm++fs2XqrNmW+LBH1HuuiB - 6iUZqgx9zEHpll4bMr/YLp9cdYu9uVy21zglHAyostBcqbe2dx9S8ErcUsEGFllO - RBMN7tIFE6VB6ldLqoV6jyQ3F+LSJwhOOzqBWuozSlBLuOv/Q1xUMnc0ndlbrtVe - jWZUFt5ItOt/pyXbZ3zAFmCH3bMCm8vftxjphNFrWVvHPaAySvKu93SMMyFl9szF - jP17BP5PwmjsYxkbNL8Fn26akEQvaFV8YbPEJSaxAst8J+QAbXUaBR/7NuC6kxRI - 0kTQw/nAjeaRV3AuWm+wBbuXtO5c3cyDsxcM2QIDAQABAoIBAQCLOG+OLh9kEAFw - qy2++38BOPOCTgWLCIfFybXnEZNItyGXKyk3vnNaNGB3zld4h1eQojQc4ixU9zDy - bWL+L/BSxm793XqKCrHutUqM9WfXo1nafDQszHNNfBa/TPqXzx3cheso+hl21HdK - y0IqvrGNE3k3M582yK1zZEEhfGAtj0tjsKoEmOJsP+nc3Qc+acOPRg99oVAFfcYn - hwKf3fxpxmhCEDcYCSTlisCcNHilRbOuvOmfzGrWoMgHjIN9swz5YmEtIFV6j4Mv - Nl4r2X955YVUc9WgGqT4lVktvNzy40nsWDGfAKLeX5g+ZBIMAS1XVg3b1Y4DLTTr - V8n+BXNlAoGBANC1/RjUpGudWI9THiskKGl68xTXHimcGas6esR5bB5zXBDlONJv - meRx/m8Fi47SqoVuG/aFXiUfxKmdUPhr5ZG61nXQx0r9x0zzK9fxSAgbQLa0TQDm - Qgt5nabr6YDdf1Z7CBkyXJOFv07xmVrcw/Mm67qixm0a0GryJXz1M45/AoGBAPvN - qY4lQf3Tcz7jDjQdhG9R/VRjoOnlMwwLV9suASPXcgkRpRJ3iy+fBdQFfNYhUPcq - /ZA8mKIQfvdIeULP4v333soofPu/o9Q1jXcnQR7mWRyVh8KgxI/jMwcvjLBGZ+aa - wE+KDXL4vOQeNY9dsAH9nJ2clVhay/yG8pJVruinAoGATbIB91Vpo/oeNrS9fVfn - h2TSywZN3zWSRLDvdOayvh85vbxnS8dp5aYeDpxk2JVKD4Pu+vWpF27dGjtLIj+g - ZYDFR3SiTCNvJxE7WBclNodWru0t4VDWc0khzDr0YRmTxtDkMeUSm4RltHCyIyYd - +A2cIY1pCsK5paZhGER7necCgYALevj8Dh7QH8/lUhzXq3DaUnamXlR71YNaTToY - OCS9KZl9aFyKVwD1jt6JKCbk7GfwnPkqllivKulfBOLidO/4fFCgDvCD2dzyU+67 - PALwEbiGYRrreMD9fnJZJYXYk50xGmUiOz0ZvNV/4RC4FKFttc5qMTVt7dXXEaAF - o/pxiQKBgDH+mUxrVCSF9U6Pe/nByClOf+mx7xQ05SaNh6o+NTIcsWh75qW0bU9Z - JRKoJH4veusTQn6y1BcVqC8flCEwSFnJOQbiGYdBiEZ3HzBc3twjMiRcoMzR0z+w - VFOORt0tImxhu8gTBcybBt5IVPsKzQ3aEnh2cxMEq4jl34YJEM+t - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubernetes-etcd - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateAuthorityKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEpAIBAAKCAQEA61kocwMv8flDSpgD7TsdGm37gCxdGsvkNqIanSqerx+Kxf+b - A4MMnFZpwKytecVm9yP7ZusHOLyhAekTDgG55izxFiVPe08w5AF8eX2br1kbrXnS - vRaysjYyI8uuwxIMAit5o4tzWm2YYxarITL9SkB+C2IyrzXR66Et+sco9FfFh+d0 - w3zY0CcBPZU+qcUiPmvmek8byAv8As3YOBwGSILdP4WJnECre2GbYUoUmLNga0I3 - q3iCuaFfy5l0GcWMuE/23m6ZkWw9ykTOmIX2AizXB3dRwOFz+bMmWaRVrHzKu++6 - GQ+tu5C6A2IJuQ3YtL2IBqkZg/yU2DWhHmTg3wIDAQABAoIBAENhHEaJVBG35n8V - tJIXyYZGlKmmieVhGG5XzLzQdev3YNi9DFleDJ850j8acPQbAxagk5pskX2563LL - kuwArINsvH01o2LPUlUE4+k4f/kczuLErQP72p9RCtvatacdpJh+b+3Vv+nU1LsR - w17W5VN70Vpa+93Tz8zhMXPJzzzc04wKRvuEHlGBqDg4gcjFXZ6fcmO9LGvo6VzM - NHObQP2AY0JrVwmwUm53oFHhKrxqolNoDnrPGq3LlHbolSOVcEfKb9TabCtnCDvT - cbSzAvbmV2dKanz2SDBdF2A9T7nAPaBHbq5EW44yUHY0AA4kj45hn4347AZwc/zX - GU8QwDECgYEA7SxDcOdCtFL3r8aXm0R0rcyn4EnUtAMZu95ZkqSVIiY18OR0vOPL - KWP5y9DPTpvVEENZGbznqsCXBopv6eO0fLYgF8BJoT95cSIjdLKszg0Jdh/IU1Hp - FdJq2bzAuo8GkxCAco2AGmINy3yMGKp6cQRNf4mPMR6lGQYfDZNEgPcCgYEA/gfQ - q9G00R3NBJHRgBFnBDlD+evGB/l7+1OggHc/R6tclvYbPqICixJsubouqNKmMwoQ - 9WXVI2JFp6++xqM8rxDRLLFfOqG4rnb9S/qothZGZfHSzGVvrnBXbxKgV5O6MyH/ - yEP8C/sxcQl0sr5Qau/vC3txnFOLKSz7hLzUjVkCgYBoljBXRWPg6QVYeha43YMm - cS1GdshZaVSbx/1v8Svilz8KL3RbJ4ibg/7PphEE9SsLtOdBtk/iuHLg64NWfJdG - t3mHf7/4X2lKPmesOm6BnrYhZPqN430JpnR/+AB1RET97TT3TvbCq6KxrQaKigLc - e61BJIQEgSME2fIvplV7GQKBgQCK3tTZiRuzEfqJG/oOa/UIHxIlJxosM9vuSgo9 - EHN8h5ZnRIUiWUjQpDLh2YE2c2m+Dyu0K4Y4ALoZcH73cjdzcNsY9qIbmFswrQXN - qmremBDGHEvjxzQlhW6W3vTey3iICXceEORR3HFr3QJ50IZ/30ir20EBd75ktR2O - s/fyiQKBgQCK1426+bt0A9wbb5+9P4EBt2qV5nb0pS7oJ0hVXmj6GjM/dKS+y4Rl - t9siJHwX+/0f3PI8/90ujWMw43a+ktN+Py/j9UYIMEOtVnchXsroUn0XGb6gRNXM - E1lUZAmGr33hbuV6AMgi+ycK3P53AVT8OKbo61BTdo8uS9dHL5uEtg== - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubernetes-etcd-peer - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateAuthorityKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEpAIBAAKCAQEAn741XU9YK+5bOlIcAGUPVp0/fRFRJuCpoLfwR4ziuGFkuYnj - wFujsS656mieG41wIoM5Zc8kSHrtJzD1CHhIui9HPvZ+70o/mo/GNEg5hKHhX4Wq - IT6IbP+1K+UieXKSYJvsfXlw5cxlwTWEfQIgLvwZGZkBkJQldbvrFLtzeWbSMZb9 - 6ATghnWvb0smjopkUzebcdMqUdX1dKW4+OFYZT9q2mL5NC8Nf8e/rKux46S/RddP - mf5n97nGa0TCdvMMekzLcTBIOjFgdCuUR9Ey/3D5ewWnit8ntmh+CsmTrdK3MOs7 - EoFZcgPjhSTppXpOtaQiCTcTdBwpmf8+WHSL+QIDAQABAoIBADnKuMe/Uujh3QNm - fVbvOPNfBH8c6r0j/np00WsxXzzRj31Ik6sd/ES34O8bVkgljXIPA47/t+K5Bl9t - aNjdm4IwZJg02Yt80zH53f1AO/7uCfljBD/uvbChekwdI7HIb4igIJjsfJnGrvGN - iRco07fr4LDQGC7UShEkIVJo1sgOhom9oovsA3X5JM5w3FHRrPRr5YFf3HwWoIXO - QVNXSMEpsZK1Hd2KvuOIyU30T0w9iOU2pI60GFcU1B5caChuEqG6xTNkh82gkTzA - 2fTofrWd9zflzjwR3e8NBcAt0XkeZFifApmIbjSIwrbhF1QtWLgOxYYHaNsGvK7f - 8WT1gZkCgYEAw6Bf6EB9RwkfULlX2WoSJsKpkShdjEeKq0P/y+p/VBIzU7ckEmf8 - uIMgPv5JnvEHdSS5w9JZQx4UT8roefC1MNn7ORhpCLQHI9CnI1rCiKtQO+TjQ3IE - rFjDfcVdY1ek3TQN6l9mHBRCvGVGZlfz0qIZLtdv6XCoU8r2yJ6Bza8CgYEA0QrV - CySN7vAw1KnA08wFBtgARk4m+PllN8l75C9v5qYooUsfdEEqiCQGLzg5NEMAOOOZ - LPdtGHbGcktyN6v8ZOy5wQKevvjDAce1WC57p92cfP/e0jUkDbNBZlANOJNV5J9u - 3nXKBsl/3CGp4qvG6YtJ2Qj/eO+RjVIrEpPNktcCgYBTH2cBIb3ZnDexLj/0wsxZ - qecxJayyOYfjg+5B8C8QQveKP8xVAdhxck4WVihkH9hiXyuL2GpTSYmp6fbkMXJc - ApNrzEJ9DznlbvhF3n/AYMKj4Hrsopr3vHO8kks/NfN4hnDPQJ/7mGRO9t12CTMy - Mexvad1EnLj5eclor2lKQwKBgQC4QIj5klW8Jl+UAq/gvvIrTxYm4dm+F+ycWG5n - +Vvze79SM6ncyVeYuc/trOvW4bt/aTTpColRR9ewhEl/Qotr1bAArLOJdjBEEGgJ - +qaplk7JaqpWs9o8bSSW7rZIiKzrn4+Ua1QP2WlmeRGJpojj7w6/SwwK53Zujt9C - N5657wKBgQCcBYxHytlfr1q6+RUd79+Tl4yKfZ1dWsRlNIaI0SvKFnh8nowBpSsY - JnlXP9TdAN8E8xUalFHIJGVPkXxdqeteD73Xz+u3iTSCXZbe+JOI1YaQtlYFwCtf - SFO7zpmhfWmwBSwyl5BKJgXYEuuwlj1ObjOdoanQ2FvN8ra4Ya2AGg== - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: calico-etcd - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateAuthorityKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEpQIBAAKCAQEA6DE9dTDFpz4EPZToy88edaNgVuTbicg/gTbs8wJk+tO0OqKO - cEPKMgx3jh9IdYXi+9f4qnKAM2pRxSjSwHpPaXI1uUbnaS7kbRS0QusynnZ+5/TI - OB+CvHGoWrSvK0q2Dq89FBd6f17qMVzdbkAsCF9/mjk9IZatxDjaPfi6klYdEYUp - 90HNQWhrDAwPAE7NI4gllPFeS5MPCFG9cAQnuIsH4tV0Z/HlfI01vHcJ0QfMh/P+ - aFbA+3czk42lEIOsNJ55+0jxT4RTqcG1+FnfX49ZqvbmOhiBQiTY/1KZxUVbQzvv - ICScVlfN0hoXL7iaFx+S6D5hUuO06zKAWxrzOwIDAQABAoIBAQDl2bipBfrjr/Sq - sXoyJ3pTocOAwVTCdETJOQIfHcOwuVm0oa63W6QRH15KhpVIIZ2tCQLUWDyoqRsB - PYRDndB25eRg4Nu7t/vQL6qyg/m7/DlsjViWljrpKOorwKmXBYJrzvV7qjJNXDwh - WXip50SvlTnQBdGKKoshr9X7evnWWR2Ll6ZPFl9xtr98FcYJDesM5MZiLF/9WXOj - SGnUI0Xtl8hUi/unN5mTjH69Ed9Rk+FeCe55SFQm0p6e4Ql3v8aRb+P7rJqQ4tP6 - v1yaw8E2uJqTh24lRuN8vX5WxfcuUHi1d8COc+xTEn/rviJm/kkjqMFJq6N3L7QR - +lclqV7BAoGBAOlcm0/HrFwNtK2pwQj80NZPr0tpvE4CNOmqhwWKMy6AVin5E35O - OVOuSAanSBp1YeotS/28OY19mPAOO9IOJLhJRTtO9i7w9w860Oca1OXNjLBgbDEV - FvFVHQlqIAbLxCqaClMUTEbUae4ErDu/DS80Is56GomYZIf87vXvZuSjAoGBAP63 - l5Ah7Y3VboGxkidGaoyrWJxEq/SkX1NrysLln19Gc+J1JQE/QheP9nngclzOXnM+ - R4t6wynuEMA9XKaTBqXxGZ00eS8xoAv71LMLq5kq/0M7SV8GRUnEhmbe+Hc1pJTh - oql8Sb8fOJFhAEK93cCF0q78bcElc8A4UAmDXIiJAoGAMaXRKTUK9362/OeLuRTI - fX/whHPXayVPCpOMLGKNpwwIyN9EBXAxBBulGT1HutFUZpUCgNYlzHN3MUNl+Len - mkmEYCzZdX0wot3ZigGMX+POVcv92Kdq/ScliVY5wBhkAMhLAAfmfn88ljYKSp/H - 9035RcJ2mOWCJehrEom/c08CgYEA8ds5Wm4cthP2fccx04EVIsR/usGp1P1OVlN/ - j1eg4EJxPpGktW5vPxg/HLJ1ZJG/NQXpwRKrxWB7H04kbzYjleU8QPzWJG2mXjqc - V/W41hLxldDxdfzqRYUJaRxGKEsTHxqv7OZKz+LBP6kvKjBGIsvupKCjRkZdhiLy - PFYywqECgYEAig+NFXDFLdRIPJVbxpMZSD3r+tCKdm/uvD8SzrZ2ItAs/E0MW57A - gmw/ZXED3MvRe4k1bJgH9zzWfyULxvgT6crELy/81R6Qkyb2YpTwmj/ER5i6eIQz - MuHcMVlYN7kQPbadwlp0gL0aRMMXo8fWByNJCGeXoy8s5cNCuCTFxGc= - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: calico-etcd-peer - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateAuthorityKey/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIID8jCCAtqgAwIBAgIUfwk40PP1/FbvZzRxj+dZhylRiK8wDQYJKoZIhvcNAQEL - BQAwKjETMBEGA1UEChMKS3ViZXJuZXRlczETMBEGA1UEAxMKa3ViZXJuZXRlczAe - Fw0xODA4MjAyMzQzMDBaFw0xOTA4MjAyMzQzMDBaMBQxEjAQBgNVBAMTCWFwaXNl - cnZlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAO9015DYOAP5x59E - 7JlLFpr6RNI8VGRXPkTAoqOYedulYW+ELpDukyKlWePcHzxLr/BlXWbSVflpGlJo - BQ9hvMImRiiFrNAmhG0qfbvMnJltltbXSTQ2yq2uLMqsgAFqaYVsWc+BqVYD7Duv - ATXh29Tm1fWssMKtLT2yjty8oZb95DQf3N5tL0k0qqQM6J7yuptu7f8FB+2iU7mW - nhkROejD7ERSvWuH7Z2ancorFHUkCWuPVc/y/LRtkh6ldrIXnBJxnXavtRq+saC3 - tK+KgHQCPGp0Td8zwyQmY31dJ5tsZc47YT4nUuU1OQiN0O2re19dipRSMHa9VfM6 - eF85Ey0CAwEAAaOCASQwggEgMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr - BgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUZwOKEvOK - o8cjGvfoVXcLc27vOsgwHwYDVR0jBBgwFoAUyAJr4ZQmn1/nyyexWP6eWY2ImwAw - gaAGA1UdEQSBmDCBlYIJbG9jYWxob3N0ggprdWJlcm5ldGVzghJrdWJlcm5ldGVz - LmRlZmF1bHSCFmt1YmVybmV0ZXMuZGVmYXVsdC5zdmOCHmt1YmVybmV0ZXMuZGVm - YXVsdC5zdmMuY2x1c3RlcoIka3ViZXJuZXRlcy5kZWZhdWx0LnN2Yy5jbHVzdGVy - LmxvY2FshwR/AAABhwQKYAABMA0GCSqGSIb3DQEBCwUAA4IBAQCYMZq6FBGdkN9b - aSY+SgVRt1dKkFE1dvpt76vhGV8PjOsQYssOZy20U7Ce+NxSjtEACDehIt05J3ci - DWSsjSoUFr+FDnGnxQfeR4TTqRn5b3HuW9R+c093i8TbZQ9iU5XQ4YiCUB0zFTt8 - f6AqjrbW4Lq7+Hnb6OTCMPljwcI4pFpKoPZlkSKaka8w/LikelyqMfv+yx/u9jh4 - xPaDXpXu63tdgK54Alkh+n1Qr14Q3HdNkuz7hvfh7hLq7v67fkfh9TIKl4WX93yR - nVSQ8Eoez9bzqRFivswR9g3Q5zJItj6drWv9HOFsJgwQ3YZW5FaVpy7HXFg2dYIE - hZ31xtrZ - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: apiserver - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIIDmjCCAoKgAwIBAgIUFZ7/WwHQcySdJEd8ehvTfdP+WPowDQYJKoZIhvcNAQEL - BQAwKjETMBEGA1UEChMKS3ViZXJuZXRlczETMBEGA1UEAxMKa3ViZXJuZXRlczAe - Fw0xODA4MjAyMzQzMDBaFw0xOTA4MjAyMzQzMDBaMDsxFTATBgNVBAoTDHN5c3Rl - bTpub2RlczEiMCAGA1UEAxMZc3lzdGVtOm5vZGU6Y2FiMjMtcjcyMC0xMTCCASIw - DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALr0FloDalergjH5+Un5HRquPDZQ - d+QHiilZx4/hs9cXqB9FtmnMAx7yFe0JweEZL0aen7M+oren/z4XJz/Hs117sk/m - xQglJunuApXVZzDtCbR2jo/o+9KrRjw7G53MnjavT2Lif5C/W9sQLqHt8bN/ynEW - SkRkLiN/muy/kmWg6ztsdWt5ApDgI0BF7ysksMzlAB7Uoml4flseAIXFvzY7ZkH6 - vES7wlQJ3yhugzolNtinUWUNTT+Td2sOIn+2PyVLf3pI3HjOrzr4/+B0yYSJymEC - 87dTftCgTsAFhqYi4jAYPhgANYRl0U3bnq5LNLhgnKtVT92ssYQDR2VXRikCAwEA - AaOBpjCBozAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG - AQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEJ+3HcIaiiQ3QP8p2qF9I7P - 0iDJMB8GA1UdIwQYMBaAFMgCa+GUJp9f58snsVj+nlmNiJsAMCQGA1UdEQQdMBuC - DWNhYjIzLXI3MjAtMTGHBAoXFQuHBAoXFgswDQYJKoZIhvcNAQELBQADggEBAIoM - 4ZGwKerGsnxHk8WUShVpxpjppkU1HQC7QFHT4LNUO3BleHwpa3MyUSNzKW6oVbHw - bdZKxCXJZh+FAdjFOFcvXovz4TyLC42ByL2wJcwueHQbsMD2txN3SZYyJmU8lZrS - TG6PlltSYLBeuduLCGMEsRda3+uTCfuu9e4XSRbKAJNAugtAfCGuMKpLDlRfexhC - 5SZu7Ml4JXLaXaGkIpw6pTKxuGFpOZsPPiQ4kMdP+DusVHqEoaFHVdRC2JCzKUAc - 2CYijoKO+C+zhihgY+nIfM/SwjEZG3uWJa5Jk3R19i/H/MAS0kn6mLd1Pv6dw1Ex - +dVrrs9WHz75bkI2WjM= - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubelet-genesis - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIIDmjCCAoKgAwIBAgIUdsY8tmOFFCStV+vOwBOoAsJ+7+kwDQYJKoZIhvcNAQEL - BQAwKjETMBEGA1UEChMKS3ViZXJuZXRlczETMBEGA1UEAxMKa3ViZXJuZXRlczAe - Fw0xODA4MjAyMzQzMDBaFw0xOTA4MjAyMzQzMDBaMDsxFTATBgNVBAoTDHN5c3Rl - bTpub2RlczEiMCAGA1UEAxMZc3lzdGVtOm5vZGU6Y2FiMjMtcjcyMC0xMTCCASIw - DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALvXVz/pOngH1/8I+xMzlAgj65jH - 1v7dXW+TJx7R7vMA26llcSOouB91dUuBN4NT9OZYpIo5IbJFzcjybt7Lw8iao+39 - l8rf55lViWn1KD7OOuIKxCo4QqNYWK0/b1YgD6RLzcoWDKiIt7pQYwpXxVg/gP61 - Bnig25xF0Cdnpr8IAmLYmA/UC2JvRhY+Gh3600PLFx9/xZIdAass3R/WFFbz7sLZ - /Ejbeztg2tGp0dDvSC96pO/PVxCiYtPSH/tfWy5dsD+nflF+8uC3dGHeLpAXO9mX - cEcqYHEGUnfJ3TisQi1sopUfrUyUk6a/k9s7zwGzI2ar763QpPMTVIQBBTkCAwEA - AaOBpjCBozAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG - AQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEvlGIv1fujC6LjHFIfTkqpO - FoBGMB8GA1UdIwQYMBaAFMgCa+GUJp9f58snsVj+nlmNiJsAMCQGA1UdEQQdMBuC - DWNhYjIzLXI3MjAtMTGHBAoXFQuHBAoXFgswDQYJKoZIhvcNAQELBQADggEBAKL1 - +Y6gYXkV+OOsM9dFzHUCbkMnukgYSE/4JNshy5MJP5OCafnsYmL6VQLYYuPvWVAE - sEpEa924lA8lUyPvvizFtB3nMlQDFFTn8VweWoGHS51mW9SKWcYdZI/yjRTSqI2P - SoYha49dVt9gNhRNT7FwRAZx7qJF2hF5ASEWuKOIbDPzx3UmJb0pt272cOBl2L5Q - LgeyDgLRYwK0kQkubib8ETBGXlAa+SdfIuMF1/jvycLQCNZrYYA27+HNJzZrXXw1 - xEgDk6lGbDyTccJbQw6NGWPwmFXNOEDeifuOo86ddfpX62ZRpZE4ePrb/0bYXpQK - QijkMKvqKTOlnfNKDfc= - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubelet-cab23-r720-11 - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIIDmjCCAoKgAwIBAgIUIP7kBTiKW97uLaPUu/8zaNAHYu4wDQYJKoZIhvcNAQEL - BQAwKjETMBEGA1UEChMKS3ViZXJuZXRlczETMBEGA1UEAxMKa3ViZXJuZXRlczAe - Fw0xODA4MjAyMzQzMDBaFw0xOTA4MjAyMzQzMDBaMDsxFTATBgNVBAoTDHN5c3Rl - bTpub2RlczEiMCAGA1UEAxMZc3lzdGVtOm5vZGU6Y2FiMjMtcjcyMC0xMjCCASIw - DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMxcerRH3esJvCCSYaL+1PLtm5BL - 832F9RnAgP6ja2KflqiKAQkGbsr1WxnGAeDq2FxY6yvAczYmL1UIJ+VJ0uQtOIUp - Grdv3IJwx5Ne4hZcoD2C21NnFUdbJ+T0FQ/ssipTnZVIFHKr/4Q0VSDrTJxcWQ7N - Le/J45H+CNgQH4eRb2focNX7oga0y+PaAJEbZn/AdTXmU9K/u5XNLrFunEZyx1VH - ZOOlMah1maivb87MXG6DcBFpzSlZfG99hwMGkdN61hVsQEcGE0/5LTOVcnjTBn1n - z+0L+YMubU4RsLKMlxQCCSWZaSfyCtUnZFwCWtdynlTscpcjVp09D9sZAgMCAwEA - AaOBpjCBozAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG - AQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEzYsQviPaRIWTbKASzIutJf - zJ6PMB8GA1UdIwQYMBaAFMgCa+GUJp9f58snsVj+nlmNiJsAMCQGA1UdEQQdMBuC - DWNhYjIzLXI3MjAtMTKHBAoXFQyHBAoXFgwwDQYJKoZIhvcNAQELBQADggEBAEER - bomhscyxCjajsGMz8p1MWY9WSbk3VwQkPrmi67fClInxw/zE7Cq/QYkR/NF2ZvPs - /I/v8Vg4eyGSp6lmUEU+9PSSGPFt+Qeo9AUfej8BbN7ZOgDcVAEebhPLBMvZjVZp - z+v5liaJSHfo0zZmnpbd8H8dKo398rJXVhWJXtDNnT7KdEZczFOmldzKpI58AkdS - 79o5ZV8xy/XFtPgI37S/nXDlKgzjr3FMckPTDVMeJunkZztLmVYkOaFhaUGUQzT7 - ofO43ZLI/3bqBRi6XdwvkLCAX3M+AL4UR30JOGZ76QZ4ql1bOXZs9z9jrjwYy6qO - g4yoDBEEyyW9r5Eueog= - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubelet-cab23-r720-12 - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIIDmjCCAoKgAwIBAgIUFsP3NTLE5OCYkctH2VhqJs4jY7gwDQYJKoZIhvcNAQEL - BQAwKjETMBEGA1UEChMKS3ViZXJuZXRlczETMBEGA1UEAxMKa3ViZXJuZXRlczAe - Fw0xODA4MjAyMzQzMDBaFw0xOTA4MjAyMzQzMDBaMDsxFTATBgNVBAoTDHN5c3Rl - bTpub2RlczEiMCAGA1UEAxMZc3lzdGVtOm5vZGU6Y2FiMjMtcjcyMC0xMzCCASIw - DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMSxbh25O48HCH4uUuTk4opcCR3i - lrgBhnL9qOBioQPbStuvfGV5x0fzm06csazl+6rhl7X7DRd9Z2Cj/be3MrczoE7B - Cmzh+1fn1ekIa/qhgxavn3KeNhzWKRpYupxPt25AmGJe8qlcejUOy5VZSr2gCtGH - 0PxDDC0UfPcgncQMU2FJ4rEUiZbcB6QaT/BGdy/8DlUgK5uYkrSqesiUjAgrrgZL - K+o4xq/Ep7+/RHYPrvqfRQ9Qd8AgqK3MfiLP7dyGzNe3f5yY6sP4Yo/RW7OteKC1 - S1jUsL75+2rZHuEGwPzBPmD9pYg+aZnZvnAsYCMzzp4i47T+XAMl9w9+ak8CAwEA - AaOBpjCBozAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG - AQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFCI6VoPpiAEtTnH4DY5Lo/pf - UYA3MB8GA1UdIwQYMBaAFMgCa+GUJp9f58snsVj+nlmNiJsAMCQGA1UdEQQdMBuC - DWNhYjIzLXI3MjAtMTOHBAoXFQ2HBAoXFg0wDQYJKoZIhvcNAQELBQADggEBAHqH - hEQfU+hFhwiKzPvicOPyy6sZ54/vh6sx6K9ADWL7qtUYadNq42EYXXcJb8LQ+NzM - R9jZa24GG+8HJL18EWjmw8JsKZU0GEvAR4v7BgWpNXa7jKzJtnO/xbApOaxfCEfP - aOWjBLF9dRRFUzHikA6DbdIw1Lp6Q9GTzhg9oT1YLbcRMPGjn2Z0a+6HPXlANm3n - DbIwuM8eX2OjmphiuhwIia6X1FXx2+1NrSVKS6WBfwuH4kvjeEPJQRZ3yZcBHFSf - m814PsHJp+MLZdQI5UKVHt+d970IhQ6xU7xSY5j8z/dp7m11kpJ2+X/SlGiaw3rq - 1IDSL9AZgtvpDsmvRCs= - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubelet-cab23-r720-13 - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIIDmjCCAoKgAwIBAgIUd1pAgV6L5TswxZvwWMXaxcWJapIwDQYJKoZIhvcNAQEL - BQAwKjETMBEGA1UEChMKS3ViZXJuZXRlczETMBEGA1UEAxMKa3ViZXJuZXRlczAe - Fw0xODA4MjAyMzQzMDBaFw0xOTA4MjAyMzQzMDBaMDsxFTATBgNVBAoTDHN5c3Rl - bTpub2RlczEiMCAGA1UEAxMZc3lzdGVtOm5vZGU6Y2FiMjMtcjcyMC0xNDCCASIw - DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL1OzyYw+R9jGON6nqWfTsQ2P9iJ - Q1E3mikABRGSntBs+jStND9oQ/KmaIWrMCll/O+iEqsXIxO1/b3nDFsJbHR6tg/g - CRMSwy8ioEGPr5QvxlXZ3aBw2BWY9rLz5hk3n9shcYURL7LOvr9cCxDCZkO5W1/X - Fp4Am3tSMVkClz0TzhM9IX/FaJLDkhrdaBSsN1DdCfM3igeOdbQD5wIxpzNj6vIF - lueB60R/bZiWZ62IFooSmPqBtZwGw6d21F73WnIEJn9p9rEN1HF8mtqC16izcp0i - V66D2zRcXcNzPsp1B7hp17rSrc/hbulcX32+FgeJAnHHpNyDbhCDWQXVencCAwEA - AaOBpjCBozAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG - AQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFKH3+wBwfmqScP3eufksWwzJ - 2gOEMB8GA1UdIwQYMBaAFMgCa+GUJp9f58snsVj+nlmNiJsAMCQGA1UdEQQdMBuC - DWNhYjIzLXI3MjAtMTSHBAoXFQ6HBAoXFg4wDQYJKoZIhvcNAQELBQADggEBAAim - WgtLTvmWw8ZS7pmMSVL3qg35mOvOphA2dtvtA1vbPVhsnVpGGWWFeMG4SGffLks5 - AnyeHogAyKEVgaCvsxJWEw8G4iqCwWGYicb0cgc960mK65ZML4mWcx97XEpKfmdF - 242YAl3ZvVKUCuvJAXg7AbBBEQ27feH9UVjNKHdcuriTRiVmp/2z7IXVuB4idXb9 - iRlzSszLXltQw3WXJ3CENLiLhCCydMs65IfjwdGrAwAfuF4w/IFKtCanBSCIYKDn - W4NKWasso9wcyL4Y/gjwdLMDu29KgqgBETb+pGHAXe5L13niqjYUA7+GU2nWFxbd - nTuWAQKSi1NkrbMGPbM= - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubelet-cab23-r720-14 - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIIDmjCCAoKgAwIBAgIUBEdIVfkE+kwG9DV49f5QcIiJtw4wDQYJKoZIhvcNAQEL - BQAwKjETMBEGA1UEChMKS3ViZXJuZXRlczETMBEGA1UEAxMKa3ViZXJuZXRlczAe - Fw0xODA4MjAyMzQzMDBaFw0xOTA4MjAyMzQzMDBaMDsxFTATBgNVBAoTDHN5c3Rl - bTpub2RlczEiMCAGA1UEAxMZc3lzdGVtOm5vZGU6Y2FiMjMtcjcyMC0xNzCCASIw - DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANhCzxVRvXOim5tZj3b3Wjvwovok - +TGB0Zl9m/ldBc2BGdf3yEW4Vblb625UYuVsATySILS2qyCruGMnO51O3boce6Qd - 7oHn+CaxymDp79lFFioiMcJG2bz9L69RooXRWguxT/O4TEM/M581EiVDOGhHSiU7 - KHEp1w6Q5CENEM0VqSK9HGIbECRWuYMCs+xjx+TFKvgYtKQDG8fWtUve68xTIEHr - o8Tgz920ktJN7BoXbEyl823Uh8EiQG00Ab4YGgVVF7mqXyx+44L6Sh78QL85+PKs - aY7VllotXsVt7sffYqCX+xZKi+01AvnYFgoXwSGzkU1lrIOZA+fLlLTpOqUCAwEA - AaOBpjCBozAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG - AQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFCqifQdgZKoWVj/b+HEuZlwE - vdVOMB8GA1UdIwQYMBaAFMgCa+GUJp9f58snsVj+nlmNiJsAMCQGA1UdEQQdMBuC - DWNhYjIzLXI3MjAtMTeHBAoXFRGHBAoXFhEwDQYJKoZIhvcNAQELBQADggEBAG/c - +Mp66DkprxKe5VSZN0hNzEskIGUvR+QtL6nCxsbJAApnuLYZ8qvNdkRGktwhJipJ - nShpoo3ZlTV60mgsXNZl+xbDh9CLEeFINV7iBWoVVVfkfmJufV/cEXcp6qa4tSc7 - 5+X0cW8o7qoN2/5MOxa8ZJEQXe/BiZE+5OeS29AdMDNH5n39Fh6NYge6nhqkRn9K - 3ygEBL5bvJuu3JwNe3ACKCehGAac9ViR1h/1ig8PHXu6MblwcD/V4Ms3FUR+2BEh - HBK6+Gdli8ji7IVPGMpRWtZlNSJwQbODW5WuoRgRYPZT0j8ZZB8ZGav4dK4eXrHz - zr1W0czzU7eCi2O0qCU= - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubelet-cab23-r720-17 - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIIDmjCCAoKgAwIBAgIUWgYgSrjoLvT5fHPZ+dTxg4sf0w4wDQYJKoZIhvcNAQEL - BQAwKjETMBEGA1UEChMKS3ViZXJuZXRlczETMBEGA1UEAxMKa3ViZXJuZXRlczAe - Fw0xODA4MjAyMzQzMDBaFw0xOTA4MjAyMzQzMDBaMDsxFTATBgNVBAoTDHN5c3Rl - bTpub2RlczEiMCAGA1UEAxMZc3lzdGVtOm5vZGU6Y2FiMjMtcjcyMC0xOTCCASIw - DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL3iTmhEz7PBOGSz7y37P6nQ5PGk - kR1amOHsGH9p1jqNdw8I3F/SOLtMQvbEoUcYCbAwZozUz5Dsozw6KH9cc/9cU+XK - vMJEiTYX1SK98AVqiHysExm99PZVteQfc6HK95CdFZC+dI1QiVNEkM9yFf4eK6KO - 35CHiIPnQMjzKG2mBGCH/sWx4yB2Hpgo/CCldQcLbW/LMKlYNUJDTsncCWkNKwXP - rex9bGQpuJPdst9TSDttHjanVenlCUGyY6Fyc75EG9juXDnSR+68mrNKY2gWATCK - mFFspdZ2ZsJkLanuUyC6VU4F7P+rv8yeNQ2vcnhC2LXdJ6OvoCisC7Hund0CAwEA - AaOBpjCBozAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG - AQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFN4M0o46D5uO2HAhhK14vfLl - HxhzMB8GA1UdIwQYMBaAFMgCa+GUJp9f58snsVj+nlmNiJsAMCQGA1UdEQQdMBuC - DWNhYjIzLXI3MjAtMTmHBAoXFROHBAoXFhMwDQYJKoZIhvcNAQELBQADggEBAD8g - CeBXeIAkzrL7G94Ku/F7Sk/KqIjvj2dZFgFgu5nyULEHs4TaIMvsFikjxCnF+fP2 - cBTv1zpwqH6m1XOPP63HHd0PAf4q/sM8++pUi65rm+1hoy1yJi71MWrDyuDh3gX9 - kpumTc6p/Woq1sNRXkCFYnQ+jwO3HJVxLgOv+6xCPNXPCLwj8a/NzLYAzDe1Uhk5 - ETKiwWXXCPNS4GbUFzly51NLSbyhBs0sSA76baZraUqx+rQECAFhaIQEnBVa7J01 - 5dq+BBPKwM+G49RjjzVcTskT51veohs+LIViJBxVWhlBCwmktdy1cqKdLixZm1Z9 - 84nzOVurqWynOCj0k3o= - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubelet-cab23-r720-19 - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIIDVzCCAj+gAwIBAgIUXoAfBUxOtzyo04uE62Bt2EhPoIkwDQYJKoZIhvcNAQEL - BQAwKjETMBEGA1UEChMKS3ViZXJuZXRlczETMBEGA1UEAxMKa3ViZXJuZXRlczAe - Fw0xODA4MjAyMzQzMDBaFw0xOTA4MjAyMzQzMDBaMCAxHjAcBgNVBAMTFXN5c3Rl - bTprdWJlLXNjaGVkdWxlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB - AK3QN4VTC2MEPJA0UWTDXQpLntn9NNeTZ5jzqk0muZv+TXHh6UxKI68zeDMcJboH - 64yklJreTaJFD9H2PXxQMCPOjFnfsU9XYNQ7oBAzkUu0/w5hR0BmeWYTSyfl8/4Q - EHfMaFHtZggumeBGIwd+4vjr9BJNvDzpPIQB+rAxFncD+qKfIg2cIRKoK3TIpD0n - hIpMZ2ebUHT5z09e5mAMmCKi2GMg2+7RZaJBnPwXwx1/onwy9vraZ7AyDZOADnVp - MlNVBuWYfGfZvK1aPQtzvEebyOU//Ja9WDBuk3xQrZzkJTnmnMLAOfKzG5j9IWUm - VvGdwNfOIOJweglZsF41R5kCAwEAAaN/MH0wDgYDVR0PAQH/BAQDAgWgMB0GA1Ud - JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW - BBR6Md4CKivCxn2GgQrqGgR/+czf9TAfBgNVHSMEGDAWgBTIAmvhlCafX+fLJ7FY - /p5ZjYibADANBgkqhkiG9w0BAQsFAAOCAQEAngDswIvSyZZ/0CLD284PjyZZMtMK - 5xsu+f+wEmKX3EFm6gMvLmbS3g9FFmf6b4DQDR8hJMMxXDXqhUrJurxF6BtswK1f - jTdkytbM1RxLkN+J7ZAGP4xAncJ9ENXIY97EmCQJWCkx6r85+7ZF1YsU4NOT/dDl - tgRk2X9DpLmOfGq3EfN+dcJn9/oKtxBMAmXS33pD1GgjuzZehYO/q5nl2FT9kkqY - nb/BG7ueU7f0DtD9qLb8gpLgXGLzkLeGpgkCwsUmy+jmPLy376fp31gRnBEzh/zR - n93uwNhH/oxLcF10smkashsLcPM/z/x8UX/KlYN6WKGyf8jcojiuWE1fTA== - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: scheduler - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIIDYDCCAkigAwIBAgIUM3+VbMiVd3EwPVMieGvkIIOWEAswDQYJKoZIhvcNAQEL - BQAwKjETMBEGA1UEChMKS3ViZXJuZXRlczETMBEGA1UEAxMKa3ViZXJuZXRlczAe - Fw0xODA4MjAyMzQzMDBaFw0xOTA4MjAyMzQzMDBaMCkxJzAlBgNVBAMTHnN5c3Rl - bTprdWJlLWNvbnRyb2xsZXItbWFuYWdlcjCCASIwDQYJKoZIhvcNAQEBBQADggEP - ADCCAQoCggEBAMJeOwz2VbBT+9BOeVal5z/El8yDcGKQObW3po95dTi2+MfjJBe5 - ZS2NvVSHEcLRjEpoi1Oc/EvXlHE8XueHhB0XpGEObNorkx1oQL1dMxXmK4GhRMZ5 - PXfR0pObBwEMO3rkMbZDvuRgsyRHIIAfYaUzurwwcrbKhUrmBmOErbHJ1LivwHbp - nVZrcEJHGaqQnq/S6gq0H/3rg4+dUweEN2RQoO8DfjPFbjVlKudBTJaA6lb5qdo7 - VhKiJdj2ymJrWTIPnqZik7prCjxCzFDGrwi0QL20XQtz56766NWssymFBN4/8k2V - xIzHGqzbUHT70Qcc7eKDRrgo/GzP1Ok0kz0CAwEAAaN/MH0wDgYDVR0PAQH/BAQD - AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAA - MB0GA1UdDgQWBBTXNNswcepaYeuUnhGeGMn6QvceVDAfBgNVHSMEGDAWgBTIAmvh - lCafX+fLJ7FY/p5ZjYibADANBgkqhkiG9w0BAQsFAAOCAQEAUU+YKH2Y9QKgBeIo - QAwdO2xtz9F582dD05xevHrn3SvHMpCG3OEmcmugD4Za5EyneqxaucPIQ77Dus4x - CuWGA1/I7d+EKnLU0Kg8nn061KvxIv/zKbh+jb5wFw+uPrQFPU1PboK6mhmZD8pv - yTO3ZFHJjF1tLPB5U2+KaWO8EAzVAoYEklEK/7TyQ8z0jzUGWkxXmZz78UTAIxy3 - OBw16kKAKGRgnxB2ybWQOO+grQSD77CDtXXJKV1jzpuk5eItqE87FAj+3EE9Qt9A - qH4MPV2zZVUTvCBocYVYs+5p2doEH1PuHr18VaI+AALvfu+p+BB32Jd1iUQ14WuG - IoGdwQ== - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: controller-manager - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIIDYDCCAkigAwIBAgIUClCdGiMCfJjYU1LSXTX45bQjkQYwDQYJKoZIhvcNAQEL - BQAwKjETMBEGA1UEChMKS3ViZXJuZXRlczETMBEGA1UEAxMKa3ViZXJuZXRlczAe - Fw0xODA4MjAyMzQzMDBaFw0xOTA4MjAyMzQzMDBaMCkxFzAVBgNVBAoTDnN5c3Rl - bTptYXN0ZXJzMQ4wDAYDVQQDEwVhZG1pbjCCASIwDQYJKoZIhvcNAQEBBQADggEP - ADCCAQoCggEBAM5Vla450p0zZwQzmpS/wRjVopyhHhLuS/ZMSDvZny0DZ6fIVTZ9 - lvBm1jS0UzTk0fWKK+s5MeXEnkGobefNpLwJik+PzP5Rab36W7NdKUG8/yxhH40F - u5yBJJ8s02LfuHos5lDGEuopd1TQHOKGBjp9+ImFk12J++vzOsVOEmREEZmwhVaP - bMGv5uSntf5G6Xgnf6ur9pIqduEzrdM+3tD5Bi4Q2P3x56sM0mfWwtuFvXTWmk6N - NhIb0doXhxf2Wgl9lvjxdkYCItUGMkU6osdD38K6f6rGLA7t9TfXTRl497VfAULb - xz5wtK1btifZEDtEBhrIC1SyyQoYpSNYx0MCAwEAAaN/MH0wDgYDVR0PAQH/BAQD - AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAA - MB0GA1UdDgQWBBSY8qn47WRcBg6oSbpE9HbXxqGumzAfBgNVHSMEGDAWgBTIAmvh - lCafX+fLJ7FY/p5ZjYibADANBgkqhkiG9w0BAQsFAAOCAQEAmLhkS+2id7BhvXRz - ykyWTqpHEZzTBtMM8zRpho+U5S2Ym+sh3ZRTe1Zl5qTQzegEzhyji9nZ5d9oBQ25 - xZss3QV3BwbK+lH5/2TMY/JEldexIIKr6TonkvtfF/8yYh0qTMOdH4wWNMwIjgWx - TYsYjMZ03nSgD++hlILe8qQMCwXWbQ3srQ5nvvtW1QO4Zn537vnzBBPchp8fowJJ - Gm9PrPOcCqDdkiuKoK5yoQLBEav5j18rkafEUt7kpSHX+/VYFpFznTiDd+h3obfp - H8OZy0XNdHPHMA9bQJ8hxQmZcOsl6SPqtQafso13jTAqQ8JY27Lz4eUWBocL/9Kn - 2BPjNA== - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: admin - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIIDYTCCAkmgAwIBAgIUTOcHSSy69x/FJI3zhlmGL+2aB/0wDQYJKoZIhvcNAQEL - BQAwKjETMBEGA1UEChMKS3ViZXJuZXRlczETMBEGA1UEAxMKa3ViZXJuZXRlczAe - Fw0xODA4MjAyMzQzMDBaFw0xOTA4MjAyMzQzMDBaMCoxFzAVBgNVBAoTDnN5c3Rl - bTptYXN0ZXJzMQ8wDQYDVQQDEwZhcm1hZGEwggEiMA0GCSqGSIb3DQEBAQUAA4IB - DwAwggEKAoIBAQDPeeZcrj56FLvfXMbHep+khlt53VKllOfd4YpFXuBfPNKS7sWl - +RUSR836IuKlqoW86uq6LTYk7QPK/m+BFXOiDcohvKgUPa1RKU3uL1gZmE8mfA/R - VmCrv0r2m2OocTz6rS4Gj8qKqcfzuZVMQmRnqxivcpcFIcm3UVmiRSjEhg/s81/J - s45D60M7oBiJTU1FItxBzulA+peA64NwIw52cp5q3s705VZxAbI2RUPd3nCz0cMN - RSjOYeN7aYF1OASrJXxl4eK4Azx0SZVO37hrvFP22OF6WF8AiHBkZbfZaHNWgh0D - BDtz+lNEQ8/0DvN9cEW6l2VIjS+fChcsyxEbAgMBAAGjfzB9MA4GA1UdDwEB/wQE - AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIw - ADAdBgNVHQ4EFgQUJA/9/fknEta55uPmIbP/eNHi9MowHwYDVR0jBBgwFoAUyAJr - 4ZQmn1/nyyexWP6eWY2ImwAwDQYJKoZIhvcNAQELBQADggEBAIxybsZRna3OMwp2 - 8J75jEZ3yVe3mczULhApmr761B1zSEkaB81w4lC55foAKH/tijz1yj1WT/0BjYVj - VBgHufk1Ih6IbndPbNsb+BX4R1ucDIhnw8jS32kQy2qWi+JhZ7s8tH/2OZlNRhiq - rq9DcATzwYqk6avUR3lSpCyVPUJLGqNP/HL5vDNR/dAJmgrCO86UhzFWTvfgDmrG - mP6ejsM3qyWtOCt80ZcVPqWUb9AIZXdmi0ekwKStxpuGec/e2oZxLK8q2vcmloA3 - ftVUl1FJWFn7rQ+Rmobx8lnb62PTSkDVx5+hogXOh2AR4jXgTAAdFmdhyoM8+utg - syTdZ3I= - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: armada - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIIDUDCCAjigAwIBAgIUcGEOenCIFEyRPk3/zF97GUy8sJIwDQYJKoZIhvcNAQEL - BQAwLzETMBEGA1UEChMKS3ViZXJuZXRlczEYMBYGA1UEAxMPa3ViZXJuZXRlcy1l - dGNkMB4XDTE4MDgyMDIzNDMwMFoXDTE5MDgyMDIzNDMwMFowFDESMBAGA1UEAxMJ - YXBpc2VydmVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2RPKuABA - bQuCrv72wy3EyEGnNIh63xPYl6VfIz3F/VhDNt4aKSftWM6U8+LMDHyT0p48BwCg - dlLfNhU4tUa4rD9Ik+HRV3hQxHGuGAQSGna+90z+f/OtmgbLtVXX1bkLfcM85YPT - VTzILO3UA4VUrQxSoXfK9tUaV1RJrYUzHwtr6aM4wo+pALsfes6Mm6ygM/n/+z1N - Uxzr9I2oJreFH8TbnkmQRbvWoYQRoA+2Z2A+TPZkzYqGNAZr/BZS8mgEGapcp4tF - 64yyraLPpwzEKxNspmjHeGsNEYZS9JSaEx6B+ceHlF2xYlK/tg0134IZMJ2CRl4X - P439p+yN3H/bNQIDAQABo38wfTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI - KwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFB1oWx7W - VLfuzm86CWwEudYb/MNuMB8GA1UdIwQYMBaAFJ0mAtDmZi9Gr+nUWiGXt7cUV8fH - MA0GCSqGSIb3DQEBCwUAA4IBAQCqc2HY5GzQ1M00rvMXq+NBODUL7WydGALt909X - 5EOERm6BAw/fuGbzn/wh30JP48+rlXyJ0iXeCai9+MtacsX8Qjvx4EBCsOrrhO1x - yCD+P6RFYilH4P2lufszhLYUkKaI1y4LSXJK1dJk8QByPL3i0b12FkedGd1HMOfU - eP6NBp7rcp3+JCTdaCcaYin/RFqtjoPD3ebuTRipK6Jr8+QFtnzJ5bLQcpNYgA2D - UCqHX1nSQF91xpro/MDE2OEFtulkM3vAiXsBBVp7cb9U4hs2LU8GvRqgR89sL+/c - i5Chc3uBTahiMyv82tdi3JdU+wE/2g9pwRcp4V5PA37O98fD - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: apiserver-etcd - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIIDTTCCAjWgAwIBAgIUM2lv19qkb9xH2Zng3VEa0hYh6q0wDQYJKoZIhvcNAQEL - BQAwLzETMBEGA1UEChMKS3ViZXJuZXRlczEYMBYGA1UEAxMPa3ViZXJuZXRlcy1l - dGNkMB4XDTE4MDgyMDIzNDMwMFoXDTE5MDgyMDIzNDMwMFowETEPMA0GA1UEAxMG - YW5jaG9yMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMEFupWKyrzQ - nR5leAj4QlIwIREubOHaXwIOjNRs2f3b9xoFz/WY9OI/oMvvsr4am56CN+m1sSPO - FrJji0+fkMuO94/QkLZEioBgzJb1icI58QIYW8jWvoUYoxJPVNWE2tEm4081Bs4r - G7hepnuvRKNgoIE+1SflwofAe0oLPbTyhbv07sVXLyIHelVEAlTu6Q6OH4rV0mzv - HY6jqMC/qsbLM4vujoEGKzX80ftzNa/TGbZcMzjylQN2Svgt0TcgvzhTQOenfOkD - e7UMKuoD500pioCW7nSrQwfJP5TuR6VjOer4sJP/T0KZ7MHs0gm7jQBL5+O0AZoW - PZgjq03OJwIDAQABo38wfTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB - BQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFL3+S/D1v1L9 - kNWBBz3luXchfH6uMB8GA1UdIwQYMBaAFJ0mAtDmZi9Gr+nUWiGXt7cUV8fHMA0G - CSqGSIb3DQEBCwUAA4IBAQC5QRgOhlJkyX9IAoDE7zb70HcuZ6otRYjvawvtEhDU - 2Kkv/mHnk+BAC5smzMLe+mAYskmdzy5fHPxmkSE5xnaVYS0WWAroq+XXiHnuO5YN - hDurPDHIn0u6vhk28A8g7HgzT+2A0F679+vosBXH2Gws4vIl5PP+GNlbdQL8iX0M - yYIA0gjuOpGT1PJtXEDRfs5zttDpdQ6O3wLv6Gf9+i0/7Es1xbTKe73nqDcID4BO - 1RzNoRLRpQmFWnVUiezISsev/NsqhPASYouEHJF7LmQey2fNOclvwiQNDdrVIWvD - PsDrmM/NFey0l07xiYp9x//pHPo2aqBzV5kmEw7HJuN9 - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubernetes-etcd-anchor - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIIDzDCCArSgAwIBAgIURsu9xur5ecCsUR7gnOb7r9S6TtAwDQYJKoZIhvcNAQEL - BQAwLzETMBEGA1UEChMKS3ViZXJuZXRlczEYMBYGA1UEAxMPa3ViZXJuZXRlcy1l - dGNkMB4XDTE4MDgyMDIzNDMwMFoXDTE5MDgyMDIzNDMwMFowIjEgMB4GA1UEAxMX - a3ViZXJuZXRlcy1ldGNkLWdlbmVzaXMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw - ggEKAoIBAQC494q93ST37RC381QWmZ1bPvO1AAcvJCLH1gOtydds1XwOJJpD8ZM6 - 92cotmBBdrXRFekD2zzh9LEk7qcE308/oSNLfychkynJuNvrCepbkO/9o4GzWuzA - yS/u8Uu2dBA0wZC75bi372JJ5ra+tf/j3PlA9mRhLQn7oYaaS18Fm3wnVcpliNgO - xIPU4hF8TJp9UlPWkBHNdqCcfdjBi5W+lqpykgKydIgGLRBavnMNeB9BDkLz1TU0 - kA+3wPBZXiELOOCTOrPYMQHC4VKik2MJkNdfluqDKklQ/dojn2djIQnc+8bjQqVA - gsg3TlSaSecwi3HBO7D4ipcdvu05NuFDAgMBAAGjgewwgekwDgYDVR0PAQH/BAQD - AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAA - MB0GA1UdDgQWBBR0enaucC/qjURE2E8JfZdLqOkooDAfBgNVHSMEGDAWgBSdJgLQ - 5mYvRq/p1Fohl7e3FFfHxzBqBgNVHREEYzBhgg1jYWIyMy1yNzIwLTExgglsb2Nh - bGhvc3SCLWt1YmVybmV0ZXMtZXRjZC5rdWJlLXN5c3RlbS5zdmMuY2x1c3Rlci5s - b2NhbIcEChcVC4cEChcWC4cEfwAAAYcECmAAAjANBgkqhkiG9w0BAQsFAAOCAQEA - gBlVNEYN1T6toXQPv0Ju3ENiJdiAes8ZIuMkqQiItyJqmtP/S456pElAgn7EgMav - 7myu/w/5CWgTQlTt8ClTbx7TEkB/IC7vM9moUSRBDLWTZTrRBmodtmJG9ry3Sbdu - GlkzJiszhV2ffqdlcENb9YRuQK1lBl0Xc6TjTwn0vDlaNutXB0zVXK2PXsRsq9n2 - o7M4RO8KKkxiTXMlAWv4k0zOH2rWkVpQk5zYFqdsJMbZmDmFJh2qcRlR00uBO0af - mlch2LmAVrXwBp/ovc4PeZeJrKhdAizrTrHMvdlHxGh/rAuhS3vGLK95wmszLk4j - Tib+SzbWdTFqGbMPk9MEfA== - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubernetes-etcd-genesis - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIID0jCCArqgAwIBAgIULvewF/oeP6iJw7D8A+A/vrJFKfMwDQYJKoZIhvcNAQEL - BQAwLzETMBEGA1UEChMKS3ViZXJuZXRlczEYMBYGA1UEAxMPa3ViZXJuZXRlcy1l - dGNkMB4XDTE4MDgyMDIzNDMwMFoXDTE5MDgyMDIzNDMwMFowKDEmMCQGA1UEAxMd - a3ViZXJuZXRlcy1ldGNkLWNhYjIzLXI3MjAtMTEwggEiMA0GCSqGSIb3DQEBAQUA - A4IBDwAwggEKAoIBAQCfoJnD3HCw3N253Y5VvwjGDB7k6JLSaAEpTdujduf+/Xpf - d3K8Gz3cCvsg96BbrhI5p4PMMb7JHv105svwcBzyNEIaCcmDJ9WqwAFqdlLLNleZ - Cai+fyUs9ZbXIAX3+ZZN24SzhicWxIMigPc+1z1bc5gvUF61KVRNhcgcjtjzBL/T - VwIY8VNln/EpjY32x2gWiGwpNm7JZa1sxvjKwAjHuiC0ScEJlHPkugvom603azCw - zYcGooXE+ib1jFaecWJc0bnrbdpvO+tZP2immzCqQR4Ts1gP4GI05hFvY5BiV7MS - X93RFQkZOkksU3Wg1a73nf62icBPPQaK4v0bZPB9AgMBAAGjgewwgekwDgYDVR0P - AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB - Af8EAjAAMB0GA1UdDgQWBBRrlfApuX44D56dnWbOof3eczD1wjAfBgNVHSMEGDAW - gBSdJgLQ5mYvRq/p1Fohl7e3FFfHxzBqBgNVHREEYzBhgg1jYWIyMy1yNzIwLTEx - gglsb2NhbGhvc3SCLWt1YmVybmV0ZXMtZXRjZC5rdWJlLXN5c3RlbS5zdmMuY2x1 - c3Rlci5sb2NhbIcEChcVC4cEChcWC4cEfwAAAYcECmAAAjANBgkqhkiG9w0BAQsF - AAOCAQEAQTyfl/Bi8iu3BZjf7Ii3xCtPqTW9bEGo6B6mzR0Dx7z/dUlHi9WR6/il - 655WMwNUEwX3PIewh1lfWTXMsc1eXsXvr4D2jQymw0ZaoPEbYw4r55iRT9rpsf68 - FAWvkUo+b2E0KaCZkQ4zScQeHhz53Y6aAPNDr14VHHIWBCDQLfdUzcpG9TmpLMau - rU3Nmbq30GnTO/N1/dTwZ2ABvWOWzsd05byKm7N1hEqb3hnRc7SuiTSJizR0/SpH - PC5RjJxmN0cco7KahaWLsmGzEW5kRGtgc65rgxR631LxRQ7/3hiemFCQB/kZJet5 - EQlDREoA0bLsv7s0L7v2Vwp5bFox7g== - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubernetes-etcd-cab23-r720-11 - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIID0jCCArqgAwIBAgIUJq1hhapB1fc6nl6Ligd7r/AMDNAwDQYJKoZIhvcNAQEL - BQAwLzETMBEGA1UEChMKS3ViZXJuZXRlczEYMBYGA1UEAxMPa3ViZXJuZXRlcy1l - dGNkMB4XDTE4MDgyMDIzNDMwMFoXDTE5MDgyMDIzNDMwMFowKDEmMCQGA1UEAxMd - a3ViZXJuZXRlcy1ldGNkLWNhYjIzLXI3MjAtMTIwggEiMA0GCSqGSIb3DQEBAQUA - A4IBDwAwggEKAoIBAQC/7DqoSUn4rgkA5x93zqKBWXwA41TwEh5kYxarjsArewvE - YnHzuMySN4aDfEQYngG9DX86o6Oa/G9+k8xxFAVmoMQTczOv6Vn+mjn7mQ+o2XPQ - s3kBTvLHR/WB/+YtU7BKHe17b9wQpVV5q7R8Mq23wB1N74UsB+ySUg09AP3JzCyi - rrqolASF0U64kZGWA05OIeSoX7jHDv6AKE9ROz5Z9FNSScLedAdi3x08tEdj8Spv - oKuXDv7WIPbnaoYgoyUgeXz8WYUO00z8EGaaDnF5CwCq+71sZLkzis4HdiqjsWFR - 4PCsklxhxJsHpnVTuZ99PQXXblamaLZuyx/F2YwxAgMBAAGjgewwgekwDgYDVR0P - AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB - Af8EAjAAMB0GA1UdDgQWBBSiLyWFOUf3xQ2CxWuUtZPbrjeL6DAfBgNVHSMEGDAW - gBSdJgLQ5mYvRq/p1Fohl7e3FFfHxzBqBgNVHREEYzBhgg1jYWIyMy1yNzIwLTEy - gglsb2NhbGhvc3SCLWt1YmVybmV0ZXMtZXRjZC5rdWJlLXN5c3RlbS5zdmMuY2x1 - c3Rlci5sb2NhbIcEChcVDIcEChcWDIcEfwAAAYcECmAAAjANBgkqhkiG9w0BAQsF - AAOCAQEAYXsTBrJnqk3aDauPyeMyEr9B9ffR0yPpW25F6fgwXrHQ6AcKOOdYhOdz - UYuhzA32yQFjmWG5Tf1PCIqg9BSIHMO6tQWB1M00+f5atEHSJ/rIE1cWOw9wfYyN - ZoRY1w3GNqP7wvMaRGiYTabAC9X0rhI6pC8sMuzm0ZK61LydSqOnalkApBozKE8w - F9OrA3TfluZed+Eylr4S/HG7PLyW9IAhAltXHkWGt6f901/Clfrspe5POsisorfK - SyhA805WAP/ysTJz2iZlRb0u9Sg/NCXpmcJBo4V7YTlVNrs6EOOeBzBmonX9+Ttq - EWp+HehyXnaLegneQ+leO8NmE0fcNw== - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubernetes-etcd-cab23-r720-12 - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIID0jCCArqgAwIBAgIUIxasLvcs+hz33OfXx53XRnhtiZkwDQYJKoZIhvcNAQEL - BQAwLzETMBEGA1UEChMKS3ViZXJuZXRlczEYMBYGA1UEAxMPa3ViZXJuZXRlcy1l - dGNkMB4XDTE4MDgyMDIzNDMwMFoXDTE5MDgyMDIzNDMwMFowKDEmMCQGA1UEAxMd - a3ViZXJuZXRlcy1ldGNkLWNhYjIzLXI3MjAtMTMwggEiMA0GCSqGSIb3DQEBAQUA - A4IBDwAwggEKAoIBAQDA22gtcU9J2FicNu1peiReJfIwoyJNDKd2nQhQPn9WrKtC - hsBYyCgcxswOTSMkEhI9W+j1xDda92PF0T5R2R9wrUf30HvqPYs7t60t3Q5iOE1X - Ljh48Cg7uYwEGzSJrraOd425te05kxV3jAM0r5ZgYptUNquXAqJ9zk4wBAWGrkdh - 2IFQuLYjiy7MyRWBC34z/ve9RCiu5mPe54/BUR/UmdFeGr3qr8sAhqoKtmAl/Ckb - rkHHydANHKGO3ouBVdBwejPP0/5jwHpeI7szNsiwSt6kQFhOI0vlDj/FgjSJggIb - 3qDW8TSeDioF6j8A9QBy+Nr3NbO7o7Ow9HZVuJP7AgMBAAGjgewwgekwDgYDVR0P - AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB - Af8EAjAAMB0GA1UdDgQWBBR0tj5yaf/3TCOk+wovW+z8lNdD/zAfBgNVHSMEGDAW - gBSdJgLQ5mYvRq/p1Fohl7e3FFfHxzBqBgNVHREEYzBhgg1jYWIyMy1yNzIwLTEz - gglsb2NhbGhvc3SCLWt1YmVybmV0ZXMtZXRjZC5rdWJlLXN5c3RlbS5zdmMuY2x1 - c3Rlci5sb2NhbIcEChcVDYcEChcWDYcEfwAAAYcECmAAAjANBgkqhkiG9w0BAQsF - AAOCAQEAsJGpk/nu+RezwS8STPPpr5S/wV7ZoS/mAOfr6EeXXVv/eJS3YG625Yoa - 1I+0YfvqTdxMchXU3MqFFQo29kERxzin47AVajIotWuwcA1BbmpaeynjSXSi53y2 - MwoB55ASjPC2iNnF7GMu6KnCmXBL6Tt5OPIqni3o6GCFSKh3F/2A5IwP9HphIP9G - SpT9OUK3mxM8PDjk3sCz+4kdKUqs6pFJEtX+UIK4N7vvHrG72V2tau6QNf3asTWs - TxTiIXUVxkfExUoUleIdyeH8aMPWGuJULkzYZJqUfuw79NyxMO8l2eC3EzG2Thfu - fsTMq8JLnFRubGEsUhy4Ojh6nmVXJg== - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubernetes-etcd-cab23-r720-13 - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIID0jCCArqgAwIBAgIUFkV3DH97357zQoDothgJQi+e7NswDQYJKoZIhvcNAQEL - BQAwLzETMBEGA1UEChMKS3ViZXJuZXRlczEYMBYGA1UEAxMPa3ViZXJuZXRlcy1l - dGNkMB4XDTE4MDgyMDIzNDMwMFoXDTE5MDgyMDIzNDMwMFowKDEmMCQGA1UEAxMd - a3ViZXJuZXRlcy1ldGNkLWNhYjIzLXI3MjAtMTQwggEiMA0GCSqGSIb3DQEBAQUA - A4IBDwAwggEKAoIBAQCkPYNTUMCtArg8o5AfN+v7/zWz6qiyz/T4YUsPWe8INJm/ - KNDZhwCrVQBJq0KppMFucieaayHAkRLZZiHr3QCkxLYJBLerS9BxofReoPi/WSbz - +UBcVPCv8Q7yhwbPniWHx7ppTKT5POdiCrUT3FbHOj9YKOzgYh/fWV55SJwbTaxt - To0APDdbrPnpjhOHZZy+PD1+q8nm0J4EPdw9u+/iBbXgT/zYM48WuPuDF4XwHOdD - 0gqrEvGdwzQK2cqyqCQllhqp1DbPoTXQPTK0LEt6cuCD8Yg2tfIN0AWktRfpNlAy - YjuT6s6Psg4UKBo8NpL2sbtE+idPJLb9swge3eT7AgMBAAGjgewwgekwDgYDVR0P - AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB - Af8EAjAAMB0GA1UdDgQWBBRifGt/cuvvbbSOlGqchorLSuXa6TAfBgNVHSMEGDAW - gBSdJgLQ5mYvRq/p1Fohl7e3FFfHxzBqBgNVHREEYzBhgg1jYWIyMy1yNzIwLTE0 - gglsb2NhbGhvc3SCLWt1YmVybmV0ZXMtZXRjZC5rdWJlLXN5c3RlbS5zdmMuY2x1 - c3Rlci5sb2NhbIcEChcVDocEChcWDocEfwAAAYcECmAAAjANBgkqhkiG9w0BAQsF - AAOCAQEAVP9tG37juV3OxHabhf76FLNYLLGdfGYMcatH1TC4JJcOtHI1eWTjbcJR - l0ZcdBh0lI2FSG+I4r+3ZaeK3ksL9mNacKyMWkIGXoIR1GHLX7SPw5Ec6Qxdm9mX - ofETmAfsMSEr7nxitpe+oypEydA/2wLEdWgRb9qnqCMDrn3LQtpfwQSN6gIAXx9U - JWOFBq1mL8xs2VFDT5oYAMvwNn0lLmgXiHJiBRiewXo5vNElcdJwzwXUggbjj8sV - ADOXjp8THs6SjnpppZdTm7mIY78qjs2wCSwcQZThHFIXS6j/d0Q1/mypisgQbKk4 - yP6ZKg6Y6SdQwkaAcQ6CBSKaW7HpXA== - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubernetes-etcd-cab23-r720-14 - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIID1jCCAr6gAwIBAgIUT/Loq+gpUbt92wzGhCJtR8Q84UwwDQYJKoZIhvcNAQEL - BQAwNDETMBEGA1UEChMKS3ViZXJuZXRlczEdMBsGA1UEAxMUa3ViZXJuZXRlcy1l - dGNkLXBlZXIwHhcNMTgwODIwMjM0MzAwWhcNMTkwODIwMjM0MzAwWjAnMSUwIwYD - VQQDExxrdWJlcm5ldGVzLWV0Y2QtZ2VuZXNpcy1wZWVyMIIBIjANBgkqhkiG9w0B - AQEFAAOCAQ8AMIIBCgKCAQEArJgNfhV76s3yqRZ5nWjY0Sau8Lte/F7okc8FU4TD - LyjizuRyzyl88KGAPBEikoFVP2CzdgaTaLaIiGIfh9UMx8dbbbV84txSPFrDd4d0 - VWHfa9fvag8W5wt5ce9W4JT6qQlpMsdfx+O6yhub9NeuWFGdNFMlDoYh/4wrfAu+ - J4OuLLChEt7797fqawPjBtCtirq2i8SFN2tEPKvM5MkAYdOU7Hc8UPRUR3rpXbDi - Xiw2tk61yG4pE3YwMP2SPJFTAQ8XlwTdBkARb073Bnmxh9M8oYb4pvw1hLB5+j8f - irAtDlkP3PdmfzEFxGXjDoUPLzO60i8FATRWoRDEDB6XfwIDAQABo4HsMIHpMA4G - A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYD - VR0TAQH/BAIwADAdBgNVHQ4EFgQUYpM2Om/nMa6zbXUt5YjMS+cgJD0wHwYDVR0j - BBgwFoAUErq/xFXAW/MSw/dGVVlIBnUsm58wagYDVR0RBGMwYYINY2FiMjMtcjcy - MC0xMYIJbG9jYWxob3N0gi1rdWJlcm5ldGVzLWV0Y2Qua3ViZS1zeXN0ZW0uc3Zj - LmNsdXN0ZXIubG9jYWyHBAoXFQuHBAoXFguHBH8AAAGHBApgAAIwDQYJKoZIhvcN - AQELBQADggEBALYrKeuZ9vdt04eAUaEIpC968n7jHWFwC/WhkIUwx7XfrrdT74PT - 7NtOWG9s18PkgDlq8x5d/y84Gr5AHtYODtjHgf26lVsCRjLH33HYvxZ0VrUWJGd4 - 5QXd+k3dMdTNb/z20LEC4AdiVmUbktRM6P9r+GjjhS/J9YhrZXWgb9ikm4wCdYdL - 4P/lLSMvQ+lk6hloeWzpXTN3OrhZOplz8bS5HrWg8JHkDNLqxGfXICiccfx+amAI - hM0mNm15P5nmTzzBbdf8tzAe9RSDfrDAV4fnphgjerd0kKb6SOBdnwTlhSH7YDMz - hx+NftSzDKiWmHLGbGgcZ16ijO3TgB2/vRo= - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubernetes-etcd-genesis-peer - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIID3DCCAsSgAwIBAgIUXRYGpBn3//YVVVYqN5CQscCb68QwDQYJKoZIhvcNAQEL - BQAwNDETMBEGA1UEChMKS3ViZXJuZXRlczEdMBsGA1UEAxMUa3ViZXJuZXRlcy1l - dGNkLXBlZXIwHhcNMTgwODIwMjM0MzAwWhcNMTkwODIwMjM0MzAwWjAtMSswKQYD - VQQDEyJrdWJlcm5ldGVzLWV0Y2QtY2FiMjMtcjcyMC0xMS1wZWVyMIIBIjANBgkq - hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7AX20jHoo5/Q/POn6MZHIuNw8M1toJ5d - uX2fa5VM2nVn9xxt+0HYHJz2WzKGvpumQ2e9w6XJF/+hYsMgPke4dBI1ts0YPEXX - s0xhmkT9Cw41ca7kaK0nV2/y0hS3hk5l972TMBUb0vHiJdwYNgL4MdKa+kcnYXh/ - zHLUMeH2CS7jwxcDAQQDnZxt/Dp3gcKNeJ8QX1RxDXU1EyrNcPi8Nrxtf82icpY5 - gLmtYKAn6KTrDb4tRVI7L3HXSpd7IfHTRZ0ftzGkYacipS2iggdgUIX/ShXcE9kS - 89/lCZM16e2A7e+usJn4K57rA6EyVDqZjnVovrpPjtelRQRZa3f4XQIDAQABo4Hs - MIHpMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH - AwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUjCXg652ObQBhsrx5nLKAkTYX1tAw - HwYDVR0jBBgwFoAUErq/xFXAW/MSw/dGVVlIBnUsm58wagYDVR0RBGMwYYINY2Fi - MjMtcjcyMC0xMYIJbG9jYWxob3N0gi1rdWJlcm5ldGVzLWV0Y2Qua3ViZS1zeXN0 - ZW0uc3ZjLmNsdXN0ZXIubG9jYWyHBAoXFQuHBAoXFguHBH8AAAGHBApgAAIwDQYJ - KoZIhvcNAQELBQADggEBAL7bUjb6b4yaVUK4BJUlCR3Pv6FH5psY+6TSAWS47I2M - sKRL8cIxj/qXs4PiJATNrSj5SBYkeSicN9MsDZaXsdwMih41diqXvwY8aRHaWhSN - 2xbw1um5gZEm1pekGP17+d4n4U23yVjCV6mtNT09vms2peM2xoEbmsVdlCknQM8Q - biv4fPU2KnHk8nnOeLoLz5Z721GPeUg6v4kzyUaYK2x3Sc/JZ2s/7mkKPbvH07NO - URnzPuUEYTOgDwv8srq5f+82CKcUagyDwmpbKJOO0Nbhugf4t664lelimJQLSDiC - NnJA4olBVOBowiUi0Rw8ZRvj+/bmhyAmDC25/7zv2CQ= - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubernetes-etcd-cab23-r720-11-peer - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIID3DCCAsSgAwIBAgIUewWNoZQzHqX3tSmS7sRX3rMLvE8wDQYJKoZIhvcNAQEL - BQAwNDETMBEGA1UEChMKS3ViZXJuZXRlczEdMBsGA1UEAxMUa3ViZXJuZXRlcy1l - dGNkLXBlZXIwHhcNMTgwODIwMjM0MzAwWhcNMTkwODIwMjM0MzAwWjAtMSswKQYD - VQQDEyJrdWJlcm5ldGVzLWV0Y2QtY2FiMjMtcjcyMC0xMi1wZWVyMIIBIjANBgkq - hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxyL19ntmY3scU/HloXV11tTaI+//af5E - RkxbMkn99HLAuBFcy9xyGOHbTKb0oqqtwey+/9e4CXSgOpiqbfyqhbHGWAIyJlMh - DCMkjWPbr2Qt8R9SgZerXDGN4n+s5LjR32TdNOlQAf2w7MStG9jRlFGPJ64x6cRj - UT3EipdpFj8SzC5Le7ROmjChV109ZdebpJm61dgwVSGC4OYtw1K9fYUmH7SV9DMV - 6d+s6TEyASordstT4bxMUIEo7Z4dzE8MZYu+XTp8D9s3E2TvSjLd1t5/RY1yO42e - WA8ubiiFcTv6DD24JiirULWIHwnc6Jwv+xgmAH+0TzZ4L3X21s4n/wIDAQABo4Hs - MIHpMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH - AwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUJCjODJohoIyGHxgmhgl4Q6HtryYw - HwYDVR0jBBgwFoAUErq/xFXAW/MSw/dGVVlIBnUsm58wagYDVR0RBGMwYYINY2Fi - MjMtcjcyMC0xMoIJbG9jYWxob3N0gi1rdWJlcm5ldGVzLWV0Y2Qua3ViZS1zeXN0 - ZW0uc3ZjLmNsdXN0ZXIubG9jYWyHBAoXFQyHBAoXFgyHBH8AAAGHBApgAAIwDQYJ - KoZIhvcNAQELBQADggEBAAYUf29T0fX8xaOEla+tu89ZOBHRn4yYwqsWBVBqGG1U - Td9uPq+x+74ip9ucudrY/WSJ1R3JyVSWMrc0N1VUkRL3Qb7kUp8+D4SqDSGYfGsk - tEGCpK30a505+p6dPL/pbGsfXVlpP7WgqGSPijv5cDWDbntVQsmoM0MpUY60Q4Nh - QCqJc1Mv1bvgB5BckQvSp8uGsAjphtCmlVfQjGFaooIdEKBTCZgZMYdP2IQm+N8u - x1MU6txZyeMNRHQEDiM3wauKvrxTxD9rLJewcc0py0+XbiFN9lCDDBAlkMnTAdvK - 1W/spAgk9oyZdo6izOxLu54NTPCQE4Fq+N++SuzxfiM= - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubernetes-etcd-cab23-r720-12-peer - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIID3DCCAsSgAwIBAgIUH/q9d5D6PAB9QaIusTP7feTD/7MwDQYJKoZIhvcNAQEL - BQAwNDETMBEGA1UEChMKS3ViZXJuZXRlczEdMBsGA1UEAxMUa3ViZXJuZXRlcy1l - dGNkLXBlZXIwHhcNMTgwODIwMjM0MzAwWhcNMTkwODIwMjM0MzAwWjAtMSswKQYD - VQQDEyJrdWJlcm5ldGVzLWV0Y2QtY2FiMjMtcjcyMC0xMy1wZWVyMIIBIjANBgkq - hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrAxSeIFy831f32lb/6ZEl3GUJ3R8N1z - LIjpz0UmJcNKXFjO/2vpQ3FEPenbu1Q4Qj82G+FHK5QGKijqdOUR2eIUxud3gTZi - ceF7GcEIcT16vbHv6RefiEi/VcDon1nXdFLGpVAipq2VcwBFwl6VkRldqu9mq0oP - e8RoKniMrQz7Z2OY0BOsBSire+2uFhkJn7I+lhl2FgGQgXNSLn+LcnG5835XNUt4 - cGTdS4rKCgdqxPZsVwemKoOUa2YXNhoEiWjLSS2fbOAGSCHpUD6H+hTz0cE6x6ud - s3V0o4bdE9SMSQoGBRfMAW5iZnV4HSSjfF8psYxLdKHCECm/DbTMjQIDAQABo4Hs - MIHpMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH - AwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUEutILRDuPYazSOg+uvQVMReIT70w - HwYDVR0jBBgwFoAUErq/xFXAW/MSw/dGVVlIBnUsm58wagYDVR0RBGMwYYINY2Fi - MjMtcjcyMC0xM4IJbG9jYWxob3N0gi1rdWJlcm5ldGVzLWV0Y2Qua3ViZS1zeXN0 - ZW0uc3ZjLmNsdXN0ZXIubG9jYWyHBAoXFQ2HBAoXFg2HBH8AAAGHBApgAAIwDQYJ - KoZIhvcNAQELBQADggEBABvLtpXC6C6wgRKo+YWTgPZPoFl8fMiYashWNA96OHW8 - gClbebr/agJvtjgrDwu6C/yV5J7fFb6bMTp7LMj5QJZ/w0HAH/VOo/mholjtoNf7 - /hWdAys+WuuGThDsZzWla4z7j9bv0v0ZHE+XiR3IMvvFBVz2jbO+7CF1+JYH/tg1 - ajtqCvZgw3N6su1/bRJo5MLIMV/Vq6g+7vrRgsYGF22NOCLCBv3dr0sdKh2sw0+v - YsPHghURkHFrdNBmLLpUDgnrCGWBwNI46p4AL29XZIidoDmoCTenBSMwP5NbUFnv - N/wJQ2YNjXqdAXDhCZ8Zcy7HnZ386DfKDC/t7DNJUJs= - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubernetes-etcd-cab23-r720-13-peer - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIID3DCCAsSgAwIBAgIULjF89Q2rvVOW91ztH8Aboa2fzmUwDQYJKoZIhvcNAQEL - BQAwNDETMBEGA1UEChMKS3ViZXJuZXRlczEdMBsGA1UEAxMUa3ViZXJuZXRlcy1l - dGNkLXBlZXIwHhcNMTgwODIwMjM0MzAwWhcNMTkwODIwMjM0MzAwWjAtMSswKQYD - VQQDEyJrdWJlcm5ldGVzLWV0Y2QtY2FiMjMtcjcyMC0xNC1wZWVyMIIBIjANBgkq - hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyfPFnaJFPgoiWfR/BXW0MOSYmKh23o3 - 15a63jSqpl/ZtpMQVamURbXK8IvJJN+xu7ehFeIkzwMbMYr4tFIy24b/boQStte3 - chY3KtJVnhLwZeT9IFYayPo+6AU+J8JuA9WQqc92ZaVP5q4tRs/FUcSNmqvMl6DC - jTymd2kaupM7HT2cdBxfHGhg/zO5xB9r0NA9kqe6+4/C+0Comg0Io88BXzYUyQBW - bsNE3Ffxf4xlGNDHte2DKBfAta6D5MZ3c32edOOU3Dh1pACx1abTapeolLw9AxV3 - zMET2NbBOgMpGR1coNqWdFM1mzZfdPg6VczYbqzq+BK0L232dfS9kQIDAQABo4Hs - MIHpMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH - AwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU1JvmLtbKUMhnxloRT+emNFWuMFcw - HwYDVR0jBBgwFoAUErq/xFXAW/MSw/dGVVlIBnUsm58wagYDVR0RBGMwYYINY2Fi - MjMtcjcyMC0xNIIJbG9jYWxob3N0gi1rdWJlcm5ldGVzLWV0Y2Qua3ViZS1zeXN0 - ZW0uc3ZjLmNsdXN0ZXIubG9jYWyHBAoXFQ6HBAoXFg6HBH8AAAGHBApgAAIwDQYJ - KoZIhvcNAQELBQADggEBAGnznVgVw+q9BckCkuNmTBDa/xecQVpIwSqJd4XqUE5t - mNzQD8EUqlwUfS5/jlJWA9iKE5I9jU9qrzBaOhnx1AUOchdEm/fYsOnf0P9Ov2k5 - vNuRbaSbxZVYby1c8eKili0pbb7xMNsW5tVZ5Jmke6XeNWTNNehLd8u7PRE2PPaF - kEOLOO1KCqNFSznChQ90cxQHYNAa2T8QFAqoAJv9m1rUalUaAu+1lOWmCBoQ9xTB - MD/4GaSqIia7teWGnMCLm/G3RbRr9hBegAnzf3a5rUlIiU23uqr6SQunI3JgSww2 - 2yLXqQE1g5qgq6vb2uMfZt+CXry0sU3ai/pTp7tksKQ= - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubernetes-etcd-cab23-r720-14-peer - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIIDSTCCAjGgAwIBAgIUF4JBio3TfoajkfyZLtvnKS10Oi4wDQYJKoZIhvcNAQEL - BQAwKzETMBEGA1UEChMKS3ViZXJuZXRlczEUMBIGA1UEAxMLY2FsaWNvLWV0Y2Qw - HhcNMTgwODIwMjM0MzAwWhcNMTkwODIwMjM0MzAwWjARMQ8wDQYDVQQDEwZhbmNo - b3IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSlTthgprd1wekZkaD - XIrNge3wwRNFTbei85TcHLg3HlmCL4JvizZL7LmUEGzOgNieavEsK3SFXv/wC2qD - xxkIO3UpUYQAqQxOLztiNWzdsU2N6+I23YhOgKyelcB7lxWXs7VPMrP5ca26K4PB - 4+HlMlda/6fxxe69s86ZxTdrL4pnZdr04BTG/7+J0SZeyKk5MULJILaY4bHPwLxP - CUquaaNCSb1sN2OyALOo/7uikZd6Z49NkY28Bb2+lZxZ5tRWLmFysm21riJOkU3K - XozcfpXap4r3ZPuuNfWycOLWLX5U/kqguCGqlftrld0lxJ/w+sc1NwVeTYd0dK0b - 7kjTAgMBAAGjfzB9MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcD - AQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUbuvIOKn+nyosnOzZ - KA+PtBPtio4wHwYDVR0jBBgwFoAU8vuH+Tuf6GAkvNlrVY25DEuYOXswDQYJKoZI - hvcNAQELBQADggEBAEspxLuB2V5GbQyIy2JNbkvTCLpXjBiH1zO8g5WUcCsZ/BhU - KTBXnbivfRspFojR/z7lFsW7vnxUEjihU60B7azfVHwRl5k4dTMLwiAqETU+toGH - ss/h8xoN2E+VuxDBJXn9hsVqamPsdys4QQ3dMhOa2eS37NVphuHUgDJ1PMpsYevg - D/gVv2tmWyiUa75igmGQnTFv6Q0l9q8ccjDoAGvnMvIg+Oy6zzO+PGKuZ2Wnc20W - VH+LpJEFfC1+m1bB8mLx2SFPKM3SFeuN5NZH/ibw/jbzTXu9P2K0psDg7HrMEv5g - OfII0DI6yIDNHPMVpcPuvo49LttJYZBQnpd9Uqs= - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: calico-etcd-anchor - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIIDmzCCAoOgAwIBAgIUGIV+l61X/C4dmuy3OSuRtWMEkDcwDQYJKoZIhvcNAQEL - BQAwKzETMBEGA1UEChMKS3ViZXJuZXRlczEUMBIGA1UEAxMLY2FsaWNvLWV0Y2Qw - HhcNMTgwODIwMjM0MzAwWhcNMTkwODIwMjM0MzAwWjAkMSIwIAYDVQQDExljYWxp - Y28tZXRjZC1jYWIyMy1yNzIwLTExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB - CgKCAQEA3gZMISoYPUGKGNNXxxN7Jb3QX/0nSqfOY1fmmE6oXXt5w8p9CrALCubl - UMwOGZlwc0J3asrPRtctXGUHbK0GS3f1+OU1STFAVy8l+bIOfj414ub12q3Xic5z - /Vo2ocw3x/cbo7BBzYpOrPl1uu93liDZyn5eptbbJ36ZoMgbd5jPPDiowSiJ1FQT - 0xi2c99+u9MFFLDYvb68EmdeRkE8CpLRRKeJruTrQgRZe53kuXK/vp5ijb5xZpdR - Wjr1VuVNRPvIJH5tzxFc9UprZhCCri9bAhlA0R7fV598BER/0D73fjrfVdlGJ2Qx - c3EXXN+LQ8BsxAkiOn0FPgPSxoKEiQIDAQABo4G9MIG6MA4GA1UdDwEB/wQEAwIF - oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAd - BgNVHQ4EFgQU3Sr0OSP0HbhyZR9cIK+hiJDo+CUwHwYDVR0jBBgwFoAU8vuH+Tuf - 6GAkvNlrVY25DEuYOXswOwYDVR0RBDQwMoINY2FiMjMtcjcyMC0xMYIJbG9jYWxo - b3N0hwQKFxULhwQKFxYLhwR/AAABhwQKYOiIMA0GCSqGSIb3DQEBCwUAA4IBAQAm - IxnWzM0ZaCjnfvP9tPISwltF2RNKBtrSA3SWKckS3Xt5SfhLabqwzc5xhpavBHCY - Sngar1L0ImAnSl8uQyo6pEZCk9y9Cx/aXI6H+T8nW6rDzCUIz72l2s5ggWpkXnRy - sxS5C43gyCPi6LD+BHaXS+fI9drI0avjJaP7GeM8vZ4UC1vM3y55vyWYiotI0m1U - EhX5/LNdDLctgGnYxl0ToGWYBFiwy4J542CUyF6ppF3anJRRTNyXfaAbKYEt1Gwo - okxxTHNvTbPFiSUESztKhhFVZc2HRwhTrOGM980N4th9SbNcJSmpdgNMD/dEA4CJ - gqaXdbwIVm/8DnV2w2Da - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: calico-etcd-cab23-r720-11 - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIIDmzCCAoOgAwIBAgIUFb9OtcajcngNishv5LOV+QATwJswDQYJKoZIhvcNAQEL - BQAwKzETMBEGA1UEChMKS3ViZXJuZXRlczEUMBIGA1UEAxMLY2FsaWNvLWV0Y2Qw - HhcNMTgwODIwMjM0MzAwWhcNMTkwODIwMjM0MzAwWjAkMSIwIAYDVQQDExljYWxp - Y28tZXRjZC1jYWIyMy1yNzIwLTEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB - CgKCAQEApjnULGO9t49RjtD33k1jE9WDfN/UN1+LfWFafBgzyw4mMIum/ne7a8qF - CThdM9Z3KuM6OM/rWsNMfTLOg8bKEaNnYzu0Vo97yTk+XqivgBQGBdWpukgTHgGy - PnB2nz5yu5+4+Va3MIehUKbH5DIusFKvPSWoVk9H/GhLYrIqkfPcGctPW4Hvviwq - II/Q8NHYtIoaE3CnunVRC59IAGDWUgyuB0ccoSLcKbDWgorktVPBeE58vZLxNm3Y - ZB3dvGkCw4CGkUJ77Tqe4dRly8jz7JzKF1WgLuk25Z/S2YTIX033b2s9J1vIeFvL - 2e/c4bbewONdEBG6wzqmE7t1sfk+hQIDAQABo4G9MIG6MA4GA1UdDwEB/wQEAwIF - oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAd - BgNVHQ4EFgQU9EWom2dlaX7FPeivFbBUKAef0GkwHwYDVR0jBBgwFoAU8vuH+Tuf - 6GAkvNlrVY25DEuYOXswOwYDVR0RBDQwMoINY2FiMjMtcjcyMC0xMoIJbG9jYWxo - b3N0hwQKFxUMhwQKFxYMhwR/AAABhwQKYOiIMA0GCSqGSIb3DQEBCwUAA4IBAQAS - W5+GtNrnYWY+o/YFB9hN50wUQJSarBHXxcH++eKrLMgqCWYoPQXLHnDzFmgl4TcK - J/6AEjofznb9Dnjek06Lvk4NvkaVk/cjQmAhOrZ1DuEzzPl//kV/Fi1a6R8tureM - SFsPZF7nLOqNNQ2ppvzwnxxMY4JKokcv1Q4XlK3w3cC1xrfizOlgaUJoZjfKXoal - 1yXLhfFB8RfOtBzNiKpU27tT7/v8rYQtnsCwd+ilAdcQg+WV2xzrvy8ndVfclSnK - FVL75ztSraPeIFJEPmBEP42MhodHkkr6QIVN8LhsqLJLAzJ08Xmn7WUYqvxHzMox - GPqg3xx+jfE63J0cOg/M - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: calico-etcd-cab23-r720-12 - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIIDmzCCAoOgAwIBAgIUB3Gqls8WVWB8MTJQ7RV8De5J/sswDQYJKoZIhvcNAQEL - BQAwKzETMBEGA1UEChMKS3ViZXJuZXRlczEUMBIGA1UEAxMLY2FsaWNvLWV0Y2Qw - HhcNMTgwODIwMjM0MzAwWhcNMTkwODIwMjM0MzAwWjAkMSIwIAYDVQQDExljYWxp - Y28tZXRjZC1jYWIyMy1yNzIwLTEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB - CgKCAQEA7qqRo+CTz0VfZwECaxljOXKSocasTJ4LiUiyEs8KFsUmXZ8U40OZNRDy - 6lMj3UrTsuYb0ETo1ZBbDzmzhDuEJtrGDMMFYDy8WaDyt5ogsJe4RtGHnTGWId3w - ZagU/O7bY3fGRk+0lCisKlNdFjdSu7o7Cr3ktorsRVZTAi6v0bKzcphG2FZrv2MB - v+tBo7Wv8jCaWTCW3BAl3CHLbmXLOl4z348X8/b3gIL7ZOKlU3YuITqjcmwLakRE - 2l6iYgTyFYiU7u8ayBM9o7Cu+0xrzDtlSBCFeicqiKtfd7+FFHQrFcPkKHS62+rS - lA2MpwS4DpLCu+6Q7LgFtJrrgE1VOwIDAQABo4G9MIG6MA4GA1UdDwEB/wQEAwIF - oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAd - BgNVHQ4EFgQUqkG3vzyHafavr43HYS2IuavXme0wHwYDVR0jBBgwFoAU8vuH+Tuf - 6GAkvNlrVY25DEuYOXswOwYDVR0RBDQwMoINY2FiMjMtcjcyMC0xM4IJbG9jYWxo - b3N0hwQKFxUNhwQKFxYNhwR/AAABhwQKYOiIMA0GCSqGSIb3DQEBCwUAA4IBAQCS - /fjOtyHhUKjt/bM7rjJDEHRCZbBa6Crm9gc0xiCMSFdmcNaykmBQbjAiMKNiXBGT - y7TBmRrgTQPwuistOjmLdcZRDTNt6nq99HXsCtuEgj4yYRoV5CvSCbavnIsTWBw3 - nD8rnhAwJ36fkd5WmDScfGJCEFbRzZt3fU8Jh4QRfxPo8zdw0zRYk+DrudAl+8te - mUIXSXhLpb+rce3dSySj2pQnbVewpX2njiq4PC+kkWf7/lIacqfsoKPEkvfDvlWC - Ycamy+Fn4ShIqDVOZI9t4ZbXfY/FhWDUpsJFpQfqygdhxNTGeciqICwwJ20JQxhV - gB1V+8wQ7jrTcffaY3S3 - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: calico-etcd-cab23-r720-13 - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIIDmzCCAoOgAwIBAgIULb78kNXKxBQESfNKmX5f1Dkn7IAwDQYJKoZIhvcNAQEL - BQAwKzETMBEGA1UEChMKS3ViZXJuZXRlczEUMBIGA1UEAxMLY2FsaWNvLWV0Y2Qw - HhcNMTgwODIwMjM0MzAwWhcNMTkwODIwMjM0MzAwWjAkMSIwIAYDVQQDExljYWxp - Y28tZXRjZC1jYWIyMy1yNzIwLTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB - CgKCAQEA5fiBi4ruD9DkkMIJJ/jzy6urUy0nCD0K2nzi3Gb75T9B7tZhd0AnXF2J - WW/tk4b8nmrscM5DKJDixOMJ05js+6RGyZ7vKL2Pq9AeqVj3UWTi4YoeeV7SUxt8 - 9ZAXmr7Z2IX14DifvuMbekFNfa3T4Kz61JlfkwQpYRxEi4X6se1t/CrhjwcccR7G - KQxgL0NmX6z6KI6jaTKKfBwQWPs384ZkYG+eiqPu63j3PLW17xQ5abuZ43rEQLHY - fq8+uIHItVab9bXKC4LypEs7kfhi3xWiJMFC6NdM9O0YDYyspXXDUBEEtstsAAhS - H6fL2CwsypjGHvEgi7AXtnedqdgGGQIDAQABo4G9MIG6MA4GA1UdDwEB/wQEAwIF - oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAd - BgNVHQ4EFgQU9T+pH6iYmK3RQ1XZCA6pQQzQoWwwHwYDVR0jBBgwFoAU8vuH+Tuf - 6GAkvNlrVY25DEuYOXswOwYDVR0RBDQwMoINY2FiMjMtcjcyMC0xNIIJbG9jYWxo - b3N0hwQKFxUOhwQKFxYOhwR/AAABhwQKYOiIMA0GCSqGSIb3DQEBCwUAA4IBAQAF - 9dw0unYs+fXtnfMnoxDbHQOM9/PvryNQGbNYBj+lUkR4VmG6E5hO2PdnxW6g4SG3 - pT5ZGCzpsJYGEdWuGGy8J5OHUehDYqIE7o60pXU8Nq4BdYRvwJhzV09sF5/3TrI7 - gDpKYbkRHoJLSUFTkbn9MsvHEioYDf1Vg9553ViOFWOcZSZUxqTJKCpTbRWJlUf+ - +HoSfMfFN1vcFnNMHGelAdDJ7S754omqyjb9iMiwX+A7wXEfEeoBGsL5yx8ZggjU - ZQh0LD7xsJzK7AXA2eek3IstvQUq2x0S7+XhRBv5UyST491iry7cblvRbz/vR+5N - MHGzukAVu/e2/W+FKXfw - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: calico-etcd-cab23-r720-14 - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIIDTzCCAjegAwIBAgIUMhGorPD2GdueaYnEJTPT+UjVG7AwDQYJKoZIhvcNAQEL - BQAwKzETMBEGA1UEChMKS3ViZXJuZXRlczEUMBIGA1UEAxMLY2FsaWNvLWV0Y2Qw - HhcNMTgwODIwMjM0MzAwWhcNMTkwODIwMjM0MzAwWjAXMRUwEwYDVQQDEwxjYWxj - aWNvLW5vZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUFwU/K/O0 - X+4T9/R9tyol3mgT0Ovh909wyqP36L0ZHaVzOhTjYL3i4o6nJvJb6+jJdgjh50Fb - IxXnDWdZGdtZ20OJzvgjAIvpiEy8M9+QSxjAvkX0CkIJgwyZppjJlgHLpbnha1mW - V7tApu/rNDWtH3Bp13zorgBniMOxhh1gdjTUh1OEcK3BsH0KJvb/FoH/DxHX+gZE - ywBAojAh1k24Ii8ADPvc/6X10HtHYqP+svbu22bssK9CNMTRJV9kKg/K75XrMKh8 - +/3QcKXN6CO+sRLcAgRRE7FmHBxq2pp68aGHIiqYLp0FOPC39PXVrmIgdvkYuSej - ne+1F+zvkSmpAgMBAAGjfzB9MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr - BgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU7wdpGoJq - uWefd5h5DGld/AeElB8wHwYDVR0jBBgwFoAU8vuH+Tuf6GAkvNlrVY25DEuYOXsw - DQYJKoZIhvcNAQELBQADggEBABLzGwaacGbF1EioZFTemH572oRQCDFVfxcvUsAQ - hH4wVS4LBWq/DRBEHRy0eahIvXcflDO7JXaVryISi4kBCErA5ckLc6lonrX4gG4N - 5z8NhwunpA3i6+kUY1GmuQM3Qqamye5c6VjiKN06GAAHjThcqk+18xTzeCP760o5 - 3FSfPJFudUmVNAe5sX8wml1vb5IkYSySUhQNrrzSStGxVkGVGag0ClzQX4AozLfS - v7NahVJ6cofbWP/UjXsp9LX86doCCLL4r45rTCUDoGJ3PcrCsFLkg1SoJclCZ4hO - eVITmfRdeHsRYfZwEoIEzi5bgpNLORkBsHA1gF1yHiSboJA= - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: calico-node - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIIDpTCCAo2gAwIBAgIUbfCuuzB4Pe1LTQ3Pskfs9Y8o8+QwDQYJKoZIhvcNAQEL - BQAwMDETMBEGA1UEChMKS3ViZXJuZXRlczEZMBcGA1UEAxMQY2FsaWNvLWV0Y2Qt - cGVlcjAeFw0xODA4MjAyMzQzMDBaFw0xOTA4MjAyMzQzMDBaMCkxJzAlBgNVBAMT - HmNhbGljby1ldGNkLWNhYjIzLXI3MjAtMTEtcGVlcjCCASIwDQYJKoZIhvcNAQEB - BQADggEPADCCAQoCggEBALq3J5Ng7EC0667Ta3R7DbDAfweUy1Pt+UD8pJy8qpfY - mTR7LvfBMPKyQOsGKp6tcmUeqRsL3pcX5EXFjK8PaxMmoWEFNrL9jWMYXa0BZV2t - RWauAyjFXH17wDGT1Yqqz4efdiyEoHpqdeGx29HmRdUQRsY2b5DWnFJpZKZ4WVnN - GhWp+DgOo38YrNqg4ksqOY4JNmEq0AH0sjYKQKeeDop69JiLbFkeJVcXrugsbWT9 - qElJKs/fSqXV/VVWBK+OIptEpduW39bBmpgnyRJLKeHN07Juzs9Kg3pq5VDVjya4 - +CvKmyfZnl8FfHM/7U47aXbxXu6Fcb/UF4t/zJD5GaMCAwEAAaOBvTCBujAOBgNV - HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1Ud - EwEB/wQCMAAwHQYDVR0OBBYEFBV4PR9yIeXI73RNuQFPFtkFDwXNMB8GA1UdIwQY - MBaAFEt8pjwm7JWWYSbhrpUHrlfTHlphMDsGA1UdEQQ0MDKCDWNhYjIzLXI3MjAt - MTGCCWxvY2FsaG9zdIcEChcVC4cEChcWC4cEfwAAAYcECmDoiDANBgkqhkiG9w0B - AQsFAAOCAQEAbulfprS3spW8OdeIjYTMV6+Hgop7xW2ZFHjjXkMoUAK/1mOhcbmS - vVUasb+v7Juj75kiCLPAZgdo2aIdg3FQRhpHyPp4ki99m6fIqoWPpSAzsKEFtxO6 - zFsgpnoUQRzUsWb8FPBwWznms7gfm/04Mv+8mcpZw0eDR3aJrYqoDlDSlrL1kKg3 - VGgrkobxxufBLT1PCR+ZsmbrzAtJl+3XgRNESiS7/XhIT4jeZezlOHKGxGbxSNxw - OL9XtWmrg1lpw7TfzODUZm45pjr+UZTKREIN4Ogw6DLNQz0p4M6OYOQFJAd7cc3R - 1d830c3UQu+7YyYfcfehmE9rpgHix52hcQ== - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: calico-etcd-cab23-r720-11-peer - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIIDpTCCAo2gAwIBAgIUGpWyiTwfzPI0ek24/GJQPcnaGBowDQYJKoZIhvcNAQEL - BQAwMDETMBEGA1UEChMKS3ViZXJuZXRlczEZMBcGA1UEAxMQY2FsaWNvLWV0Y2Qt - cGVlcjAeFw0xODA4MjAyMzQzMDBaFw0xOTA4MjAyMzQzMDBaMCkxJzAlBgNVBAMT - HmNhbGljby1ldGNkLWNhYjIzLXI3MjAtMTItcGVlcjCCASIwDQYJKoZIhvcNAQEB - BQADggEPADCCAQoCggEBAMO5C7zxX11lixThzBLqK3gtMiHMIDEB/I36qqQ6jFtW - phAUAOQzBLZf1W7679/xAT0auJ00nkF2VIjoBfQafvKksQJ9Y/2Xw0H+/nbQ6+g3 - 9FTA5cG3mW7VKGR4ITHHFBWXmQGecL80+4rMxTYsplgXR54S2G104oJwHmXhdCsM - Yn+VMm24zxXLjNZO5Py+uHzMW7sVfGZoK8klllS0IGp03jS4KLo3sx5IF64O2GH9 - OG8e45KOQe6Z14YTBFisjTswSlNcyenlQX71mXL+dITX9ZQtnuYzaPNaT9ze/hPC - cufofK0fmCVX8btZuSinyZZegCiA+oOUrMouqfUPSsUCAwEAAaOBvTCBujAOBgNV - HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1Ud - EwEB/wQCMAAwHQYDVR0OBBYEFPiJ7mhmVtYse4a1RNPKfKzbOTC2MB8GA1UdIwQY - MBaAFEt8pjwm7JWWYSbhrpUHrlfTHlphMDsGA1UdEQQ0MDKCDWNhYjIzLXI3MjAt - MTKCCWxvY2FsaG9zdIcEChcVDIcEChcWDIcEfwAAAYcECmDoiDANBgkqhkiG9w0B - AQsFAAOCAQEAQPYErYGdJH30Ls4SEL6V3hnxKk09izMzBL1VmKtiWo2gnizPUzSi - ex+4VsSoHW1xOgU6I7Pshp6uIJSGh2dYpAinYkdmxcEREjDxGe3TOCnhRDltqD13 - LwESCNymvXNLgxJp0+dkrx6r97rTaaeS79fJpjr/ROXOnhp8pFVu5NJ4bCAPmIJh - RB7ZLqNexNSwwwRaJcnOYKWpq+nZcR6RRQdcFcAs+Jxmy/2fm+wwuen0iIccIuHC - EslQ8dUcaTdwRMubVcCc5OlEXcdkXP9k0jjITd/B6SCISvcT9SZmHouX3pKtjKBW - s1kP9qWNQ+EUpRVr3FojxAsPiDj4RxPb0w== - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: calico-etcd-cab23-r720-12-peer - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIIDpTCCAo2gAwIBAgIUd+FMs/P3piVhkMLoxxDYI7zB+ukwDQYJKoZIhvcNAQEL - BQAwMDETMBEGA1UEChMKS3ViZXJuZXRlczEZMBcGA1UEAxMQY2FsaWNvLWV0Y2Qt - cGVlcjAeFw0xODA4MjAyMzQzMDBaFw0xOTA4MjAyMzQzMDBaMCkxJzAlBgNVBAMT - HmNhbGljby1ldGNkLWNhYjIzLXI3MjAtMTMtcGVlcjCCASIwDQYJKoZIhvcNAQEB - BQADggEPADCCAQoCggEBAJzH9c5wHgQgzcUaYjAPEyTTRhf/jH0feZNdz3MY5xw6 - ylyLBthr7qfjEkIywgUjUUj5LA8gKFpqeqU4ejee7a/KopmqiMrf9DnjlU9sf6t6 - Ci5CgURnDbUdqm2ePbfGRUvvUD5g0CzJe849jeZIXXMjIpjT1XnStr2ufLGWr9Dh - 8oNlz887DNhuRiDsd6AaIv5zv6Gy3GlARzfJWXhTKZ0sfpEq8IyvQbAZ7KXubKUm - cns30UQ1gmzXJsavV/YqrIBBRSYxqDDMlmELDmrOg3Q9bQL1f3eYSFkkCE2ubuxO - cIrmLpGMO1YiwexUFjBQ/30+VA0JK0ypjIdbG1qXuu0CAwEAAaOBvTCBujAOBgNV - HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1Ud - EwEB/wQCMAAwHQYDVR0OBBYEFCAuHTuZgMXSFEmPOTyCp76Hu6MaMB8GA1UdIwQY - MBaAFEt8pjwm7JWWYSbhrpUHrlfTHlphMDsGA1UdEQQ0MDKCDWNhYjIzLXI3MjAt - MTOCCWxvY2FsaG9zdIcEChcVDYcEChcWDYcEfwAAAYcECmDoiDANBgkqhkiG9w0B - AQsFAAOCAQEAkxVOj5i21py4hoiCMbFJy+wZr2iMTHjwdeM55e49f/xDN/GSMU1C - d40kfAj3BG/WQD1S3wKI1z0WvPsxQnTns8KHKrStni+vy9M79yWcvgr62ae6GhfH - E/DgBxOFm+uGt5iPB3O4GcDncsry6AP1Awbi/XsAOHNkv2c3sl6uOH9B3U5wo8rb - 6iEg+thkIrKTNxd1ErT0KSFkAr1+oYhw41LPSjEGykI6NmPLpszgyALOZAIG8/MH - 4m5WlTdGszEvLGHyTR9UGIpXG3o7eu8+nN9Edzt4CugREmaStz8dNhvkmZBC4ROY - AIxRnNa+cTbN2Qlz+y9ah9/f8VqvuNiMEg== - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: calico-etcd-cab23-r720-13-peer - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIIDpTCCAo2gAwIBAgIUQyouqBJjNbpLH4WSz+SG2Iel350wDQYJKoZIhvcNAQEL - BQAwMDETMBEGA1UEChMKS3ViZXJuZXRlczEZMBcGA1UEAxMQY2FsaWNvLWV0Y2Qt - cGVlcjAeFw0xODA4MjAyMzQzMDBaFw0xOTA4MjAyMzQzMDBaMCkxJzAlBgNVBAMT - HmNhbGljby1ldGNkLWNhYjIzLXI3MjAtMTQtcGVlcjCCASIwDQYJKoZIhvcNAQEB - BQADggEPADCCAQoCggEBANKWus3FABiJCZNbXZ/zoxYwoSCqeYZ4K1XSbp4N10JY - yv4yweyI+sGh0M0fvX3YUjgXqDtFoIJteCe+nLnErhwuhX3yY+Yeci/ZUrn+F0NP - 5KJ0XlehTl7S8uiIl7nhfwYuvUgW1CFjeMBqI+I6ovj9zI9D5zk6tf/rQf6ZIfB5 - Bb7fmZXmWX4nx86UevofGGTKIGajITRMOugM3aRL038tAd7oHH5FNa8UOMhUB+lF - 0YYx6OOXNRriHIANYYYPnUtCcPXmsCUvDnLTN0Ka7iqETbga+9WurXxDEdSr83lu - htRWvgHCHRk1uUmxOWJGY+ASxqtqkWBZBHkNMHOHUskCAwEAAaOBvTCBujAOBgNV - HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1Ud - EwEB/wQCMAAwHQYDVR0OBBYEFGxndUTeXVH/wHeR2LW0SXIcHCIfMB8GA1UdIwQY - MBaAFEt8pjwm7JWWYSbhrpUHrlfTHlphMDsGA1UdEQQ0MDKCDWNhYjIzLXI3MjAt - MTSCCWxvY2FsaG9zdIcEChcVDocEChcWDocEfwAAAYcECmDoiDANBgkqhkiG9w0B - AQsFAAOCAQEAkXpwJIbr27QBTsPMcuGNRFFjejJmefxO6TP93PV/UusnXAlFMZVZ - lOPj6C6fzY4yLVB7i7ctJjYhGp6UUYULzmCeAjZsSRId3HSyOgUDol1BeblCL5OG - u0Th/SX5LELJK8N7L3DGVIYHuJBwkPVSAg4CNjT9kuhhnu1ld1fkgCb3suLg9m/f - Pc5u99E2LzfuVgJZB4whJWja7aJ1VgEk/bzsCIK1shxGBBPv21NQFKPdg0RGp4if - hRZo+BWonZhRLgfr76Mo+tqXUdeYmIjqa4gH2e2wpSJtUc6CnrJLqHVRg+18WGz7 - KqW2r2YUTk2R+4AdJP2m/mUGFMTrduRERQ== - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: calico-etcd-cab23-r720-14-peer - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN CERTIFICATE----- - MIIDWTCCAkGgAwIBAgIUT1UJXPl56W5pfCKaC7hPjRXbkPowDQYJKoZIhvcNAQEL - BQAwMDETMBEGA1UEChMKS3ViZXJuZXRlczEZMBcGA1UEAxMQY2FsaWNvLWV0Y2Qt - cGVlcjAeFw0xODA4MjAyMzQzMDBaFw0xOTA4MjAyMzQzMDBaMBwxGjAYBgNVBAMT - EWNhbGNpY28tbm9kZS1wZWVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC - AQEAwGcNR8v6cTFxIF0ZJ/HvovjqnvcYgBp3j9RkSl2EWV0tGytoPe9i3QSImqbF - rmeta5lFHf5LTetbUWn8m+vHZS6dExHESysDtVH39DHaXwuPZwN4VnuCl4w38XhH - wkgvfF7Tne3Vx/iakEmk8zmyUdcbBat2hj2gWFFL2uQwUqJ3Qeagw2wREaRd1wdE - MweklH3EkRTu4JEMEvxuGGppJUfj5i12uv/1lwVuk7WFMX3laCm+26mgdoqGQ1jZ - TYJDv4vDC6RvhSDyYdV7f3wtHFn6frJwWTiriszaJdySIXiQX8iifEKt100wOQH1 - 5hIJfc1U7C92bMJ+DhI2wnNBGwIDAQABo38wfTAOBgNVHQ8BAf8EBAMCBaAwHQYD - VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O - BBYEFABa6Hqh29OxXGpp19Od2TiSyGrIMB8GA1UdIwQYMBaAFEt8pjwm7JWWYSbh - rpUHrlfTHlphMA0GCSqGSIb3DQEBCwUAA4IBAQCD4xsFhmigJ6KkkJ/ANREHFOcC - k0WusFQylK9c3/HWVhkVMW/UlvUBi1ZyJD8bk6H6qfBvi7ACuUWZHTrAWo89cv0t - z7VA39mD+yY048Yv5c80cnCogxhQtM4MXiggMAbrTgTzHExxRRDS2Mai4Uz7V2Jb - calUCe/YEeDDZUJu1Z16qSQ5lqXmVomkhMnqI0yTNoYbYkfI9c/gOqz5HLPOti5O - Cj3AKM/VqoLWHCSdck2CLqPT4ayDRQEuaYWLznOyRWmcJy72a4WZOHeyFI5O5t9h - lT8EGbgF7FS5++Te5Qpalti99sPkBfiwZB0FE/NCH+pWg16186czTuRwbZEF - -----END CERTIFICATE----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: calico-node-peer - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/Certificate/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEowIBAAKCAQEA73TXkNg4A/nHn0TsmUsWmvpE0jxUZFc+RMCio5h526Vhb4Qu - kO6TIqVZ49wfPEuv8GVdZtJV+WkaUmgFD2G8wiZGKIWs0CaEbSp9u8ycmW2W1tdJ - NDbKra4syqyAAWpphWxZz4GpVgPsO68BNeHb1ObV9aywwq0tPbKO3Lyhlv3kNB/c - 3m0vSTSqpAzonvK6m27t/wUH7aJTuZaeGRE56MPsRFK9a4ftnZqdyisUdSQJa49V - z/L8tG2SHqV2shecEnGddq+1Gr6xoLe0r4qAdAI8anRN3zPDJCZjfV0nm2xlzjth - PidS5TU5CI3Q7at7X12KlFIwdr1V8zp4XzkTLQIDAQABAoIBABgI0EI3kZfEkGbK - Ej1orgIsMJAxgf74SsW32Bs3iLOlK9x3lfzyFU6a7iTSyUfSCPzGD9PsNLjt9bhj - vG5IzxtloBEdKbVSyGP0qd4ZsXYs68DwpuZYwYshOlm1aru5pJHByFntl8OMbT+o - VyTDYL9D1CHujWdc3nec3n4FaOqwq2uqy1rXF3EtvJE3GmJ0wu/82WVn/tvu/dc9 - Kv4XBgmhG0LWTyyqKKUDb7/cE7+qomLQeEIHgLn7E/43qxYhiM1kT7C50sX4wXy/ - T1tPm8r0EzPR1rWK4EH/g0A1k0AKxagkCA4BdwLBrMbx1rSITi4xwUIFhhv2dpg4 - +fIdjgECgYEA+5Hx6voY/DsgVkYPcmMs8lPsTih6ZTaj7ei10aBheh8Yc6o5nd+Y - 7dnYEnwqQs+8S5inAQ6UjghSS5VHIzRYD7QrHQD39W4bPPGViMa5qwDZ25HWl/Ap - u+tkEKZvWOtWLsQGkn6FQh5ScwSdxU8K0VyRqcXF9e8+0FUq2Hgtm0ECgYEA86xK - KMerDXM4JMXVyA4xw2ylXOPMFa4gV7gCah3aKhXTcZlWJUS9hdRCAi+7Z7jtTf8B - vdA+pWkZGN/vNF1sJoYVbGpzWd+3ewITJTECXzI/kS+YZbWw1jq2wWBakG8/ymya - JDXOPIL8oggJ+mdTRKZolO0bSN71brUKA5EiWO0CgYAxT4Qp2Of42OYXwxfYBhST - U1voXgrPuAwd4BVzh4pT07CJS36LsX5acO7ngKsP+YQhFUT28hKwXHU1F4egIOx5 - 94jT4JK56uEv6vKyorFWEY6ieU2k7pBfo14z3UvKFCcKd6YKJP6d3S+wF+GNAVdP - fmOW8YtCD6kyUN9bGwNlgQKBgQDhTy+LIYSCfUUui1cvEiDlaDJG/8MXUNhLA7QH - 1u6A94l5gqTq9PKhKjCWwPfx4kZaVi6QClvCqrkwDO+rZa64uEZa5tseAQQw0yxM - uVJOH7IzVuT9NtD6ZXPSvns/Df7X9y9XyACYZy2dzP0c8ilGUvBktBEEglRCN1e5 - EJvHyQKBgAh6ITrOmsOmLYgdGrvEq6IAojdJ0ab6Fv76r8PoW8H2aSy/7u1XD2Iv - IViMkTwg2czlfMQ8nFIkzn5dZQwCPm0luCzX4C/bFv4MBGg2gW4sCKpXB1YmlSXm - XtlpL4MQsa7EbrBQvP6KI++j992WuM1Fb/LlyeSHNqqTy89Syfz8 - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: apiserver - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEpAIBAAKCAQEAuvQWWgNqV6uCMfn5SfkdGq48NlB35AeKKVnHj+Gz1xeoH0W2 - acwDHvIV7QnB4RkvRp6fsz6it6f/PhcnP8ezXXuyT+bFCCUm6e4CldVnMO0JtHaO - j+j70qtGPDsbncyeNq9PYuJ/kL9b2xAuoe3xs3/KcRZKRGQuI3+a7L+SZaDrO2x1 - a3kCkOAjQEXvKySwzOUAHtSiaXh+Wx4AhcW/NjtmQfq8RLvCVAnfKG6DOiU22KdR - ZQ1NP5N3aw4if7Y/JUt/ekjceM6vOvj/4HTJhInKYQLzt1N+0KBOwAWGpiLiMBg+ - GAA1hGXRTduerks0uGCcq1VP3ayxhANHZVdGKQIDAQABAoIBAGtTKu273jW8MP7t - yW3tBAdIFSr9IQaYSXmZn9X6tVp6qzpgs+qigvwl7+5nVpUZ9yjscTPedl1GpWII - urCDvXWiSGhUS7J0WZWb3IIVw6qzuYmPMiJtlvuG9cgoCp+ZUw6Dr+hNrPv0zw/A - h3TQe5wXdalcKYB/nnkkjVTyWWHbdxqITEPkKmXAyAe142CFfk+raKUfoRzRv3Vs - 1kjpKoRL7wRjovdiipVDSCkPovZKUxwvQCz8ld2IZMPkJzmXcAT4G3GtVa8EZDM1 - L+3cMYVyNO6IMcx6I+HCK/ny20aytEJ483AvW2OSqleinM8wnFzVXhKfbc4S2GzA - Nf5xzx0CgYEA0MvgGp05jKpTDVH+o+6hGqRse23eGvui3B1K+4mitRzuFzcPsKD8 - 9Pb6tcmL14VUNBIBdyhM5ti7STXkfggsutgvqM7xS/dZaAVdvw9oiSrUWKSNC7JG - qB/Tz+aMkQbg34EiM9R4uezTOH6nSNmsa5xoHe/zw2mihHrS2LfbLkMCgYEA5TgM - nHrdTkzCDVxaXaqkrV+YPq87muuiXi7oOwiXsnSnc1ywOC5Fh0zrlCtbhAtU8AiI - K2JlFHFLTtwbn+xiPOn9KyWR78AlZMUs8mxiLJDaYey1l8BFr8ABk/nnNXMt7l8K - 5yANgQ5zd7RF6+bcH36G1fo1gE3ZbRoBVZlkkSMCgYEAxr0H9s0odge5PbiKFCeT - GPTgfSu6eRyDi9gmAv6i7Jk41sgGGy1hGRns0ROiE+ZIm7d3xZ+Kc0BgI/M0JfJK - AR69XoR7kL9DToutC6ry6Xzm2ejmh/eM4YJJ7l2X9oMBkDwt/f+DWhVdhyymteTb - BSK+x6AZ+iqWEluGTdnSulkCgYBqe6A4LUeTsUrQhB+itbwsomUKccNB08co86eE - jRhTmaeUivF+F9jK4uvpeD7aV51MqNoBNYN5fKwcZVob7+cvHxAyNBDYjK2SY5re - v4TX6S7aIOm3JmX5IDxbbtN+3BPxUYuyFQzQ8FKpwEBfN2743oFq9AJYqVGhQlxu - VIUIewKBgQDPkVEdOw18HfwSM0BPZJYsSPn61ijoFGJruO2xHtDSTtrYezrvA386 - hAy9ezPVj6NiT9agbHdnNVlKflW4B7GbT6wgYp4Mi81j4WWmQvXuruU07IMExlYc - QnCkn4BoQUst+rBSR+xX+DJiVJW7CVPEto3YnHeX1EBapsPswyuQtQ== - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubelet-genesis - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEowIBAAKCAQEAu9dXP+k6eAfX/wj7EzOUCCPrmMfW/t1db5MnHtHu8wDbqWVx - I6i4H3V1S4E3g1P05likijkhskXNyPJu3svDyJqj7f2Xyt/nmVWJafUoPs464grE - KjhCo1hYrT9vViAPpEvNyhYMqIi3ulBjClfFWD+A/rUGeKDbnEXQJ2emvwgCYtiY - D9QLYm9GFj4aHfrTQ8sXH3/Fkh0BqyzdH9YUVvPuwtn8SNt7O2Da0anR0O9IL3qk - 789XEKJi09If+19bLl2wP6d+UX7y4Ld0Yd4ukBc72ZdwRypgcQZSd8ndOKxCLWyi - lR+tTJSTpr+T2zvPAbMjZqvvrdCk8xNUhAEFOQIDAQABAoIBAGZMxOu9rWYpf20a - CwNOF9THG0w9qc1r6bMWRTv3wVb+pKMA6DkvbfdUFOlmGkGfu8SnihTtQHjCo2xI - /DDCcIIUFitK7RxEDPHpL8lRBvYNguwQSP1lXoVvW/wejBgvpdUoo47nq0UuEEGb - /hRn8MY675nIJRoVIQVe0BplzN5EIteAGElvn2es0vmt1keFIgc9Fzd4hh9ZsaEv - as6FRM8jPn7EncrwbuiNfWVX8Nt/PRFWQSrAiH0ilnj+vCkN7k8wkv1QXScDMh2f - wGCgjgXQ13OrSfBEcgoMYgPYh+D5+O8YpRsR1LeFv3LNKmpHGqW4Tug7QzDE/o8v - VyZfwDECgYEA7N3b6UVNnHPm2E618EK9ON9BFFYTZTzMKsRi22BL1JRaboMsHLEk - iRNg19PmfdjzeofJQJRgKLRvjcnvjgstzHadDNI0wLkYfixZTaMavAKpdxzAi6BU - ca70zHPwF0YWg0M5e+u33yUUnk5dEgUChPaLPZctMOvilwAHGdCgKvsCgYEAywOw - dIolSIVh/nkshzt4hWOZQZ0ZbCAu8xyalR1E977emm2eO79vJol08BB1kAVLh02j - 48pdr4nv2BUuIYhg5oA3g4LE+hP+aw8SZUlUOfV+xcROzjDRJ1ER+2mYcsPHR46j - ldZQFIyzPA/aMVZBhD/d341gxLI03bETeJno2lsCgYBtwAaLOV9SpKlLhHzsjB/c - 4CTpZVCrUdZP4prjhuTb5LlaB1FDIhkJon72wepEWWfHWG85iwZbFe+yROTIbgmU - eUkfja5/tcPRgn8GaBKVFq6q0BmvGGTIIAaxTO7r+b+opldWQcv6itXY2/pnxQZ7 - 0TiHGysHReTBjnO71FzCTQKBgQCWy96+Mf8Pp0Pq6ccRjDMxoZGtEyxXDHDTVGPe - bydTfwuKWfI3HzNIxMF/sDojCEvZ7OnXwfFk+miVcOYbMloH3SVfIjt+JmvMyh03 - 7wgJJTlNXUvMDKbPNYDN5tm+JX5YwLLyEYbaPMjFzGCeVRvFSEteSn2enWB3a5iy - 9F/qEQKBgEEh+k7wtEDVPeEo3syrq8tjavexVOsmz1zgLhUDIkNfSNWu4ZLXTLHC - slASf16VCVhPhZZHTzro2lIdyR+NIIaoq4aVggSYryIGLZJ9G4JomAn+54xErDUf - 1CfiuMFlITDCky8uL6MwdhVkU0ecJ5D94eIRaJnESWLz7BqdgPAE - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubelet-cab23-r720-11 - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEowIBAAKCAQEAzFx6tEfd6wm8IJJhov7U8u2bkEvzfYX1GcCA/qNrYp+WqIoB - CQZuyvVbGcYB4OrYXFjrK8BzNiYvVQgn5UnS5C04hSkat2/cgnDHk17iFlygPYLb - U2cVR1sn5PQVD+yyKlOdlUgUcqv/hDRVIOtMnFxZDs0t78njkf4I2BAfh5FvZ+hw - 1fuiBrTL49oAkRtmf8B1NeZT0r+7lc0usW6cRnLHVUdk46UxqHWZqK9vzsxcboNw - EWnNKVl8b32HAwaR03rWFWxARwYTT/ktM5VyeNMGfWfP7Qv5gy5tThGwsoyXFAIJ - JZlpJ/IK1SdkXAJa13KeVOxylyNWnT0P2xkCAwIDAQABAoIBAHNptxKhk77tnIV4 - phN7f6BCeJyhiD3XrXiBs1gbysXEAz3j0nnaXC/bKTwBC4aOmupsfUQUR/zIy+pl - 1MI1UxjyQP1THXeDgTFZqByedWjTntueT2dmzCmkXX98KXj44BXvawunzYSFhqSP - OZSBzp5vuQwW7F6D0jXdFfmQAX55reooHC+xpytDLkjjsXv98ST3Mxp37CR9JY8A - 6s5y4GdBHjR0bO/AbEvJ0S/ZLfd6PvWux0Qq6+mjcs9sGCPOg4Fg1C+DGhlnNaJS - oFj9W5MV+c42TH/UIKrxOkDv9J5q1VlxNm9PblNKaRmcPJ6Set65UhGVMHEmeUGB - yeUXzkECgYEA44m4LSKxerHnCWPTtEdOiupIdMaTcaV0Guh5c++pSJzAXYPVjOnA - oYgVlFHo/SUfqErPsBuRuZhgoi+IJpvhGNWBCO0HyxxbF7vAoRP5FEewb4trr050 - QrsVwTdEF+UvAuQtVybkvXSxnJ094jQ2aPgRPpPry+W60Llj+sd5FCsCgYEA5eyW - wN2pjmk7slCI7HsNCWE7TOv4EDYjzRTBeIb3qRU6FK1EIO6YbISY0FiAd1yQ6NE+ - TFIgAmGjhnudkMPW0imhrBDohwIZdmiWtNLoK7mMhO7UhIJeRkSAHBi5ePEBCQyQ - 1Gig7tsrbcaNaw/fBl2C9LgSQsW5IIwKXGGpJYkCgYAeK7rCMWF7NW+/LP97XiEq - BlrJMTOH1DqK/txr5RF7UV2oiLyeTLiAMr05x4qvVmbWN+VGIsG17GCT4N2a0PyO - AHF1r4hjBEWH5htqwG08pSzd/Yyv2CVOW+RMlHlw+bC8H2lrrvqRrJGIhMkZ33Z/ - gLU4qQCRLssQtiRtsll5tQKBgQDMqvffIvHmBSLQrgPUjgyixtyksoCU3byst8co - 5OvcpTqYYUv+DKW+I6JsA/wHRGzx8iEEiy5XMFcCRVOTI+E8Hzb9FegHFgVYc+2D - dSKamYbOZlLiybHl1uA7In8ne1Eynu7lRWXMeWiFRXNpVC1xWxhRgvEuYxdSM5ad - eYm6EQKBgGNUKKRlnR3wtbtVyrYhQHsgthXK1kH59B2IoMhbdd8RT0Oqv33Ykfom - vim0bsHLoxaTJVN0V8vj7OLv2FD7MoUfTb5R58fnRq8spPyAnHcFTvnqwE44UKRu - 4FYt3jp6TqdORkb6E/IITG7Yp6xyck4gkrWgW9jQK5Ibheg235nP - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubelet-cab23-r720-12 - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEogIBAAKCAQEAxLFuHbk7jwcIfi5S5OTiilwJHeKWuAGGcv2o4GKhA9tK2698 - ZXnHR/ObTpyxrOX7quGXtfsNF31nYKP9t7cytzOgTsEKbOH7V+fV6Qhr+qGDFq+f - cp42HNYpGli6nE+3bkCYYl7yqVx6NQ7LlVlKvaAK0YfQ/EMMLRR89yCdxAxTYUni - sRSJltwHpBpP8EZ3L/wOVSArm5iStKp6yJSMCCuuBksr6jjGr8Snv79Edg+u+p9F - D1B3wCCorcx+Is/t3IbM17d/nJjqw/hij9Fbs614oLVLWNSwvvn7atke4QbA/ME+ - YP2liD5pmdm+cCxgIzPOniLjtP5cAyX3D35qTwIDAQABAoIBAHiMXfatngkMwHHF - JlzOwuEVgyjjxIfFt4cmW6gaCqD4d6qopM70keRRMzA87NAQq+uRE5Ae62koHIGo - QEmmZ9jMNUXPHfqZjZfUqM+Hr9YNwu/WdxyiRnvp7YsOMmC2oq9Zu4sesg6GdQer - p65C6YHKYpcEbFsPJJlEY0p6nPaXm1f1IdWuoIwqPr+X34iU4uO3HB8vi38+EPjo - 1A+FwgrVvqLglCOIApMijLcTSxKrLKZHXv/rM2a16oVnCuTAru86lft0LAr9afkP - yAhXQjCTth/UxpG7sP+69+q6K5RcnB8FVitk4eH96n9nbepJUtBKKm6F6m5SJjJ3 - XAk54dECgYEAzw0a8mTjFlJAQPjAjOk94kLIYhqno5cS/tx48JZvBCYNyWceEdvO - 5r1Jk1rQP3USwfnOg7yQkduGavNS+xlBZHszqLdS0qNNthf9eymD5lKOPvnSa714 - MP8NZmTWm3RN13ejXACOLD8iwsNyRBB6rSeY0jeCQkhV1NnRNLdDkA0CgYEA8zFx - ySip/4TwJK4jZqi6UWN7cKJChHtQliH83NVFu5Tr9Aqz9amiUXpyaZ+vXA3V4sIM - cRJwb9r7mHq3aO69VU8PrP3sk2IKR1Sc8CSyoPz+f7nCShFB8TCYkXgOvGNaG+LZ - gFJER0kvjz85XQTgO1dNQySVIGjX3g30AWab8MsCgYBUq1dJqFf02M3Nw+t5tCfK - TuUCuUO0ciMidaY/PEVJvQYGRlTVmL2TPfTIfWqLiKSTDkSVOpckDlF5iud0J2/G - V1tYsx77ZCxzOnw90UxO85OXzTFvPZvY7XPdW38nMvhiFFqJVPDOx0K/wo0HqHWC - OZ8U1/48fLgcwrX6iLboQQKBgFgt3nc08mb++eAi8B0iIuSt8K1HeFz3JaI6Uqh0 - AGPivKdxVg1GY9+tSVz5FKmJLruY5s/9Ap3cRgvkuyomHqqXDzUHoUdTbiytBnag - p9Bty43eeg9HMKTWnQtp/9XZJGwmFf1MVwuOAtuq7g7HXNLHdfFZi2UD/vm6D3aO - kQ5/AoGATAcH1KOpUVPTcDU2NFcDAY4iQp/bb7UqEiL5jQNXRAzX/cBINQ+CE9MX - /tnj0oR1u+njTZPXe+FYgkjRQOeossC2nY8p6zPvccCyZp8g9HM2tK4UdlF0spbw - SNcmdx781iNauZdUwWUFPk+ieTiqzvQhDjwbvabImKhDPd4DrrM= - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubelet-cab23-r720-13 - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEpQIBAAKCAQEAvU7PJjD5H2MY43qepZ9OxDY/2IlDUTeaKQAFEZKe0Gz6NK00 - P2hD8qZohaswKWX876ISqxcjE7X9vecMWwlsdHq2D+AJExLDLyKgQY+vlC/GVdnd - oHDYFZj2svPmGTef2yFxhREvss6+v1wLEMJmQ7lbX9cWngCbe1IxWQKXPRPOEz0h - f8VoksOSGt1oFKw3UN0J8zeKB451tAPnAjGnM2Pq8gWW54HrRH9tmJZnrYgWihKY - +oG1nAbDp3bUXvdacgQmf2n2sQ3UcXya2oLXqLNynSJXroPbNFxdw3M+ynUHuGnX - utKtz+Fu6Vxffb4WB4kCccek3INuEINZBdV6dwIDAQABAoIBAQCcRvDvIEKoTJCB - Sfqp00ec5wPx5+6wn2weKKwGg7mjajNrRQj6x0JAkGt83YNWyaDy2iL7JpCIdxbP - rGsgxDjKN3sQw+v52OVUhgsx1EIn3QCoYsB48G8R9ULDHGF5s9e9eHBUX4m23MHP - C1b/MNxnUB9EkTVUnj+8oG+ogWEEw2WRVyQl1sUoYgQ0z5lgBGHVoY/iHLUHIyG8 - NJ1scRAKULxPYWxGp8kqWKDaHirvTZaqYNsNkujjdQx58wf5uQflmi2AtyP/LV/U - aqHntVhynIDpRQq/fSUNwLFXUdVUN7VlO5zotMYE2qmcN1/t571kZf7iv+aptWlm - anOtamqBAoGBAMfVSzB5wa6lhZUBCyt9iKfwXTSXBH5BRLw0yAtvJlbzfI0GRYCv - rhiGdH5m5WePVyzzxefDq0e/qwQ/wA/ZOFZUz7toM9oEcICyRrbWLFx1fr2Q86Az - lCj2DpOu2CpIi43Nuo8mqbR9LAZ1DuMtveiY2p7lQ2l97nrFUbMVeYuhAoGBAPKE - LjyOrwDcRx5GvvLv3IINWHK90E6KgXEyvOLif5JT1Jj7kyLjtIS5SJMZqJKnqCxG - /MPr9jSro9nocLMRZ8EDnWSTUtI7Z4f/GN1CIRY7pwLKzHS9iD88xZ8w/bTswE+2 - zOnT3txp3ONTWu7EzVU1DP2OW7O6vPKh0KVTC48XAoGBALG7mmleEY609y+EwxuG - RnIfzbZFjyCACpNeWoIY9L+nRiLj7hM7rZtwktIN0IGgMsfvdRjipkdlSMS5sqgl - 6f6W5j/nuR5yjmFYrp5VtRTzB6uw7Y6R8XfRCTv+6ZIJ/d08mm5R0+SM5AhGOtyB - xYPH18I1ZRTBhcc6EqU2N2mhAoGBAJBffkMQ0kAZ4sC0byKjBsvpc/lC5MqNDAg+ - o1IScs3C2DKGug4wLpxAzWK9CKzd4HEThZCBXZ33fGDSTp1bxD+UjlN8nPaI5NaC - V+QIZTgeJQu1fUgWOREkdaWSfccClm4eLhkZx3fCEfzG98BjKrYKEgS0hgUWKzvq - dxKkwKHbAoGAbYLffwmj6GKoChkyraObCK96GTYccMs6OO5RO6hctkbSD7TYHOl3 - Mvy0/3V9gVkPCo3mTDJzxI2wtm7W5Ib9pnW4FCJ5mfxJuQ4xJ65VVWPDkevngwFs - iSyvDY5lzMabXa36CoKufRx2kveKd8DPWGb/NCzxR2535A4ibFDb86o= - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubelet-cab23-r720-14 - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEpQIBAAKCAQEA2ELPFVG9c6Kbm1mPdvdaO/Ci+iT5MYHRmX2b+V0FzYEZ1/fI - RbhVuVvrblRi5WwBPJIgtLarIKu4Yyc7nU7duhx7pB3ugef4JrHKYOnv2UUWKiIx - wkbZvP0vr1GihdFaC7FP87hMQz8znzUSJUM4aEdKJTsocSnXDpDkIQ0QzRWpIr0c - YhsQJFa5gwKz7GPH5MUq+Bi0pAMbx9a1S97rzFMgQeujxODP3bSS0k3sGhdsTKXz - bdSHwSJAbTQBvhgaBVUXuapfLH7jgvpKHvxAvzn48qxpjtWWWi1exW3ux99ioJf7 - FkqL7TUC+dgWChfBIbORTWWsg5kD58uUtOk6pQIDAQABAoIBAQDA/m48AmRl67me - W8CyVHAMieWIArL4QXhB2Fz3ntJs4Uek+pWZ0rV949Ao99oCD+7SlT3myBXT5Ct7 - ISoMarNpQb39alDNUaydK5EGB/9qEEOFelqZnAz4oaKKfPnjHj+Tq7tELzav1JlG - /V+iLWkLdoNu0mp3AvXPI/LSpAxYV9XFxG23Ij+MZg2WGQC6g1ZCKnrLmPf6KvDR - h2jyL1Fplu3bH6gkqVABAlVkwUCDNoCBD/uE3AuykrpMiwEhNo4ZY7yyvV1abyUx - b5kGqnWwFSrjwjGTn8m5rgkXDbXkRQE9hYJKhq1Zy7f40jq6Q3UJXQAReZz1G2I4 - a4xybkjJAoGBAN+jW3EelZea39nTZ2ZHw70sx1Dz92hB4DklXhJeg8wjcdV8wGY4 - bLWjfUcC8fifDlbBYz/OPQrKljafAV/FaK307jGPPL3hOpKCQdu/7ea9VnUXh8DN - KwBxBMY3wHdMtWdvqBuq7QKer3pjtRl5LqdI6bGpHyNbKxwS+PzMVGZXAoGBAPeO - KqInC0R9f8JnA5SAfwR85bZFs0bsqwAiZVTOYd/8dsXjtK9g51Ke6hl8ZHsd3Bjv - DEPqbMGcbdmSpVLFXE2/l6RrW6y6WN0+OWV+TVqwFd+4CLN7MpOg1QiM4KGN1TUW - 31P7WcpC1H0tZnCeZmdBxOdX5XDRaSetQ2WJaTFjAoGBAJMcm59q9g63k39v4HnY - xXshBLBM/Df59azB1wMQZ3SW8F/2Y34aqfBGbreSyWe6Aa2yIz6qxV7e6zddG4NL - kdO05id1yQhDK8uKohYTSETb0g7Ofr+mdx4gOnrF2/beYAp92cDxjF2H03kYM95g - 5/6lKQ10agZRB6e9F0r8gpybAoGAcrPesS9iGyQDNHJCyGYZdFzimugEv1IdkXxe - c0MFOqFh7yMorzI5PKEBWzm13Q3i03K/viA6sCLpCyzViVqFAElL3BUabxgQ4MJa - GdrBwMlh+TzuWys0Lg8RZlrQIkrzhRvJ8sG9wufgSPfmRTw/uoxQzdh+KR3+mTHA - zqUypn0CgYEAoqClS/TJabzTnc7IsFfjjTBNgnUDOLgXSIo67erocVBtcFczaX8i - COR/YBImr2KOhb8jQ9ucaLBXucOBJyPrahAjeVh31Q/wM41XsoytgBERG5ppU2QV - 2l5I64XvRuecEEKPDsmFFSa871xJNebfu1spt5D6TWyXvL7fJYxGfnY= - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubelet-cab23-r720-17 - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEpAIBAAKCAQEAveJOaETPs8E4ZLPvLfs/qdDk8aSRHVqY4ewYf2nWOo13Dwjc - X9I4u0xC9sShRxgJsDBmjNTPkOyjPDoof1xz/1xT5cq8wkSJNhfVIr3wBWqIfKwT - Gb309lW15B9zocr3kJ0VkL50jVCJU0SQz3IV/h4roo7fkIeIg+dAyPMobaYEYIf+ - xbHjIHYemCj8IKV1Bwttb8swqVg1QkNOydwJaQ0rBc+t7H1sZCm4k92y31NIO20e - NqdV6eUJQbJjoXJzvkQb2O5cOdJH7ryas0pjaBYBMIqYUWyl1nZmwmQtqe5TILpV - TgXs/6u/zJ41Da9yeELYtd0no6+gKKwLse6d3QIDAQABAoIBAD2om+9N0Og86PQC - Xbtfp6eb9ovk9V5DyfsqsDXHh1ISF8QhC3ZuDA/9zozVAs3UJ2k3/kTi4dfcj5EC - DZ51xhD4ySGIOM0YdjnDeWlDpgoMMu/Q7I7iWQYYhOzjraevAb7K03Lh9XTh3wXT - 8PX7xNp0r5SkskH7UMAMOsRF+S3JOEtJ8f2jDGs8Clw6NmXxELbyEw5fE3U/kb+R - IwgR7Yk1rtsS8VRU7XeFha+RGiiY8HXpOO+Q+2EyEK628gDma+2TqKdiM+U9hFnd - 8lPIsJeDnwc83LoIwwGjPlQwdkj4rHH03sNXWmtPn6+CoJK0x7WqG0/uhTA12pDW - i7PtVWECgYEA8LOH2n+rleKklnGWknPx+Sfz6j6+aY0m4Q1sRF0g/un2u0LXU4J7 - zLc0R5pj7vBejuERu1IKUjKsrHgLtWzNTeM6J72i4SErqmTzSFZAHpsqOTh11JEm - YGFjWG+4+0PC4YZQfmTBA4M83ViXqJFGAphyJymCBbsAfknwsPGAmBkCgYEAyfPs - dULfVmR84pLCKZRcHiAW/sPwz6vWNJdZ3dEa+BPdsU0hqFysr4+qwnYammxWnpbP - H8JFI7xymUlosiEOUu4iepup2VeYp28Ty0mNVngolXJi7s5Rr9RYW71ZVJHZbv9K - A0YD62QJamvRVEe00il8c3/lOtNFZUZsxW+K/GUCgYAwdzXHnSVjjLsvP7fdzVLP - pGfMps2YWz+U2SsPqODX8ywnEJJi0kczNUBlmoS8u9GOW2tCmIZTfrieEZ3p7fp4 - 0GQJVHnTcuZj7Oe/jP5kK0IZO3EeWAuuJG3ohLZugXpgBrd2e7sRhf9fYlNHMdky - 9Jcno4f2t2ymASVhu371IQKBgQCTa1vQvWAK0I/ZVQgnEgWseABROPcwoV9cRJ91 - LI9jSB0ssAFBxWTJQzaDfXMuBqe0XKIVrNqLm6SMAOpMHZU3NF424iq6XRcyIgNx - AeAKnuwBK97MNA+tKnTVgwMSmOUAAZsliJaT3hKBfPLxcuasA1y1c0cCCfc+VopQ - FXx/gQKBgQCtsAaX+5MEe2KvELiVol+soyi57IdfW24yzQw3vAnhPYgw99q8lVH7 - QpqrwNPnvS62LZisI5ELqkRjKqinpMszuXRzBHPytoM3lWwML+Jtvfz41POIAK+z - PEI2NsZUVp10ZwZ/KuhcAeaJed43EPvyTyKJmtL8RFWJYtm6HbIkKw== - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubelet-cab23-r720-19 - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEpAIBAAKCAQEArdA3hVMLYwQ8kDRRZMNdCkue2f0015NnmPOqTSa5m/5NceHp - TEojrzN4MxwlugfrjKSUmt5NokUP0fY9fFAwI86MWd+xT1dg1DugEDORS7T/DmFH - QGZ5ZhNLJ+Xz/hAQd8xoUe1mCC6Z4EYjB37i+Ov0Ek28POk8hAH6sDEWdwP6op8i - DZwhEqgrdMikPSeEikxnZ5tQdPnPT17mYAyYIqLYYyDb7tFlokGc/BfDHX+ifDL2 - +tpnsDINk4AOdWkyU1UG5Zh8Z9m8rVo9C3O8R5vI5T/8lr1YMG6TfFCtnOQlOeac - wsA58rMbmP0hZSZW8Z3A184g4nB6CVmwXjVHmQIDAQABAoIBAGqW69VpDeyU5ocQ - bnG6lM4BfdL0wnkJPli/5MoXW2/cTaXvAmD0flms2KOPOVuSC9NeAnvOpBFFBOSf - eylHC56Jxew/j762OP0t64TD+vBQeLFa2pUVwpDkeAxpqm09cLvmsHq9ePq/iUHO - ASFRoONB35Vx8mPwLFpP1GpEUCB/XucIwwata2F5FLsrcC0dpUlkkAj3TlzgrSmq - qOAp2DEkvdG39Pt2jlwez/k78/tk5ZM63VCM0CQO0GMkcntLvL2tRa7TpRqJ1EMh - R5ZOJA+02+88BbYl6yZzzurEbKobkkqMWmYlLa+EjbWhxg/hV2kt8APFfWtcoj8b - ntfLUwECgYEA4UVzfuN/watxmCaG9GD/5dpust+h1HynLHfiOTx8SN8C6IckpqTS - 7Pp50i7yb9lvfNMKd7WdD/6to58LkNNyT9h4A2awFE3Q5y7Ly/GbnR1bz//NnipM - E6VxdKCtgs4EvWAE5I2+HtLUlfNsUq4NdJMSzF0FsK5dfvegbb6pG8kCgYEAxYXW - SEwcFExXuOX4Vk+DD7SBEToGnDZlTJfd/WR3gOqYY5g5q/YH8Bi1Yg6WycKPgqU+ - jvggbqg8n8EIfN60crHViibHxL35GHj0NocF+0dkWIStiakL6rblSfo6pLI1E4CP - ogzHlPKhOX0ox13i6Vwm5DaQ8AAiicQQie4MFVECgYEA1GirLXMPzKp+kquJRraL - s8zR4mHRcs0SyHBF5BgvTHrTgDOlkGgL5p2K7m+L84D/iaBo11Vswl8ulQBrZGSr - /bOr/fD+iDaTitjqGuQ3Cd9b6fVWiRNy5ndyUjkLQjJF79aw5lzsbp33C2kas58g - WtIuwHnZ2q2exRByueg0BlkCgYBFZG+TlqmGuAtZefF04Ro6Oj/dvXT1DGcqMXBb - xR/2unQvCRu5vgWr5AJVIKr41tF0JHmF4MYEGjayKS7CL7tVUASlNFqaU+NfJZ8m - SOlhDgPC1VniMvFs1DRZeP+BPNpIr7HGTJcRTOw3NjFNWT6OnUFMi57/sgxwOeFV - k7vLAQKBgQCzefkNjxN/NOBNeAVgPO9xbgNHiCsV8F3EpaII2jh3UYDaca2QlcQe - MDM2/Z+zO+luZWlemlYLk9Z6aSKpuTC9LOdarrzWrVn/WPs+SsUFffQolQMSTet4 - DFsv8tZ7J6u6p0QNVnp0Wio5INnOYLErTpsjo9ELAPh87gKJP7ePMA== - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: scheduler - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEpQIBAAKCAQEAwl47DPZVsFP70E55VqXnP8SXzINwYpA5tbemj3l1OLb4x+Mk - F7llLY29VIcRwtGMSmiLU5z8S9eUcTxe54eEHRekYQ5s2iuTHWhAvV0zFeYrgaFE - xnk9d9HSk5sHAQw7euQxtkO+5GCzJEcggB9hpTO6vDBytsqFSuYGY4StscnUuK/A - dumdVmtwQkcZqpCer9LqCrQf/euDj51TB4Q3ZFCg7wN+M8VuNWUq50FMloDqVvmp - 2jtWEqIl2PbKYmtZMg+epmKTumsKPELMUMavCLRAvbRdC3Pnrvro1ayzKYUE3j/y - TZXEjMcarNtQdPvRBxzt4oNGuCj8bM/U6TSTPQIDAQABAoIBACtEiMao64hWGb9U - SMSWJ/VVESmwtMrsKjyehlB4DDU03gq5MKarWa+bVuNDMhv5Q86omSNi1fMYKW5P - rxzBWRKU2b3VVTv36Ubpl0fQQHgGhfbUbJf2E03iAotjPlroWzFPLRXS3OK/+AEC - aGS9F6KL8mzEKDUyvhtfO1raBUSHMqjeMwZXH0ZDtCVdeobF00/QpWl4JLpHiTd7 - YgmjIMCk1n6bZsPDCiDzTmpYsSBI3x/dxPwg0w9qG7yBIdJkIzjszJtl69TZYIVQ - MYltqlhMbnyqkn4Moq3iAkiDGs7M8UWkdWU89c8LVkyKTkQXDib8/NnNGUbK8g23 - AIq/Eq0CgYEAydSkgs2nSa9xF37Pq0ViWiZd7KoyyhCDoOT+NDm25DPGSoW8sxSG - LQmVmlGnKOV2QYUb5VAT4B3QvC64OW96uFuFNSKWv+9/j86z10Lwe0i4IvOZb4vu - WNQG5OXLkjL9dBRIS7/u83E1/b8bFW7PMMXdtRoQYd6QTP8PCK8/rScCgYEA9oja - KZhOP426PRcIvmPFUJkuJYqFiyixrm1nzTU01KQq9vH5HzBpdUmLzr5c7PGiR6oA - E11b2qyx6ZNG7j1cBorFNFMyr8EScdXLnxh8B5nkqL8DnzU9tLawI4xlYN9fDBWw - frVWd1Wy9L9GS+7UnwaZ0nwnPtXWXggv+VhogvsCgYEAiTnSDLllB32IqA/phKqt - P1wcuj/SPn7R8EAh8kJXbnshVCPv89Z9j/uXQxBHVlAFgnDNUbGLgfLjrD8btLlu - OBDJ1iHJW4CsO4uvzSlPNpNv1xvHdAcxLCYk9daj/ag7mYP8z7wU7GJJ8lfQQ1dO - +fteTbcF8nUPqbo1b5Mv+TsCgYEA6qHiqDW5OwlDF8MlYjYIY6X14mrMoF2xhWXA - pfAegMZh0bcHtyRXKfY+JhzMygFKxlPIUKXItv0nMjsmBbXGML+/4gXQtq7VRBwK - +DbQTFet5OAurUZ5nNVGG/8RuTm99v1phZ5GVbrtX7vvRnNeTp90pHveyhGwPLwk - FHaMuSMCgYEAwp8JVVI1wLceG8IaAPVOlRe+rImvByqcD4MKkAEO6CGZvOPzikTi - TZl5G6/VyhXem+KX+W39wk3gNWG8P8wJrRQVupM79SczYR/MDttkK+cfbYVqbVRI - I4VeyTFBygYABeY5kz8/mV344s8fqzsBid5Jjb6YI7SGwqRaISVlLN8= - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: controller-manager - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEpQIBAAKCAQEAzlWVrjnSnTNnBDOalL/BGNWinKEeEu5L9kxIO9mfLQNnp8hV - Nn2W8GbWNLRTNOTR9Yor6zkx5cSeQaht582kvAmKT4/M/lFpvfpbs10pQbz/LGEf - jQW7nIEknyzTYt+4eizmUMYS6il3VNAc4oYGOn34iYWTXYn76/M6xU4SZEQRmbCF - Vo9swa/m5Ke1/kbpeCd/q6v2kip24TOt0z7e0PkGLhDY/fHnqwzSZ9bC24W9dNaa - To02EhvR2heHF/ZaCX2W+PF2RgIi1QYyRTqix0Pfwrp/qsYsDu31N9dNGXj3tV8B - QtvHPnC0rVu2J9kQO0QGGsgLVLLJChilI1jHQwIDAQABAoIBAAGJUZwCgjb5cwLs - /3GsG9v7e0J/UKIDdD1ZRBBuBmlnZRYyv6+wL7eKjH3H+fai3Y1eggU2X9C+Lg9/ - GZJoTZm42HbPM0+Re6AWhShIwU3kAmJqNrnuGP+JVqR4yPorgEwomW5wiyODO4g+ - JHjrVpCI75jWjcpchKu1G/LsKeblN24+px80EpuFesVaofIBTjt+MlMwuCcY+rXy - i8o6W00aRph4YYCWymSkfh4lQBL/EVidKLzo2MhZ3CwCMnL0TCxvb3UTfbfnbz4d - 4nB+OVfH3GJthpLLCn4Vybq+aJeHoTar62fSRBOoERF9nHdOhbzEVfVhmtUhTv5+ - CKxIkkECgYEA9VHl7fc8h/Ao+STekAbrUXwzPL02G1LdRRyxeHA2cCmOYgHJe/hY - Zx5MzYHG/FSaPlctwBXK/mvXQNeHq5gGH6IS8tGa1Pbc2CchSLh9GL7GA+KSK+tE - 2c910d//o7zcOauRSwQXrC5Y0TFzRQ3EJGtkbRnhq3U6TYkC7yxLvi0CgYEA11Ew - sa1iuxBupOsdc0Vj3M+p3XuNSHVD2jMP/FM35HIhW2NfgkiX8A9u1VnNj9cblEQ2 - 1PCVQ5x88qcW9iypV2WF+esJn4cyVFt3gXubAJaMdfQjmuzSe5/Ywoohc+LKhCzh - mxo3kakyyXyZxqcz2UywAQVTYIldI3pAHarbcS8CgYEA1GjSJmZhEe7++yJSVvC2 - xfo9PwUxmRz5m8LJY1f9usYwk2mqtF2G5dpVc8c/rPHwD7RaV6xG9F4Zpfo4bXoX - K0KhF4AniOgqtjnDVvzuzAM63thJ6h8uoU1BXbSO245GPOTxy7tCaAJFQvSHMy5F - O6eE7/Zt8JBzJ/lPAhofhw0CgYEAjzfp88UojtT3Q6tAA5R8QDvA+RldeHzHjTO5 - xlR0MPfZSDhpJveyWHNrfW4mVS73oT9eWXVNU5ObaKvLkiNS4FcfLoUv+XSr/YB5 - lR7qkxGQjETACiTMPH6uZ3gJmFOZ8SEJT2m43KJ2rZ67im9dBYUE7SjltKip0xdV - 3mXvYPECgYEAu9ZP2pvwe8wpE9J8948hD3HuaMoaZkQ2/eNWlo1Lr9faAVomCm7/ - EToupvUI9aAg9ZE9Oe5ZJq9IM0euUyAxcNgKAsjWxdYVxdnGmX6zO9oGlFYkuhEC - g1vMI1+pZUPg6u/KVxwjq0T2kUxlY5acYbg1pyrFVZ/26R4pElUF1ts= - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: admin - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEpQIBAAKCAQEAz3nmXK4+ehS731zGx3qfpIZbed1SpZTn3eGKRV7gXzzSku7F - pfkVEkfN+iLipaqFvOrqui02JO0Dyv5vgRVzog3KIbyoFD2tUSlN7i9YGZhPJnwP - 0VZgq79K9ptjqHE8+q0uBo/KiqnH87mVTEJkZ6sYr3KXBSHJt1FZokUoxIYP7PNf - ybOOQ+tDO6AYiU1NRSLcQc7pQPqXgOuDcCMOdnKeat7O9OVWcQGyNkVD3d5ws9HD - DUUozmHje2mBdTgEqyV8ZeHiuAM8dEmVTt+4a7xT9tjhelhfAIhwZGW32WhzVoId - AwQ7c/pTREPP9A7zfXBFupdlSI0vnwoXLMsRGwIDAQABAoIBAQCxt8AcOWDo36PC - A01+B0qB+liW/X7SuMcYJx5yp39X9NiG5aJFtiNXgkwsa/9qWrOuDCe+DAYqAR/T - nLhUgNSIxnkTBu+OTvqL3+6SDNnRKsb5tyExdmTeGMCUlqv51+2c6ATZuAeNWTse - SSRaqzAoIMXHW0eDLNsFfNhjiAwQsR4WVxro3Gt88u07jY9kyHJ9TQ2hfZDweUUS - JW0dDNaaWfRMsBWMLpMm3I9VOXm8/SROSAj2OdFg7dlCU2bkCToMUb8VGpNAijx/ - 4J5RLCIZgNmxeoPi/dy0eN84i51jcceZqae+WF5BbrtC71oGDqa7ZQarr3bKcDyG - GinTzuc5AoGBAN5qMQIXccU3Mxj1MVWoTRFaDEu6mS8zo0NT9ieAhrPPqCPxHEQB - sCxJXvm713y3PYJr40GNyLXbq5PM/Vb1fJ8UPZTGUnG/gqoSlVmNg6UOPujpKbKO - TUahko7JcmvR/xbgpZsB30CV530FkZPj8KyNqrYsQnYayt0SMLLe35GFAoGBAO7O - OxpF2UMnYs9IJfTtJB4auhGhrUI3k9F+m5tzA+WMJIlI0mgpvlA2fosIE4jtrQqh - WRG1+lLNy7Pf0P4dy4oxOfcNJlf4hKva1VznpnT+P7UqXhKXYOOUZ3vN7i9q43nX - GCUs8gL41Cly1xPGkS7oh/cBz5lQVuj0np6NiEofAoGBANnUcy8zOvAGQfs9mRXl - gaVu5f/9Py4lis7UGo9Rp5vP00NwT1ijtqGJMoWwXTn+VTW46Jg5fsvt2zskVzKl - t2ot7qoZGoHhKN3c2X0dxkMPkrmWMop4KGL2t4006uWChC0p08feq4Kbzl5557xK - UFsPXJSTAHyffPPLbvqgoaHpAoGANEvVhZtmSN6HNP2H0mtcTXts5A+T8bxaEra3 - PQOjBtH57laUPVtm4goNDEVogcQK8RkEeGxxtVB8G5gYHI5J1KmTGBc5Hmq+IyR5 - NS9FtLk5GmN81nVwMmZ9gw9F6fxudHA2SW3eUehMDgeoMhx6Dtu9aspqvBhr7/gi - BHbaMeECgYEAxC9bPwaZamG79d3zTPG8l51nQY7dW6Jn7WkLkiSMy29VGF29nSgh - kTTlQqWjjPBeIpUC4YTL2dB7PvkOFofGHwPox2xUTmi7U3SmsSRN1aBJRgQb+by3 - 9raGql1VFeUuHsZ5x2YA5b+an590U3OxDzkGDBOU2RdWy9ZLRC7Iox8= - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: armada - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEowIBAAKCAQEA2RPKuABAbQuCrv72wy3EyEGnNIh63xPYl6VfIz3F/VhDNt4a - KSftWM6U8+LMDHyT0p48BwCgdlLfNhU4tUa4rD9Ik+HRV3hQxHGuGAQSGna+90z+ - f/OtmgbLtVXX1bkLfcM85YPTVTzILO3UA4VUrQxSoXfK9tUaV1RJrYUzHwtr6aM4 - wo+pALsfes6Mm6ygM/n/+z1NUxzr9I2oJreFH8TbnkmQRbvWoYQRoA+2Z2A+TPZk - zYqGNAZr/BZS8mgEGapcp4tF64yyraLPpwzEKxNspmjHeGsNEYZS9JSaEx6B+ceH - lF2xYlK/tg0134IZMJ2CRl4XP439p+yN3H/bNQIDAQABAoIBAEcnj6lkm7mirkGC - XYx4sioaKx6zJeN9c9+xW1AH7aAvkEip4NVguxIDFRwkWVI2e5XsPCznbbGbVIM7 - zYzOE7aSP84JlT8gtwjNYo2IuA5oogwZ9somK99zHs7fxpHNyBB/MLTi0yD7fXoM - sxQ8XhcjFOrMg4EJNUsu27+/C5S+5SE5uffKE0H6VmeeyqteHZmPAimidQS2jwq/ - tHqDQ63QTMhZvac2b0szS4dDcr2/tmUSvlph6gaCmqy86QYwpuAPGmF6hADoQXAq - Y2aTIM+MiELXwrmQBaVRZ7JWyCIj2JEOltVoZMeNSDSWrJ2WYljxFC6iROFV9Vqj - PADko4ECgYEA7iF3LPLI0s7PeK2auhB5hH2azSJZ8qAtMgA/y6fjRt9+BPE3TcX6 - DxoaI0sbqpmkDDVXQgAIGxZAHIkM517PI4glxwxkZRnC8lBY4ijR5LP3cwYMIRym - mky2bV0DbnFNvzU+CXHonD1Psaw7zJYfadgFDaRVc9zQWDPXpd6avMUCgYEA6V3i - 7u5Cf5T6o3cfuhyyQCiHbv8QCPt97CIIUrubzVxgjFqr2G1CwzIOu9hQbSCHWqwL - rrHDeunC9aCQg34gboneE1KvpLGDjnOBCXBUGLTMnEbFHncw+TlGoBJUb56G0dHq - /5/PH/dABl2JOlSrvJT5QWrUO7aByogqqK/5a7ECgYAo/We3O/9nkiPSYQe+OXHB - ZaGM5/nVss60yagxlS+hFn1pul/LqmV1zgdrxdT4U8QSOehQOxMqHnVgtBKdjQtY - 0Wm3TqHFaV7OORhjraUbmgLhMMxLstPWwZexUY5yp1w7qp2IIKxqoH8kVUJh4AF+ - RanxBDWVYRAX7qyTJ7M5BQKBgF3T/+AtL9N4JOYAiWMdEpY1NW7tYpcZ9uEwNcR9 - 5gDFuZP1CM717zfoMoBYUs3tnD5amj/c/Um4H0j/C9uypHuNNxrxzekb7lciHamb - 3lQorXPQCIVdSvWJj9ngRM60IGTQT/oDWRXzJWzpwrkPPhWOmEEzIK35jWnPIce9 - KT2hAoGBAOgmzSvdvzdMcXeUGn0+AaT219vR1RBfpyk0/jkYVemWQosLSEQqbxgw - 1Th1Z0JO6277uIbi/BBqgWLhRjjQUIavKHnpoNzUa6pIRh9lNywX7vEbRnRTXpsV - t1XJYhUX/5XzT+6ANUCjYcNUeQi1OpUmg6UD724jcF+2naRBDLHF - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: apiserver-etcd - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEpAIBAAKCAQEAtMEFupWKyrzQnR5leAj4QlIwIREubOHaXwIOjNRs2f3b9xoF - z/WY9OI/oMvvsr4am56CN+m1sSPOFrJji0+fkMuO94/QkLZEioBgzJb1icI58QIY - W8jWvoUYoxJPVNWE2tEm4081Bs4rG7hepnuvRKNgoIE+1SflwofAe0oLPbTyhbv0 - 7sVXLyIHelVEAlTu6Q6OH4rV0mzvHY6jqMC/qsbLM4vujoEGKzX80ftzNa/TGbZc - MzjylQN2Svgt0TcgvzhTQOenfOkDe7UMKuoD500pioCW7nSrQwfJP5TuR6VjOer4 - sJP/T0KZ7MHs0gm7jQBL5+O0AZoWPZgjq03OJwIDAQABAoIBAQCGqsSU5bNZJuGa - HbplevFToB4hlMZs8rwaStMCU4WhyAPpDudDr+w8jo/vQeGc3wu945OLCsGGb3Gs - 8U0+zpzIaRBkGy69kj5wngMAinv3HdDDYdc6EuEDYvAfFpYqU0Y/LNJ3SlzsbBAr - /+nsyXukfMCR9JkWgDoq+68Ja/oCBxtw0rLxrLla5qaYCzNd9W07/je5nknaKkmU - h3UM6eUQBOUDEzX1bqYIUb2XMgdrmBGeZ2D0R/t6huc7qjfm1KXktQbrkWCUisXj - 00AtKHhIDOIemdb6rt4DBc6mZFcncTOq94+0IoYBm5T6bomngg+bgbwYxprrvVeF - 2SL9T6uZAoGBAMV+M2MV9Babhb43TsFSTfLe05xMAl/VkA0ODRJvAOayX0beWhyp - UQBbij+pDzIkt4ylPr4jTGv3yQLeORhZSKUnUc4pYfho2iaRP9/IoV5ChF99xJ2N - VUG8GSeYAsWWlBBzMBkpXy/CcX35HyytYhhq0XieyudlZC7XgVY5rKSLAoGBAOpN - V+JqB38F0EHoUT341SoeVbTV2FtEXGOQS4T3KzgVhNtJwiovHFfhTIwmC+R3ZP+K - d4bDm22o+dOwRMcEZ4eGSiY7fizWX08tvYrhsh+ZMPIhRB24m7RTBavBvSIKGOIX - w7xNUS9kNOrIY4ZWv3n/zCokxmGBHlyIG4GfWwRVAoGANEfNSKy2Ggn/pLQ1d/3W - vrV4JUcF1eLOKHaQxVF3Vprfl/4isrWryMFy3pldeXO411WjP2hOwcIth0HWsXhp - P7ch88aGteDj5xPKae5NsYtASZscomyYpjcqHY4jJbVP6u7jS7XlCdqaerOpKgWY - E0irvRekNQ9lLvVDutS3vDMCgYEAksBOw2lVuKGThzRTblVkbjUByXoHQWLX2ySN - qIKHd2FDDXZtPq6zOffLUhyiZj7B66x2oNnziAPGNmi5K03+6kuaNcgdh0fd+mHT - ziD+x/vTRFTBrTvrik5VxvZZ1/ArFbF8z3w91UkWO9e3PnUnCOrGnb7a4kdVFO/L - Cq0c/OECgYA3obLPD4vXhSmAUCUI0TD+CvA5gUUmk2k5Q3ZaDQsSBbfMPvpq7F5k - yPCPD68j8MPJ2vkr5j09gIvGpgMpRvpaH3QFH36wxcYiL2Q8IZEfy89kTDtrLNP7 - t4EfrgquO5hcsbfmxtu4xVyVrhRnejOUjoaVLB48bO9Fp9bQKFBUgw== - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubernetes-etcd-anchor - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEowIBAAKCAQEAuPeKvd0k9+0Qt/NUFpmdWz7ztQAHLyQix9YDrcnXbNV8DiSa - Q/GTOvdnKLZgQXa10RXpA9s84fSxJO6nBN9PP6EjS38nIZMpybjb6wnqW5Dv/aOB - s1rswMkv7vFLtnQQNMGQu+W4t+9iSea2vrX/49z5QPZkYS0J+6GGmktfBZt8J1XK - ZYjYDsSD1OIRfEyafVJT1pARzXagnH3YwYuVvpaqcpICsnSIBi0QWr5zDXgfQQ5C - 89U1NJAPt8DwWV4hCzjgkzqz2DEBwuFSopNjCZDXX5bqgypJUP3aI59nYyEJ3PvG - 40KlQILIN05UmknnMItxwTuw+IqXHb7tOTbhQwIDAQABAoIBAEZ7ZW3179ldh4pg - +YDnJlQXx+wHx7UJ8wrtHVfC2wkIzI3jGrmbOzwz/CZCYKlxX9T9oV4r06ZShJIL - Mq+jnGIlt/pTyIh9uGW6wGpuy9P6hcjD3m+GzUKlJ1PItM4gqfBAdjNzVREZ8f0x - Ih/H4Gtmz8AWY6e37t7o7Q6se9f5giJIT37TMnct87AxAauIrOljP/WiuJCTFPZK - YwtXpP0ETNtrAdcJpgGPFsgsvgMpuLybVyjzXFaT1EBNjV0HdYLRSnikiyd3zlKr - lWyeOBw4IrF53ArZf7oRZtuMH6yjWQfNzdgXRvooPGy6lBhHJehpXgPZJuMp3ZN/ - zoy0ubECgYEAxhYrI+17haRa89tcnoLQk7qbqz3LBd9yS9Ep0E3eQPyx3kvuc2iK - 5e5CLDgNvaYDSTorUUuE+auDqJt4jyuPh5v/aRBECFVXrIPy2ey7dC4ynaPwH+8f - kYK3t0dsPBBk07RVfh//EmZ3Bh9LwnvT+xhXY/Mu8mQjp7vKbAMDTZkCgYEA7wtu - g79Hlgci/tFsFuI2BGw2m+BYkVWLzctInsF/A2sqrijAhC+0tNnLijXdWaCT/XWb - hvN6q0XMuZGZFvcpDzyocSV2oDwd8g/ULTLpA5xfamDaJNTqVDX2VRSnGKiOk8J/ - 02jZKBUXBKTj9n+7BdbpVFm9SoYqd3jcwKPdVzsCgYAHqLfGTdpm0nIJ18N/BYPX - EnIObvc4pOkgcVfyi/A6BwtBkyIHKFWmik3Ys9okKRUbcbpXDFp55N3UWR6SOpb0 - IV4Ay/Y1dEdNjlSHhJXC6j5exgX01iQcVjeQSJywvdmILgLYO5h7N6cGf5NIU81g - ehJ29OIt0R1n0OUExCEOkQKBgFr/Sw60Hhgql1PRfQgpDM8aMp+cA5svqYypufdV - SXiPryulL8QiNPQzhJwUbTLVQgDWaGIzBZt1cr2hg1mOtP6r5KNN056jw/KFvAuI - udM6D8h7Hg+vTZTJBgDVX9avM7dj7y0XWLM9dAm8i1smvJc4fJIzpy9ba4cXZ1Ge - D4BJAoGBALYT9u2Rk7bNEoJbInZhmtqd9kyO+PBPzLA/ZOzzafIMQM59xJwy4Cui - vqA7EHvYJSAXP0CiUxP+X0MITbGTyCzR48fiFi8sY1C+MQaOO06IFapxtQda9r7Z - 2NfJxVxgMFh9Y0a8nCGT92BlNs/Mn5Zo378Y80Rra0av/69w6HNF - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubernetes-etcd-genesis - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEpAIBAAKCAQEAn6CZw9xwsNzdud2OVb8Ixgwe5OiS0mgBKU3bo3bn/v16X3dy - vBs93Ar7IPegW64SOaeDzDG+yR79dObL8HAc8jRCGgnJgyfVqsABanZSyzZXmQmo - vn8lLPWW1yAF9/mWTduEs4YnFsSDIoD3Ptc9W3OYL1BetSlUTYXIHI7Y8wS/01cC - GPFTZZ/xKY2N9sdoFohsKTZuyWWtbMb4ysAIx7ogtEnBCZRz5LoL6JutN2swsM2H - BqKFxPom9YxWnnFiXNG5623abzvrWT9oppswqkEeE7NYD+BiNOYRb2OQYlezEl/d - 0RUJGTpJLFN1oNWu953+tonATz0GiuL9G2TwfQIDAQABAoIBADH5EEpd57Wm349B - ij7T2IZP4xgcq2JNhxeMNVeecRDGABqFBZlYGeyaT3ZJr50kCLad98fkRusl1YlU - e8IhBx7YN115dOmnfd+/znGq606NC61wdbB1k4jYtclRUC0KqQBk2c1uESyyhq81 - mrHEpoPL03f0fEHQ14CRgk1WdxrVAiwjfCiX90WI2GEdpIOsjvR9r6ZAzm0HSFY+ - qBSaF593Uo0wmthS1YO/gnRdHQv3XtCxbj0HuQ0/8Mjd9aeNvTBGfkZtL38J84qk - IAiKWcoqIEPMePFaYiZQDSG7EmbrWTwj48qqSSNav50xo5mrglmWb+j/BAsKfwAn - 87E1F00CgYEA0DkaqkU3/aOsL56KCWQ2f623gfisZ7EMSdinbA7cGtpPqbwmZxpi - 66n8TiugpQoetNHSDvkake5oUOT8DzCPfJZ3cCLLOnIHuWS3Ni74LK8/fYZvT6gs - eRHicj8YWfCps8VcZvsAme3LQPfQS+uE9M4M3GPElDmdUGF4Jt9/Y/cCgYEAxEED - gSn0QVaYPCWiVecjKSeDdykiZNpQnN5W2ITQDM1ZeF9zEcDOacooIkh75N1gHRdq - LqrMJAn25ARTjqTnMPOJm7yWuPDyCExNeEU5Gk8H1egHsfBAg0yvtJPmF/yYJbZ7 - 4o9IIX1P7Rei6HwXpIATZ64bKpYijLdMkYTEiisCgYAsmE5RsUlwlSFHgZjmsgPK - DJaEy5GBE7YiCriwt+4EAkWVgKpo4onVFy7mPwnEzwoMh/OJKWi7YGgPCzvAtRHG - CSPDbHBCMDHfTua+QAj+6PmcFLK6SLZdp6rr9P9uI9D0o4xKse9LCFbDr095MxPi - qk6u1N9BL6W1lWp6SNuruQKBgQC/dCU1FnagXxf4ZUZuwyP7+/42ezyAYrINtqHG - bBqCwrmrwoIBKbS0Y3CvsUKcTJJ9DuCZUioAZnAilU3mdFzN1mfCNEJdfUDAc5+H - 2xAP6FVeihMntZdZ/6/RXA82C0dqUxGcPedCNHuKcmqMnrJ52jAUDzeVXg2qdQ8P - TxRlLQKBgQCJ33OZGG0TgPcSW3gbYD9prbsJND/jiaaV12cXYLpeUT2uNMPEBFse - /ywgQZ5MObDclpYMih9sMRYU3PXtt/uWgSbWHFyzIZe4wzRDvr+pTNztI3+W5CWF - alT7i5sKrAnaD5xG6bNlX4soA5gHXlBVLbkpnVGTCWk3wqbK9HQN1A== - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubernetes-etcd-cab23-r720-11 - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEpAIBAAKCAQEAv+w6qElJ+K4JAOcfd86igVl8AONU8BIeZGMWq47AK3sLxGJx - 87jMkjeGg3xEGJ4BvQ1/OqOjmvxvfpPMcRQFZqDEE3Mzr+lZ/po5+5kPqNlz0LN5 - AU7yx0f1gf/mLVOwSh3te2/cEKVVeau0fDKtt8AdTe+FLAfsklINPQD9ycwsoq66 - qJQEhdFOuJGRlgNOTiHkqF+4xw7+gChPUTs+WfRTUknC3nQHYt8dPLRHY/Eqb6Cr - lw7+1iD252qGIKMlIHl8/FmFDtNM/BBmmg5xeQsAqvu9bGS5M4rOB3Yqo7FhUeDw - rJJcYcSbB6Z1U7mffT0F125Wpmi2bssfxdmMMQIDAQABAoIBAQC6GdoDJxX4cuG+ - I19rME55uQi6X7YUGK2p0D/CWWjUgLs3UfKHT5Hm0rq3sv7hFA5BgN33QYg6mD+Q - 8MZUfAKEsq2O4q2jDVa7wFcrNg9uPnXEUNOsRh66yHcy+K39E+Kk7AJFKIGvDnMk - yS/5Irc6r6p60SBEQubON4wotFZjns3iVPOQaXbtPXHbDH0PVGi1/Rx2Zo/8VHap - 6FvhekXwy26J8xwdAN7AD+5VpwKTbS6Ef+QJpr6gCp+l7FEFLkAiGidUkGx87fba - 0hOSnuqSH3jE6b613OCztFbFGhfU/UL3wn9d1PQueHu2CPkWhq2ex+6MuScnWMnm - Qx4wPW4lAoGBAPEL9RSp5JqpOZykxI/40Mhtik2iXcQzGvH0M5vz4CrCp93CyQnA - EHEajAw9F9F7YX4cz9osDCUAdZNlY6F5IYUboEFkb+UAHidt+LCSl2CR/+Fx88TG - W9+6Wndyx5Z+ihM9ZWTxiBWv0gYkTQGJYFzt7gw8xdkDhXD2RvjiiDmTAoGBAMvU - I3yV6i+zdhMFxL9nehdUJaxiSjLs/KdXDAOGtegsOw4kaui96ckkJI2T+rUzYaYn - PjX00bIG6E+umN6+H+lHHEBXCVIDmoIB5Z7Y1aTL6oZR2yQQZ+KMCJBj8Wr/tIxq - Sha7m1q9GHGUygFE+D5mkTNLyqXgu1hT01oq+u2rAoGABqGolW/zHRoovpl92uQi - glEZK/eakspBJITuYoz8DtEaIyy3sS/6g9ISJkgL/rRhQ0HxqfPqRZ5UncB9VDTr - 6iiPaR0lQuyU58rLu7fcuEhr/LzQ0woN/wK2eHDM8uP6Unsu7e8DKm2S3p5jC/bG - kufs06NcYhMJucjcvP4md0cCgYA763crLt8TesxhNzbplb/cj84raRGq+uQjRYGw - n69mO2p489fB5+KMUOW2ASSYlCxGrg6pyfjDPyiYFBm4kWfMKi1x9KQ2yfxn76rT - EadstM2TAwlLBs+jV8tEtzzHWbh39t8k46399Mz0xurDiMT5gyl4TPWb4f7xLmNZ - hH0T1QKBgQCrH2f+Ezv13tOCKuVJcbAql9aKZiXy9dgyrNDZIjwEgbFAhND4gqg8 - EnA+/jC33ti87GI6QmXylvGCbANuE9Q/jA2unWutHcYewzoatC9PLWKfw2r1IhB+ - 9aEaz+5+vlfdV4eVo1wO8yR/WRQH96ZIhclirVUGn/OUTid0vq3YvA== - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubernetes-etcd-cab23-r720-12 - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEowIBAAKCAQEAwNtoLXFPSdhYnDbtaXokXiXyMKMiTQyndp0IUD5/VqyrQobA - WMgoHMbMDk0jJBISPVvo9cQ3WvdjxdE+UdkfcK1H99B76j2LO7etLd0OYjhNVy44 - ePAoO7mMBBs0ia62jneNubXtOZMVd4wDNK+WYGKbVDarlwKifc5OMAQFhq5HYdiB - ULi2I4suzMkVgQt+M/73vUQoruZj3uePwVEf1JnRXhq96q/LAIaqCrZgJfwpG65B - x8nQDRyhjt6LgVXQcHozz9P+Y8B6XiO7MzbIsErepEBYTiNL5Q4/xYI0iYICG96g - 1vE0ng4qBeo/APUAcvja9zWzu6OzsPR2VbiT+wIDAQABAoIBAGEjoluRQTCeyjMU - 74w7O2o4jr60zKgmgYsbGX7hm94aZsDBgsy1NI8aCtoBPHwEpi9FxhdUV9V32kdf - V5Z+WHm2rhNCbcfUa/cOUypQt9f9J+eLnmI8BOfgU4gV8+aNm+Iyka5C1lQzo5Jt - cYfuET5HLJnEV7VeXF4ltfg1blshONFdol2jgxXDFoOuImIMfjKwfU6OYcWe0oD0 - 30DZMnHOj1Pn2Z8LGHEZwWtad16FZo1PDFZMoBMucpdgBM+TyiQS5LT61wkFlb2z - VLyUzu+kyfnJbR84lH7e5O6nEbCE1yTn3hNlPlXSfOEYX/n/VVcwXw39/MWxuHoj - 1gfAjfECgYEA79bw8yhVDhGuE98Z7brRjMBMgUByBRpUcLq306/LaT+0PDrO2Z45 - D96RhJIUDVjaZ9SU+5gKg+dYAgJa+3ZSnunOeI/iRYzrEROplsXFkRcfRntekttQ - o8Vk0RiCSuWSwzGRJdrqiBBA/vCpCMMfLyreNHcBMGYxqAqS7V1Y3WUCgYEAzdoN - A99KGu4oREX67GYd5fsFPf2LZK19pUfVlhXkjLIUZlrQkmWF63I5ACT8sn49Xuui - /oSNCmptxDeK/aCjG8AdD20NWJUYdQHBfKrKJHB9Duc7FsPKLLoOv4UPa6L7+4JA - Liq7usjECu7fRUSuQWcUqVYeAF2xd2bw2aydxd8CgYBjU0ukF87pra6+8gUl69l+ - heDpIkxWCqpvqRQaKdJ+uvAkhWJGw3z0MoNnOKvvPx3sJCCy9StdpwBOjLUrMLxU - rZVhXo0hqpNrFg6Er1D7nmzIXq0y+nqx6DyxT4oeBGc8SRnIaJn6UWjpa7dFNrGC - cill5ubqKVhlNEPW43K69QKBgFSzQeOz/rPyBpOBD+wxYF/+13tYVgDI+ggF9LZa - r73MkGRFPcjfCSmFyDps/aUcGHh0EI8VT0tX225/RCtz62lBtTNhtbobLwMGA+0e - ASrZNjvpnQCS8x9QNz1KrLunRnOIdowIfVIvxaqR+0BvMBwtI+1BR/ryklEFBFks - k4aVAoGBAJXtXsza1imjQrwn4bmBs9eadcdnFr1fuukzoRJi0PK6TQiek6Zf0SGN - XMZO+HMUuSnWAHapxOX73t+/qHrfisQta54zjsTQfjNJ22RLucBZ5VyUiWsullGf - vZIcMtRevKUaFccBzwjry+FzJPzPHPtDiH07qBqjkHdOgqW4YxEv - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubernetes-etcd-cab23-r720-13 - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEpAIBAAKCAQEApD2DU1DArQK4PKOQHzfr+/81s+qoss/0+GFLD1nvCDSZvyjQ - 2YcAq1UASatCqaTBbnInmmshwJES2WYh690ApMS2CQS3q0vQcaH0XqD4v1km8/lA - XFTwr/EO8ocGz54lh8e6aUyk+TznYgq1E9xWxzo/WCjs4GIf31leeUicG02sbU6N - ADw3W6z56Y4Th2Wcvjw9fqvJ5tCeBD3cPbvv4gW14E/82DOPFrj7gxeF8BznQ9IK - qxLxncM0CtnKsqgkJZYaqdQ2z6E10D0ytCxLenLgg/GINrXyDdAFpLUX6TZQMmI7 - k+rOj7IOFCgaPDaS9rG7RPonTyS2/bMIHt3k+wIDAQABAoIBAH0n1uxla/4rRWQI - LCpt/elRKIZK+nUQnZes5Hr1SH6TPtn563ToOK1XH9oDpNALmc9lNCKrItRQePGr - r4vCJNxqfmFO8/uX0WbWSJbXydZexJ1EQjRaEfOxGXfdR2ZtGCJpI/dcDZdUPupq - SGSzEnnNPDodLa0reShFPQXlO/hdNtUDNqDyml5FL21AHbJB6FQav2T/g2FCDT/2 - h4ocpTxmZb7mB3DoxVJ5Nt6GtXFjpSExaCHUNkh/yxO6d2aeW2zcqr1RJEaGswsU - FncCr566P9FOsLuw+UyLRpl1n0ToCmbw0f+bhb+YuXhrjjvDG8t9P+peG1QakOgF - oODHV1ECgYEAzheOH+BLbbDguNJur2B4TwOSQtuYB0k0lMoIKXUfuQhAaLIDwaKv - 2SnuRru+tkkbrtrIvVg9W2lE6yj04s7oBPxtD2HXGUN9Ne0thykl8L3n8T+/GPrq - 01Pj6hGK8M3dkq5mYkaXesdVTH6ZhxlfTiylVblR6MqVGRxkd0MODWMCgYEAzANo - FfXqgblGr7VN+M45BHpU6OMGbji4trP67PdT/IgIWXYayJ8lWWIWpEYu0ubauJfV - m/tI5tl624fmAduXTtJYWBr6PeZNhdOdohsCdzWmwttI4ZqgeKpOLwTySQx+sSWB - Ivyfmd7aXqKmEweFvb2NBxRdGl96zg6L8heyyYkCgYAEHcpT7qnzBe5nIqTdUeL1 - SQ/5z+MIejjXo/VnxpQcoQKQVMXobzRt9P1yYjub7nfkFTCfP4zyL3cV71p80T8n - IleXUA/4zDVLB3K6WWMNnO1uDyTk/dYE5I8P1MvepW4AiQU4f0p1RFf60CiG30Xd - DN08ihgNu0YhG0UScL9uGwKBgQCKl3HZIVMqxxue99K9SBLx2Mzf3IIc1ImfDEtV - OXujnSHW7GWrjnmH7Bung0oB2fQR3IuvSBixQmK0yfBVqMB0Om7rg4AmFtLpK+X1 - HtYg96CO1PsAz9NdxYwRYxHY0BUs8GZ2xxkBJaRBD8s0ODMBv8gTXCEXbm91leo6 - DyFUyQKBgQDAW8r4Mp7x/i/nlgAGhBNIgvkvOA9NdVPIY86ZTrXGs9xif+puPFGH - mhFuolJyZI/Yvl54t4apy/Y319CV46L8oOedRD9H85rYtojXJXzUbu04MQeEDTfF - Sdxqg0YKbhU7SYHMQu9yRfynUkBJ6XC7mn6ZJ0yDwLUguDJhLPPuMQ== - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubernetes-etcd-cab23-r720-14 - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEpAIBAAKCAQEArJgNfhV76s3yqRZ5nWjY0Sau8Lte/F7okc8FU4TDLyjizuRy - zyl88KGAPBEikoFVP2CzdgaTaLaIiGIfh9UMx8dbbbV84txSPFrDd4d0VWHfa9fv - ag8W5wt5ce9W4JT6qQlpMsdfx+O6yhub9NeuWFGdNFMlDoYh/4wrfAu+J4OuLLCh - Et7797fqawPjBtCtirq2i8SFN2tEPKvM5MkAYdOU7Hc8UPRUR3rpXbDiXiw2tk61 - yG4pE3YwMP2SPJFTAQ8XlwTdBkARb073Bnmxh9M8oYb4pvw1hLB5+j8firAtDlkP - 3PdmfzEFxGXjDoUPLzO60i8FATRWoRDEDB6XfwIDAQABAoIBAAR9fDRgiLXGH98I - R6ext5pRYFHA/iqgqXpJoYDXvmA2txfc16POF4MHIJfvdi/Lj5Uzhde3OhSKUykB - LILTJx73b8h95T7droIFdnpgmsUx46chmgfvVpAyOzmcmW0EUzUcmpEIoNRJd22U - pE0NY2rGzMk0tI0ZLj9AvUzf3VWXy3OWl9v0y0XrGUEcdMwWP2MuUWI0yTh+GbVX - G+dtrPdN4spR3+NgrSb5pcrgM5UsD/u2fDOfqd5u/piL5d6adb55csTnTXUj98LJ - rEUyH8X/lu+yEIQKdUgdyftvS42VQmMhhqCLT0bFjW91LDECjRgh8IjuMn8zjQJQ - U990mlkCgYEAwymfVcriPr0X7od0Rg8bhgvj4Qqo//S2nimf0A8UPbHeYePQHq6z - zSw70m1qh6HS80gLrf1IxYyo3kmlaTIh+CxMwAx23VaCRNSwIb4Eq7gjXd9aXB9B - +G5Ig4QaL1jzI5RW5/nYA5D79nfYelR2/Nw9RzGtSZlY1eCigOU3HwsCgYEA4mVo - KWpsQ4DWdhOmv97GzOSIX2kO/omG0ubuX0ASsWxp/82Lm5GmsrOGcbLdoiZBXePo - De7mtCQGq+kSbghvAJpSvxbuVrR7cwDOHt/lVkV/YfGe118xGzfg0OQo/nn8tCJ8 - aVcyCBRexPmUhMbbJ/4f8StIT9dCUmBvvFpVQd0CgYEAifXKZONeu+sAF+Y5E61q - T3/oPxVCEm3zCityhamjLVmnUpuwa4AkKk2ynDYssGR8su2jFAOQhdXBKiH1hD+k - M8NdHgWxoRWeUPno6HFi6+DnX1yci7Ks9+k96Xpg6EeA2Q3rwWCkiyDafIiLxy4e - TvGBf+pmDTkRy19YgLWIGbECgYBw6NxLE32NKPtMhj56oLOLSkrNMss8nQA1vOCT - dpQcEpLG9g8zdi+qHijmGau5i9S768c287fxjaoaILKFWAVsSosMLHaPnZGX6IXk - Fgv9u8ls4qEyjpIiHfssky3yxIoImM5thwQ3zVj6afLtSXPRfUcW81wsHZJBHUF8 - sZylrQKBgQCm/64/562C4cHumLeGA2QsXr18E9jWbRrTVtzrNNBU7RpSbZpBLdDr - bGl4S4c2VKCDj1HK7doFQ3Ko+jeJEiCwbW3Sj9CP8zDSPJb4BZV6cgw+1nzyXtjT - el0b75sbT4J2n5DZHR14Tos6vX4QDHCsrCRclh/9vdqouW8XyJ3I+g== - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubernetes-etcd-genesis-peer - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEpQIBAAKCAQEA7AX20jHoo5/Q/POn6MZHIuNw8M1toJ5duX2fa5VM2nVn9xxt - +0HYHJz2WzKGvpumQ2e9w6XJF/+hYsMgPke4dBI1ts0YPEXXs0xhmkT9Cw41ca7k - aK0nV2/y0hS3hk5l972TMBUb0vHiJdwYNgL4MdKa+kcnYXh/zHLUMeH2CS7jwxcD - AQQDnZxt/Dp3gcKNeJ8QX1RxDXU1EyrNcPi8Nrxtf82icpY5gLmtYKAn6KTrDb4t - RVI7L3HXSpd7IfHTRZ0ftzGkYacipS2iggdgUIX/ShXcE9kS89/lCZM16e2A7e+u - sJn4K57rA6EyVDqZjnVovrpPjtelRQRZa3f4XQIDAQABAoIBAQCxt4/xF5lnUxgm - z0S4NkwsDfvlpZkNXxGNcPTQKhwzRkIhRGvfy+VxLhMl+jaRYVvg10WBAt0XT+ly - FyC5JIHUDD4bxfSgtapEHJhFc/rhDzLYxerAktjTsrywyN6jp3aKA1nH060eufkh - rscgLD48Lat6FoelkfkQtcnnQZBjulNelaHZ/poAcb4bONNpoISUeo3H6UUEhfO1 - ezl1TrCew4JkRupHA3b30MFA16Jrt04TfHjCCP5kPJOp9nPOzn9kbjqFo/Omol1j - ZgNpXxfX51GWsFPqj3szJWp3Y7u/7/dN75LeRKRSO7W6/lDjWHcJoiWOqReRdgOf - qONF8k41AoGBAOyugjyUMF+FXiFnPEze6/mzTGqoi1+czHdsFEgDw//R5AV8SVqj - smJSIEUpd+NsGZqaoQJo7vO7Whm3AykWArRVUnn2F+eTH+UJKBNh6HYM674KbADX - kKXrzS35HEWH+2qol8/+G47IXajBupYrdPLZ/BGztNxq6bsbSmyc9my/AoGBAP9J - stNS5AtwjkfzFAjp0T+S1xLfTS9ajeXwQvW1INNg5ZPDXlrrkw1B+MSbMXwblicN - b7QLDYye3wCquKlxfjv9jFsVHRz9ZPRmsIW+eBYUcJrkm8dklaGbLH67RTK3BBEF - eOa+iCwFvtq/bGXFywoOG2TekbsHg1T3BhI6DjXjAoGBALCCGFhrP4QNJz0MC3lc - imlm4OduGLrOaeHp9VobjNE8y6uXm/D/wan3i19o5KLzXEjjZo4wiXu1TiV9Sdsb - Mhsgwmh4Mi2emBur73o8+ysGycypYxBhsts6doMBk6b7GXHal5Ui8ZRTMx4GlEsn - z4jJLmZZOdlj1jmWybMkf9ZrAoGBAM5Y1sfDj3rDru3vSDlwLWeynE+v2Sa2jk3W - 53jNwEu7XbYTS7g4BDPKKHdabiQ/9B162dhwurH4VI6ob/zeNMfuyL1ykoa1Nx3p - xzND4rMOMHqy4EvKPLxUviFt45/7mLjdcH0qcs0Kk9sisU6OEvD8uB3PXYIMr5ZE - 2U5wSL47AoGAS70CpQdWI+Er76oDZY0UWEaSbbECf9WRsI2WxsWjL1cuqbSCUFNO - mw4iQ5swS2e6YyTCI6FdxNh3d/3g99v/txN1upaLP96I/GhsaMhycgqu6LDNI3ci - OJZb3lkvlQmxDYCoZa/5uMV+TWq01oy6syRRk7IEek77KeXjaidTu8o= - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubernetes-etcd-cab23-r720-11-peer - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEogIBAAKCAQEAxyL19ntmY3scU/HloXV11tTaI+//af5ERkxbMkn99HLAuBFc - y9xyGOHbTKb0oqqtwey+/9e4CXSgOpiqbfyqhbHGWAIyJlMhDCMkjWPbr2Qt8R9S - gZerXDGN4n+s5LjR32TdNOlQAf2w7MStG9jRlFGPJ64x6cRjUT3EipdpFj8SzC5L - e7ROmjChV109ZdebpJm61dgwVSGC4OYtw1K9fYUmH7SV9DMV6d+s6TEyASordstT - 4bxMUIEo7Z4dzE8MZYu+XTp8D9s3E2TvSjLd1t5/RY1yO42eWA8ubiiFcTv6DD24 - JiirULWIHwnc6Jwv+xgmAH+0TzZ4L3X21s4n/wIDAQABAoIBADMT6pcAa/DUYR2/ - DDFv2XvzOMjDBHaBe620ZCfwBq2uyXPtMCoyLynmtMNih5k5wjvdp9gj0tbKDVc6 - VWzExFBqmv90AL0H0ZA1a2jA1laUkZwpdpY6+v84zrXsHcLFDUAJtRufRKBeHAV/ - JQ/he1BZ4yhAbBkUAI2UFFegIppLuzI2IluRahVbg2GC37o4PoNiqDZJ97+XHD06 - 8UQSogwjHr17f5euAtUYSkfJGQzQvk7Vzyn4ypMNk7MjWrQfq0CdFdU2f83/PnsJ - 0TsxBEYtEqU7FpfX7JmEN6C60cnqATMH9UWMMPqQ3jlD4pgJ5wPxDB9v2B+MEvgf - +gukVZECgYEA0TDxYYaAYJ27rOEhk8KNikUfonrEuNm5fm6pf3m3/5h7489EZmrE - SoNieVt/rA91oJv4KpKBf68G9684cYeUGLMBuK5rdX+buX7HhWH/z0VDwfQ0WS4W - QR7w2iQPN/qRPECO3pO+M1J0q8L8JwsbyH41ac6pfMZtA4Frr93ycYMCgYEA87IP - rM11Y6oS7f04JB+em7gXkccT3LNvom1QtvPd1swx8AmuNl85VTTLfPTNrye9sXOZ - x0SxHt6yGhWwa17L9QC4R/xJ+CY1IKYQFY2k0253Pk2TRoMl+TUV58iNy/mjx63B - bLjsTazm9459jfdiJLIYT1SHbbp90g+snbjzktUCgYBn/M5gzn2OiZo7jAYm73Vw - oH/jQuf7g6+j29rCFX2TvvcG/Ydg6f39lGYlMYi7vUuZtS6d6woYsKbkBOQn+19x - D7rxVTLxy6dbhFwmP9rr6+CMz5oeIrzJTlon9fjiuNnte6IJnqPT209H+rthpTIA - bkya9jJmZjTWo0UmvUvBhQKBgFYJjaMyvrk7OIexmPqX90V/D0M2h/qpl0Y/Vfnh - y3akjRT0Nf+YSwOcKiOpwlyOqVhXOfmydN4zPaob8jdWNqf/YxB3MB5eTu+B8bfK - VGEZZRwoA1EnyGZdqag1lGppbrt2yw15lGQwITNRqV5P8uSFxDNt4oqJBxb81bKx - s70pAoGAWp9hgP3+dawp7WedJmu+j7WRQ2QsS/vm09Vq1Q46BaEBlFbDYCb1Av0R - CtKbPdTCeG0+uK8EvAVFEoxdrv0pYSJz1/o2zeFW8UVj6b1B1IbKLxzp4+gdQ9lJ - 65VAekhHfknCYBSqL44yFNSjGWVxG2FFUMUzgZgxL5xv4SNjxQ4= - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubernetes-etcd-cab23-r720-12-peer - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEowIBAAKCAQEAqrAxSeIFy831f32lb/6ZEl3GUJ3R8N1zLIjpz0UmJcNKXFjO - /2vpQ3FEPenbu1Q4Qj82G+FHK5QGKijqdOUR2eIUxud3gTZiceF7GcEIcT16vbHv - 6RefiEi/VcDon1nXdFLGpVAipq2VcwBFwl6VkRldqu9mq0oPe8RoKniMrQz7Z2OY - 0BOsBSire+2uFhkJn7I+lhl2FgGQgXNSLn+LcnG5835XNUt4cGTdS4rKCgdqxPZs - VwemKoOUa2YXNhoEiWjLSS2fbOAGSCHpUD6H+hTz0cE6x6uds3V0o4bdE9SMSQoG - BRfMAW5iZnV4HSSjfF8psYxLdKHCECm/DbTMjQIDAQABAoIBAE123zenw3emRmeQ - 73cvder28hz+Mxx8dFve2zX9LP3wbpwQlgknwVqhWhY7P0T6SPoP1A+9It6tNEsH - /LgGih53U3Sd8geLVgxXB9Y9XAaAn2beDYKc/QMN+QADJ8/CJ10cgBjgkIlSuEPT - +NTotjp+55q/Qbo1R2elUJ0NztJuFwzQX6OSqz2PBmRRIdZGJwojHvfKNimgfl04 - dEwt5afFpLBa0SuNqjSSEhO1Z4u7OYMwfq4SqeDsp0/DC4d0kIFe7q3NTNT9Advo - mJLycCtkgGMGqAC6FUXBnpukLCXNsc2+SHNk36zCI84ammxPSZnK3oI+f+Fr9N8T - mygtZeUCgYEAyv3ZLf29z6tQD8URXYOtRI2c72iR4PeRTP1URG5/KDt3UBhGP+NZ - dtR0z9OqdLfUu6JzNOmM3vshlmxsk2R4NrSBMyxM4sOaxVGsT9DjhEfe5XqjQ7UZ - s7VtX4RiuYSVAblsk0+mepmCSGYvrFVpd7SGFcCjgtzH6EljKW3Cnm8CgYEA10LW - 9L3h4dK2f7ZqyUPu54WxJd+QtNZbeBlgxddTMpQ95cW0qBrg9S/mQI/MwAEn44XA - gjE+kD255xj9opxT4nRqaZ6llW+zAPhMIGiZLHXuGlNNwopRwcgOvcH2g8CaPL/U - wWOEjd+uvtvV3XxV8a6o3ft8wVRY3wswbqL6wsMCgYEAthv0ukD5B5Tud6dZg+a9 - DFJrp5DNxuDzdvmSnu3un/5xdObCJ1DkkynZPhXrx1igvlDoQGECo4zzPgs5gSXS - f2mCu5ETzSCk+j7icpy5cJQ10PQsAnM3grTSUa3oD/103J4oXSRI+5Y6fo9GV7os - q1rGLD+tsZo2shscni89OXsCgYBbvqUXEobfVItryzegKE/+ZUCnP63RJTs+6LIS - ID/ZYs0uzSC+NRaD6bJc+ezuOI/jrPHri0l6+JPvJvuS/sXR0oQ4F+HC2yST2T+4 - 4FvIU0rz9WVC8Oj/imCeB7klVkVmduwasGuifB9iQRfZmlCW/TYDxlfZnjVyerZd - sSDnOQKBgF2z6Loc+I01D5TjD2MH2BwR/e0P4cuse1o67CZhLXcRSR5cHb5LdpBr - 6VFODs9DAi6jjUoQqWAih3+kaTJwjpqHO6DdZJeNEzq1wxOSvM3TK9rg3a7ViUZP - sjLpQkKYtviHru/142X6p4SHsho1/S5DU/nj1pYyjgReez/fevCc - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubernetes-etcd-cab23-r720-13-peer - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEpAIBAAKCAQEAnyfPFnaJFPgoiWfR/BXW0MOSYmKh23o315a63jSqpl/ZtpMQ - VamURbXK8IvJJN+xu7ehFeIkzwMbMYr4tFIy24b/boQStte3chY3KtJVnhLwZeT9 - IFYayPo+6AU+J8JuA9WQqc92ZaVP5q4tRs/FUcSNmqvMl6DCjTymd2kaupM7HT2c - dBxfHGhg/zO5xB9r0NA9kqe6+4/C+0Comg0Io88BXzYUyQBWbsNE3Ffxf4xlGNDH - te2DKBfAta6D5MZ3c32edOOU3Dh1pACx1abTapeolLw9AxV3zMET2NbBOgMpGR1c - oNqWdFM1mzZfdPg6VczYbqzq+BK0L232dfS9kQIDAQABAoIBAF27bz4Wf3NHF3Cd - IVEqd4IpvBuPZS3CVAL3NYTKVbp4dtsMz7Dzl2xavXNfkA3UZHNemVMvBWiZtrk9 - 1G02f9dEMUkgJXljoBljtgfVKjFXjBcmfmE99LZqkwPImquF2Y8Ohw1LLrp8WotM - B0RN9zLJ5G+0QGEIf6v4jT2EPAam42AgWbGXZNX0hU8LA2C5m0kG2i6pbxWIYCG3 - JQDrqoc4wV/f7wsjXxEPVxi1GCK2nTUTThStDm27/N6IluR7E/S88wqZfuvUmAYk - j7sTNVA5PXPO0t8quOEh/wcrQZXh4GNlcqAubo53qXBoM4teKehDBEhpoCIXui+s - w5MeuYUCgYEAwsieNo/dQmZzNGt8Oje/Kqqay105791CPqpxkTsL349JkxzRnv5M - oOMqmOduvHjXLBDWcignRc6b+biIHtGZO89loWvkhJVG3mZhpy4vmSIWBfUWSyxp - Gdeiyq+QrCbvMATZxsGa1NAw9w7xvVVw1BT0vP2dpz/uiH+w76tYWtsCgYEA0Sy3 - Q3Epu3lVQLdziZQhMPfRtbFBlPnyPZ4kyW/pz4OEPVAbTy0UyHqHI/5vJc/siGtW - ikUoyWYs9Se8MK7nll0LpYOJlTMfOWx7zaExEKW0XtZ1YfM8dEVJsE+aFhoGpW0u - qMjAMU1kAfA7IrufljsiS9m1xEZmKd+DfJnmFwMCgYAeeR5vcNBvy/FoGQzFWuVY - enpfKIWg5h+wCCBeVTuFTTh4gIC2/Bfm78NBSqvDZrBbH4M9NtT2Ed3LEriRAb+U - YN0IhQWqTGRa9O+AJTSjI3cIlZBYUGlc9qRsS0058ZloDMo5Ux6y/qM6c6cUNOLC - +0hSrObWPKVHy5pV1JutEwKBgQCcUsC7RE0d8HWIIhHUlcGgaPRuxwPuJEWnSxLP - ADZKgU1IzR87ssM/eGKawcGrDpME+ML6Hul2akfbB1EbSPuGYg8cKQufV09UiQCV - EowqlswPvFKJW1CozEdf3n2XWufwpYIjXbRUpDPDRxfKw1Fm4takvRWck8gyLvqD - GjjcpQKBgQCVYXNaCfBbRTi+MoUoYHW7qWfSNnkdjghYXBvPRWc2dmusaK470FQC - qZ47j7WBcpbN5gsMJrYt4+/nS1Vae9HQg8YxB488hDmi3zae/g7jNI8vyIyt5BoB - lewcKaGmZ5saAYxSyBP1s/t8W7L/7f369ZL7Qr6XFGMocfc6eP36pw== - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: kubernetes-etcd-cab23-r720-14-peer - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEowIBAAKCAQEA0pU7YYKa3dcHpGZGg1yKzYHt8METRU23ovOU3By4Nx5Zgi+C - b4s2S+y5lBBszoDYnmrxLCt0hV7/8Atqg8cZCDt1KVGEAKkMTi87YjVs3bFNjevi - Nt2IToCsnpXAe5cVl7O1TzKz+XGtuiuDwePh5TJXWv+n8cXuvbPOmcU3ay+KZ2Xa - 9OAUxv+/idEmXsipOTFCySC2mOGxz8C8TwlKrmmjQkm9bDdjsgCzqP+7opGXemeP - TZGNvAW9vpWcWebUVi5hcrJtta4iTpFNyl6M3H6V2qeK92T7rjX1snDi1i1+VP5K - oLghqpX7a5XdJcSf8PrHNTcFXk2HdHStG+5I0wIDAQABAoIBAGkSRPq2bAdcj1ec - IHrS5f78YXjLHY5q5MHNv+zD97ao0gh/JBn74C+qAj66o0+2Ql9pBMUBObaCXDmt - uIvf/8F3yVHAdpjNwHISZxLtjVBgc03o8IpnpudklLzcA5qnHAMBi+nkZqCD9Cb8 - J1XLGp99qtCg129vT1wgJ2naWXiE6+p435tSzPETJePYILCJJRAlmHiulrTZhU41 - 2QbAwL2rHOnHzc8jsEQS6drY4K8F93KnCBq16wy0/S4wHwYKNWono95cL2ShQwnl - /f+b3FN6w1HLhxI1Ph0fC9lGXE4dBoFT1i++RR5gI7qzmVT5MJu6DW4w0fiH5TkR - CzSN3iECgYEA2lqhYaxvb3xpBeTUtANU5+DQ+I5SScbrinGorWtVmMZrhjMdBE76 - rAPVrpXjQTXg/SOwzKXs+4iZJ+p/5gMeaNULgDcLRd4JpjkE57XXKVnuwnP1vixc - y/FjwGNsT69UqD6jBLqRSwcvQfMxhPpiW36V4X+TyEa78Mg5j+vcSwcCgYEA9uOd - CCv0suoTReGAj3mYGXSZ96JfUwVhA9PAQcWIG8Ni9XhbKpuk4DQr2aiGY6DG+Ufp - 8FRsUMttQmlqcO2WEdjHVIzqN/aTm8gRLNLoz2UyC/ujO1JHaK5YMozpCVyyyKKB - Cu+q+x19ESFHaLsJiiWWxeQ/f8hLvg87LK0aRNUCgYBrLftzPzn/xlii3P0PU2dU - 3oSUzP9VWX/6l+nNHheJAzR6ThKbL81ZrBQyOz6unqzOdLtu6K9XlGhhMHkRRUyi - 9phLmjk9VUz1O53NwvNXR96rslHYxFvUe6uUHvlmb9ClOQG5634wDtnCjIYtGN44 - vP0DECVRNG9CNHYU0Bh09wKBgQCG300325tv6gPhVxF+T7TRoytBZsigd/3Js3IB - /EEguZpj8v4KxsBJYvbZjwDriDdqkuivy87oTFlBwIjPbFthIIW0IM8LB38XyTHo - xMc+FVBDz5IapBYyj5vK8cOUw7k/ddb8/HTxfeiG5SE3i4XonCRDsy8lRWxrRbLT - 8zS4iQKBgAvYsplJ+g1Cn80rztTYPh1D1mxYIp4TNIIERDiP1b604UjJ2CrYTwYp - YWYpOe2MU+fzGpRUd83TALd/Yd2IerEFaW17HBM3J3hJoEqbRZnFE+46fTv9wFrh - PggsHOwQpGVkk4FSiadyIFeuzZVaTf756fFX702xyY2K7Ywhi1UA - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: calico-etcd-anchor - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEpAIBAAKCAQEA3gZMISoYPUGKGNNXxxN7Jb3QX/0nSqfOY1fmmE6oXXt5w8p9 - CrALCublUMwOGZlwc0J3asrPRtctXGUHbK0GS3f1+OU1STFAVy8l+bIOfj414ub1 - 2q3Xic5z/Vo2ocw3x/cbo7BBzYpOrPl1uu93liDZyn5eptbbJ36ZoMgbd5jPPDio - wSiJ1FQT0xi2c99+u9MFFLDYvb68EmdeRkE8CpLRRKeJruTrQgRZe53kuXK/vp5i - jb5xZpdRWjr1VuVNRPvIJH5tzxFc9UprZhCCri9bAhlA0R7fV598BER/0D73fjrf - VdlGJ2Qxc3EXXN+LQ8BsxAkiOn0FPgPSxoKEiQIDAQABAoIBAFVOvB+eCfQ3Y3VI - dxihrpaAyTioj1lLAqz/EDYDOwO4Nr/45HSf0Y5dy0xxKxXA9AkFR9b7mArTELXI - h8LE9H8414TLpN67ksos7n1zYcg15QSK03ozg3aKodx9tjISwngNxUvupEnyU2p4 - 6zhpXFyNwMDiL0IRmeEh7qttV8hqcjaEBP/wtT6doGZJ8y86GMXI0siqd+b1EpAD - 8huErkwq4CPUy5JbEJQS1oefdC9yxJq26DIlsKy4XWCIIyY1Na5vONGXg3mdU12f - whsVm47HlFP05YLNh4New3G7oFITbHL7mXHXC6AW4cM0EYOS177hJIaDG5xuoQNn - I/898tECgYEA7Bk5F6IudxOkfnqdEG2fUMj+MIxoVoTALLudT6ndGlSy+9HdrXhy - kajrVAFdw6TA+X4rCP/uAQWnANWWqYPM4wbo7DOxVClh2K8eXkhj/mlQ1ZOWFBbf - yLiqHRHbAj0fa74hdr4FDfyufNcmw+dDHK2dB5sibFZYHhzpUTGBfE0CgYEA8L1f - ZnaVafTsECgTxg6S+YBXbp6TWRCSswhHeoha9qWq1+lhU0J3kObdzmGTqx8DiDOL - UrYgCJNafcpGv44p3zCs4ztZFKJFkA62j5prIUuT4OIU6lgRs835qbnTQEEIPTsu - 7S3CDB1OKYskL0AXbpRCNJP80jgtWLpxFEJH1y0CgYB3yKxAo1XzsBGK4eaCCTwF - HpRoSTQ+gQeHKoC7hDDbRRGx1V4kvrFR2WPbsP3DXvlRG4P2AvLbreR29eaEhowS - utS90dQsIPq1ltNPfmbNEt2iHkjMVHahPZ+BNCfrUNt6LHKJ7gpeeE6GpBnU1qYk - DKlYzIqAcKYwUPbG7NkHGQKBgQCXDSur3eIYTp5D8PGfRwu/U2EIvqUTsEtr3FkF - MENrGT3eJch0dnMRT1qDIUSHjXko37aemjn1R4fy/5VuoePx79e66EUXpk3heunf - pvNrO8G4zAJ1m/bXi/kIHtnHKkbiLJ1gImLsOQMPHAgDQcKyFoKH/QcYXDlPwAQt - wvzSrQKBgQDJpkuCxh+aeOlYLidbxWxmmBGeyYj3INTomLi9DX9Upy7pnVOiQp7s - DpQypBVsyGPI22qkHAKG7goOVlWm4IlJg3sgaie5ZBhac1k51oJnkm+nIXzhunIw - u2dRGdGRpIf6VtQn3ZCLa+SZMt9cRcmbx1hh6BiH6Ed80BdiPF+kMQ== - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: calico-etcd-cab23-r720-11 - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEowIBAAKCAQEApjnULGO9t49RjtD33k1jE9WDfN/UN1+LfWFafBgzyw4mMIum - /ne7a8qFCThdM9Z3KuM6OM/rWsNMfTLOg8bKEaNnYzu0Vo97yTk+XqivgBQGBdWp - ukgTHgGyPnB2nz5yu5+4+Va3MIehUKbH5DIusFKvPSWoVk9H/GhLYrIqkfPcGctP - W4HvviwqII/Q8NHYtIoaE3CnunVRC59IAGDWUgyuB0ccoSLcKbDWgorktVPBeE58 - vZLxNm3YZB3dvGkCw4CGkUJ77Tqe4dRly8jz7JzKF1WgLuk25Z/S2YTIX033b2s9 - J1vIeFvL2e/c4bbewONdEBG6wzqmE7t1sfk+hQIDAQABAoIBAAhBgQc/YPHX/W4B - dP4mi9A1X5V5LHoflbcBedQGA7SHHGB23zFuUvG0mkzt7rsfYMXRiVe/A+p7HrZt - KpKi8fBUVFM6aOePss84t59N84GB/RaXGRn2cHSiEu9E+K9KE7q74R0JMIoJgnqV - /gGYeHcrdCauUyEOSP4BVBUv0itzg64CDsfQrwNNRr2wQ+eHC3kflqxRqiT9rf41 - xgIsWmNhpMfDKNGlKnWC5N5N4Rbr6HEE0gzTNK+A/PTP86HmlUDFjoT5SQCdYFId - 0Dlxah1cW2A6Nel3DNPqlLTaISHjRv1Sv/4BoSLpRFq7l1pWG3tBEis8NEeV0VF+ - Lu7o+JUCgYEA1r/O5M/T1mvRmgJVPdgamYSJaorifdu/LYzpjl339hifUVlNfm3x - nCl6/RKI1mRvvtYNjra7qnn0J7i1Yk5PvumUoyCDDHI/Hdf56rlHkkqUZHbpxEY9 - kXIceEvfB+nw7VSwodXpYO0SBNb/rhbVwFKLO3N+0fyzQ7DeJmBwQbsCgYEAxifo - YKVcjeEn/SCWd75GOrD7Hh6/NB8PP5S/7qXDWxf/ytV2Eok8GGMzYaQDrTN59sOA - UJnQeO/HmCWifVRI/g/3vc4KO1gwrOKtEuv/BHPURh8T1zcqFvF5tawtBylviA04 - z/P2whq1+fm9mvCEA4FBSj+pNHOgPqfMrnm7XL8CgYAh+uO/7Oq2KQVXezsFuCYt - WH1t8F/6TkUn7f4e2tubgzXiZ2ENulPaw+2EEeS5F9deuPwYMu3rAbUSe/WngoC3 - 0roEPea+l21JSZ1v+LVMfqSQaQiAWCTx2L6MgmTeGbRXuWjhkrmE7r5FKcf3QgG8 - ltMVKydMDtJGybu9EtFwdQKBgQCZuj4qND+Ahou6cbyp+wCK6eB3do0Jh4sR3Xml - UA4lrpGwLzhhmvv3Q4aKGm8LwKK/EN6MKTg1ingDDjdoGapjB8pAAwenEHz6swRo - aJO4RZAKMnP3BAHwOLgefAuWwcuX9gH8Op1V6tkArIIvIKaZ/X3Ed2zylz1bPlyp - gyEbCwKBgHdMPmQdJIdxrv1yqWRlHrXCS5nr+z98UEdlGqK4ALYsDxA1cGQMZrnR - bD3/3P8N9Wg3KUUNDhHRm5hpXvIpttnQ44zT3hk9JDylqKHJ3hn5evzum12SE3Z/ - jQhAm/W4+ikyKFU18Tq4dEZanAk9+3AabsKd67beTvZ0IpYHwFjj - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: calico-etcd-cab23-r720-12 - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEpQIBAAKCAQEA7qqRo+CTz0VfZwECaxljOXKSocasTJ4LiUiyEs8KFsUmXZ8U - 40OZNRDy6lMj3UrTsuYb0ETo1ZBbDzmzhDuEJtrGDMMFYDy8WaDyt5ogsJe4RtGH - nTGWId3wZagU/O7bY3fGRk+0lCisKlNdFjdSu7o7Cr3ktorsRVZTAi6v0bKzcphG - 2FZrv2MBv+tBo7Wv8jCaWTCW3BAl3CHLbmXLOl4z348X8/b3gIL7ZOKlU3YuITqj - cmwLakRE2l6iYgTyFYiU7u8ayBM9o7Cu+0xrzDtlSBCFeicqiKtfd7+FFHQrFcPk - KHS62+rSlA2MpwS4DpLCu+6Q7LgFtJrrgE1VOwIDAQABAoIBAQCb/+ekW0WiBHFA - bZt8D6MYyLfpgGfcyK03tcmXm7a3fXP/W90WU3gQBJ0S5vcZTTCkzd2+O1yJQ4sR - n6CkPRa7IuKzMsIPzoM6foZH1jmp0/HCcHCZIfFE/8GDYOMfFK1YDdEO4khhU1h9 - bfH5dH3icO7orYiSfKnFBJDLa2LGyClbC146r+GNA3cdh3A3YRyKLo4hbg2PqaZu - nAt0Za/VOti3fVyeC0pIJD0s7hes1MoT1bPj9Szw/JXBL+6MwxBm575Hi/NtN0Ad - akgZ/w9sWoLpF5xQu1wjE9UE9suo7jKDKmyHK5JyQrFKcdzrC+H/2+CeeSbVdegK - BtGCw7pJAoGBAPB1XhYbLTUSBpXvElBjhYUBlKOQi50pX4CyVTCxUo21uAbrefNj - Vqg3HqRvIkpvaBU2c2jonTJxi9UkUW/u1v8h07GEB/duq1dVxSrnEJCeOa/PsOkX - EDKJSO34MrVlxRJTNT/WOkSSzjpGfeET8Ko80XqNK/EbUbZzUqiVuSO9AoGBAP4X - jEJVFHBoSF7UZmGacaGBOa85vGDFLc8VmNa2ZiJNpYlWLK0eC9MU+mMDSSa7RWau - UB0kyXIab0ixu5CFrxYlSi7oD1Ji7wrI5Qjim2HeFo7cWGIfpRmg8yGTFMheg88S - bcBDGJ8XeRip6NypwMUrP5vYt5WjDmQ+XeRN9fBXAoGBAIuz5OH7EBzRSDo8F+vU - pnJMJMuS40qACxh+g7gyjb//X9fFX6jkgihhPdBTMR0F9Pa+F/dPjmUMSy2eWCIs - JYU9ZfywtOAw0COBlXgDn0AmbWWTyTjjSWnTESgRF4UEh6bJ6RoZoOjOUjrRUbk/ - GIgPpbUJ6AnA0YyrG88Oje4RAoGBALEH/QwWNQhgT9PqTm7AaV0qKOOh6VLO7qyy - kms+aAiMasI2DSiMn5Zwrkcf+e6HWcJBvsWfZM8gBdrzIgh+a8+VKYtm2Y4AKiYs - dA7tu27Dipn8gYPUInapwdvpmvhDibhTUa470UK+2vtJHlnn18xH5qiRpM8X7SYA - ofA4NRs/AoGAErCHYYRwxUr/F2PebRe7NyRfMBThpsI5AVrFUIkjEVl6KnKozCyi - q9csEDDtfpL4SmAeLk/GWUzrjsmlCR9AyHmI5pj1WPZXvl/NLu7DysU2c7RtT5a5 - ylKFPtH5XMLMoZ91o8HB1z2BHgmBHNVED1y/sW2hnOs809yXwiujMxY= - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: calico-etcd-cab23-r720-13 - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEowIBAAKCAQEA5fiBi4ruD9DkkMIJJ/jzy6urUy0nCD0K2nzi3Gb75T9B7tZh - d0AnXF2JWW/tk4b8nmrscM5DKJDixOMJ05js+6RGyZ7vKL2Pq9AeqVj3UWTi4Yoe - eV7SUxt89ZAXmr7Z2IX14DifvuMbekFNfa3T4Kz61JlfkwQpYRxEi4X6se1t/Crh - jwcccR7GKQxgL0NmX6z6KI6jaTKKfBwQWPs384ZkYG+eiqPu63j3PLW17xQ5abuZ - 43rEQLHYfq8+uIHItVab9bXKC4LypEs7kfhi3xWiJMFC6NdM9O0YDYyspXXDUBEE - tstsAAhSH6fL2CwsypjGHvEgi7AXtnedqdgGGQIDAQABAoIBAHHZpmCsBhGEbDOS - LDBC2odhVK8X8nPsrHvgSfutbFVhDMYuEhCUjSf4ErBZbjeUI2pWKvnp02u41tt8 - PvgnhGNMP9M/QM1dk0wO+68BIWeFV6Eq3M1feSa1vBZiIJ12kKjWIRTBU6yQCKFs - xO1MalGXsZIg4CULcWTnNrQQPz1oCrjdKGGW/IbsLDQaWeiz9xWxsSVjrpIiGdgr - 0VE4k8b7BoGUcK5AWgeKQky1+CwwlYqh9r+YYwo77bjdWEqoBjn57kgfYjFUDzZi - maqIs6mbjUxmAEUBqU0u0jV0nPSYv0tGrcrIc+lSf3J4YGPdSmMzjGeXthj0RgHN - rKe5wuUCgYEA7cBDtYtUbzr02MtSBe+8k9AzF8kxfy4mYDNZSXY9SKKYW2j1UyOl - bYfQzf7oeuwCQmnBhwcbiV/lMVs1FF/eG1OAnywyRfDbKgwC/P3VbvGsr8uaZVxx - 8AGiJwQmIS+RjP4yvIa7v0ORgBgA0ANvhl9zqcTmOyy8ERlfVmxkxw8CgYEA959c - Y0+91SETUAwxft/Xnt+62J6XCGUtIYQXKtzziJKMAqJJbZHUiOreyWgHP6Z0vs28 - SCvHVlDLU+HMS0e+aRN36uQ/pjdPlvYler+0J/IOPaVCUXzyhId6opruIstadvDj - nYJxERwzltZY6x4UXUGKQFyhMUEb+X/ZHO3hoFcCgYEAuu0qjycvyJBbB8S8Baza - 4ICWW0I1Z2AajhJxRf/v6RbloSEhmS9ylm5tLjkYAeVjVWIe5ZIiBV1fLvIeBpnl - YCjD/OHb2P+o4SM2ikDsuWDMPB9hkgYgEurF2dU6QWdMEcWekHmCTbvLPyIgKWw6 - GDUeFEGaHrZqWytOuP1aMuMCgYAiNZPv7G5PaXhfkK+t1YLWYhZQIui+siuf+72v - oELM1WIeYwk95+2y1K/ep06JDpgGXCns1o99b0AH4KP2qny1y4i/nLTmY7HNK0hW - QvHCqwAoqBIXa+mdQZJBsKHBkNJ4qCLp+cFhGcJOzmIOaWNq1skgxytFwLb6qxz1 - kC+hlQKBgD9Q7W63LHvI5U/v+8rSQ+uCYvjV4AvmGEJ0ofjCvD97iUQKgKNlAiII - 1ZIQgWGXgJ2t0tA1Jm+dBmY19jiX6dYCr/7tgP8GJitReiWnoFGI6pyAQKpvoT+H - iQD58VsBZApM69KqjvuD670tjArBMeo5wnyA4miE5e3LuxO+b2C3 - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: calico-etcd-cab23-r720-14 - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEowIBAAKCAQEA1BcFPyvztF/uE/f0fbcqJd5oE9Dr4fdPcMqj9+i9GR2lczoU - 42C94uKOpybyW+voyXYI4edBWyMV5w1nWRnbWdtDic74IwCL6YhMvDPfkEsYwL5F - 9ApCCYMMmaaYyZYBy6W54WtZlle7QKbv6zQ1rR9wadd86K4AZ4jDsYYdYHY01IdT - hHCtwbB9Cib2/xaB/w8R1/oGRMsAQKIwIdZNuCIvAAz73P+l9dB7R2Kj/rL27ttm - 7LCvQjTE0SVfZCoPyu+V6zCofPv90HClzegjvrES3AIEUROxZhwcatqaevGhhyIq - mC6dBTjwt/T11a5iIHb5GLkno53vtRfs75EpqQIDAQABAoIBAQDIURHgj5e3dp+7 - 9obSskw5xi2RAdO48kfy5UInJYhtD2Y0Rdhyxe2zPH61+4APN+r/VN+g1jYRaTsH - ps5FBrn5zbGlmHkfPiXnpZesbmYqt/MiINSbYZDrwP4GpaZLR8ZcXSQKd8T+zdAL - iWCzSvWjlT0sip3semPhZfhHVL+sWV/RWr5KwGXwaGs65uzFbVcIue7my5V0Gn/i - XxixBh/fLnORYZrdpI7ph0ESv+vzNQIgJblUNvjlBJ2zWOid2vPor2B3CHn4KSqm - Bu/HZzfXlqoTzMXKs1/GLeiIDcLsjIoyFvYWDodoi55psOu6ypj6/IHB+9udOehM - pUPLI7UtAoGBANjYXkwKUfAxsQ0hCs8MlJOBfsvT3wrdQp3x5/HuoSjLw6JmCrfm - 6PNlv1WLEdK1NnPfYEv88SLn6wvOA8MgxCOG+gf3EIB07zlIrxIuC2tvMfsdzQus - 1FhkGQ4V98CGplSOWLn9WuTNdQOGBbx19I0x+swGILJM1noMVsRsQEYrAoGBAPpi - 10EMjWtJSoxhQOIOM0A1eR1e7dSw1ubSf1IFs9Xv53G5Uv2T5kxmj0kv+gV4vvju - 8xT5FecVTzuTEfG63JMx5JnzJUsBSH9NBH11n6NEvtjWBXP0tDsYfsuWtKi4hac+ - qxdCevW9wYHdzaLDRtNCIQVHxlzonMwGMQ7WH9l7AoGAWLDemLFb5Cce6GTMW/Uk - S9SaPNnyjyoCVkGcAar9hYcaBDFCTweF3g+Om3lfF9SAahJB+7KAGivLSi/AAC5F - qtZJK7rUqAWr1r0wxfnJN+7p/XCp7g2JaIHAca9wfvFT1J/IEIJci9qw8nj9naCN - HrcDgjE7bFHbI14qmvo/q7MCgYBnXkbfY/8+O5O7QKs4qAQgjfLiXT5ygE84G87U - XeZQfCpgmNHaPiTlhbHB1Tyy5ZZxzrQsBGk2bWW4go717N8DJaXqqKbMwErdwz4H - TXgKP2dKvZCivnNpskMmaaFLxmHnGcgoYhnBOgWZR6iNeXDT5okbVPZfhOi2khfO - uDeN4QKBgB7g5yg8dJF0hx+npEZ3zEXtb5fWabUvM6o72udnmLtTD9Kl3LvyjGTH - grCF+HHIwhtA5HCCGScfBTFs7RvqQeeOvjlTJ5z2ZPTEJkxDDneraDSLFS2mgAKB - RezSPkJX/jx1uaP2u1Rm9OP0Ir43zr1pCxV0k4z4I8cAQiySPQKY - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: calico-node - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEpAIBAAKCAQEAurcnk2DsQLTrrtNrdHsNsMB/B5TLU+35QPyknLyql9iZNHsu - 98Ew8rJA6wYqnq1yZR6pGwvelxfkRcWMrw9rEyahYQU2sv2NYxhdrQFlXa1FZq4D - KMVcfXvAMZPViqrPh592LISgemp14bHb0eZF1RBGxjZvkNacUmlkpnhZWc0aFan4 - OA6jfxis2qDiSyo5jgk2YSrQAfSyNgpAp54Oinr0mItsWR4lVxeu6CxtZP2oSUkq - z99KpdX9VVYEr44im0Sl25bf1sGamCfJEksp4c3Tsm7Oz0qDemrlUNWPJrj4K8qb - J9meXwV8cz/tTjtpdvFe7oVxv9QXi3/MkPkZowIDAQABAoIBAEGuWD+h4rnIavfu - 62foOaKptIXoM7ZsijfwJ7/zJleQHCS4CIei8CMPzYJfgvKatRkZNgeLn1urTeO1 - YI3ccKAmALLucJV6WBg55AoN6aiQYU+Dex0GgEisFanbBU1oVOSylZGHfiRR+vHP - 7THjPUF8HklvsMNUm1zqMjvVLilGQUpujwFMm3DJcW/uphMh54TauCnptGWna1ln - S3cBoTy6Ytk5K6m2pQH2WtePnqdChkl6kQRB5A6XVlVN73UBr1Atn+RQG2VXyj18 - VRDh1SrOxT/XlZAsCKrtI8s5bCaE5vbKQmzg/DhoJuZHXUdo9SMKU4yhEjHvFoWW - Lfcw0WECgYEA3DPde5B0ZAN9bE6fXj9axPGbvGIM4BZvjSVctRrONGM4aCVXY5q2 - Hp52n/aLTPElSNn49qrGs6jmfGWTisBzykv2Wc9XQ+c5MkJ+ePTQ7Epi2hZX9KtT - t/NQPfuaPnzDVMtzuj2Az7aw5TEnEQthNqwwf9L1qaK2OPccCT/gKAsCgYEA2RGp - Bp3sgDpenqym3BV+XT0xqDpkvDP3jZH9/2jdtSv+nekQlEV59oCJdrnnD0aBDZh6 - kouI6wU/k/wJwgNYNwU6tUuy5do4tH8TBTa9tczaTodytslyHFta5T8v6CDJZ3Xp - pH663mkIC4nOYJJ3zsOQURJ+XGPnYun5brsRm8kCgYA3Rz3eexD82nNt8P7I5haf - QhfaXrLkvj0arbpsLGJ/fDj4zAb4FiqJ3TXiSj4F/rNhana5VX20ND5IFCfJuS5Y - JmGdghNiFHWjTFX7f1nDN5lBLkK+RRQrJYWLSdIaxa8zZi+THUVs32vg3Un1WWn6 - E5fJPug0wYgFHOOI3uQiqQKBgQCTDnrTR8QEbwbROqhka49LPXzZuo2qTw6D84b/ - NJ0W8zIw6sdXm+XvkM8QBwu5dotRmZ5Yj313svuKlvJJZRirVbibQCh3vaoy5fAN - 1TMa6ihvkSWvHbRX77AZpQAgo62ukNxzm4Ofz8oqfva4yCGwix7HPd8rWmdUxKw+ - Ty+zuQKBgQDN1iFVSRcsXg9ygFBDOk/BaDq81WOUpIIfgW2i+Ho61Dy/AmzBcDEr - 5e9g4E3cJG/W68MT0ScgLdSEK2MjqbCHVg7k3zjDahcEyqjCCL9XMynzaqK93jRD - Z9mJGgHZHmijs3bh9Xrdx92A5zR3axTqVomWO9jwsPW0trd15+ZviA== - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: calico-etcd-cab23-r720-11-peer - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEowIBAAKCAQEAw7kLvPFfXWWLFOHMEuoreC0yIcwgMQH8jfqqpDqMW1amEBQA - 5DMEtl/Vbvrv3/EBPRq4nTSeQXZUiOgF9Bp+8qSxAn1j/ZfDQf7+dtDr6Df0VMDl - wbeZbtUoZHghMccUFZeZAZ5wvzT7iszFNiymWBdHnhLYbXTignAeZeF0Kwxif5Uy - bbjPFcuM1k7k/L64fMxbuxV8ZmgrySWWVLQganTeNLgoujezHkgXrg7YYf04bx7j - ko5B7pnXhhMEWKyNOzBKU1zJ6eVBfvWZcv50hNf1lC2e5jNo81pP3N7+E8Jy5+h8 - rR+YJVfxu1m5KKfJll6AKID6g5Ssyi6p9Q9KxQIDAQABAoIBABHo4+8VM0HLoe92 - PgNZFEM594VqNWPmp6KiVm0Swnc1NZrxCafYF01M9a3jHoIifpeF03DnOLgKyO+C - M9FDf2xar6vnp3e0JHTsjYJ32a51OFFtGVkhoNOog7q112vDqM3VAnZIdk643W+1 - DzLG4S3ca3xGgzF46aU/9zghakzp+yN7H1zAuY09CuwtwaMBcYQTRPCiOh/1c4fv - y7ZVU+reVAU/2saDhIucASEvT8DOrgapTu74QnpDv8SxJP3fQvcpPUhe4cH6fIBS - B+kZv+uUGCk+XLhLrF4FrU76ZqgKmhLff46ZjMvjUaH1LSoGnHyb+W2D1Ws7DRNI - rq0Zs6ECgYEA0HP3xWeM/CbYT1VUYyJ7BUWnIIAyaItdug3vSuIPHG40xzOSk2mI - RWVcfB5Uxa6cyScjgOW9jaNpfk/1Mm9PZpdk90LIspHZX+AE2h22pEaXkD7/QW65 - c3zX6p4ULgeJegItbPqp5wvazvEV7mh4IzLtPzgVSAbpQrRNZFm1v00CgYEA8F28 - S8aFB2YGOsMonkASanPxPJmls9ek0212mQyTatrmiP/fGrMRkNlh6EOCieFrKBAh - vJBrYvNetM0QpJOB6YkFJdUFjOmlEXCO+2O5PA8flHIk2ORxLfPBDCCfzHxaWW/5 - BqSfztWcJdoRSXCq/xWwFr4UkuUmV8INEk4cbVkCgYEAykUNUs71PiPPV8Pb+8oU - h3wb/OyIfWtmikhFP2t18Ed8DSOdAk+v/G6rvICOD7gsyP+icsv7D/pWPkwGCGd8 - K3eScF+scaIWxPKSorecZ3FcVorakzqG12p39WBpAnUr0GlWfN4KiXi2XIIRnuJe - WQFstyCLffW+2IwuYMawFi0CgYA1zAT0wL3NZhxG0p8orBZzFPgNJCZeFgmh+IHu - x03HQK8QQpRgmWt5C+5J2bJBwd4F3XZvibM/NlEgDjWHYCxXZH9udDsFytVTDeoy - gaNXudrLkrCEirx6GHBAkpyxW7OtCM6nmfjahhyorCHqWfkrlmMO9AQOzJLEWX4r - dqgOIQKBgGFFVxxbVK7QVnZoZ6j/W7Ede+qVM9tAkTvmQP8boeX6yD6GGZ4Y8Xtw - 532QYK2dkjrRcShyDbvp+1tZyhjxIRRkjMWqUUCExLiZCWteEUd7vEDfCuExf8fg - pwR0ZPHNQkio+mXqUyrESzXhqbla2t5QyTYyHGN2b6NEvxKQ/ok2 - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: calico-etcd-cab23-r720-12-peer - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEogIBAAKCAQEAnMf1znAeBCDNxRpiMA8TJNNGF/+MfR95k13PcxjnHDrKXIsG - 2Gvup+MSQjLCBSNRSPksDyAoWmp6pTh6N57tr8qimaqIyt/0OeOVT2x/q3oKLkKB - RGcNtR2qbZ49t8ZFS+9QPmDQLMl7zj2N5khdcyMimNPVedK2va58sZav0OHyg2XP - zzsM2G5GIOx3oBoi/nO/obLcaUBHN8lZeFMpnSx+kSrwjK9BsBnspe5spSZyezfR - RDWCbNcmxq9X9iqsgEFFJjGoMMyWYQsOas6DdD1tAvV/d5hIWSQITa5u7E5wiuYu - kYw7ViLB7FQWMFD/fT5UDQkrTKmMh1sbWpe67QIDAQABAoIBAGQHmKdsFVqg62i0 - mqz7EUXPnss0+xfh+xmxIujWnK4APJirA2UWCCEJ2d5usCfDDtu2Twwfgl+dzD6a - ODBAsHoWmYPdsIVwOkytDdis6xAnP1OgjwVrku1ZziE+czZLxG7cc6A4+Nl6fAls - cJra1PTfF/XWQkAF1x5Ss7BC6k4ku3rag6eXReTggdSkZ3iKkdsrJNVydgVANeIb - aekK2lh4iu7lG0k5go0G52/kHcRCze5XH1msRJPML0TWOnpehcB5x1ibT5ZNfUAT - 0rcBTpLkVdVUlh6Xau07ahhHCnW3x4YjLDlso93xLH2mUYlmGmHssy1mZp6qHaal - l5+v6sECgYEAxID4T6fs/TJgyRcF0xmUnzQ3md76jzphzFXz6pcR4YtUzx+DInEE - 1Lbo1plotxRGSIOmy+RCcOXrg/eAB1QLJLhE5DfFKygqIf8tV3UAMhJufRIQWksj - +55eViiEXLwp+kpDrMtHtg3rv/Eku+Cg7Q7zk0Fo1mqQvyOy3RB4/YkCgYEAzEAU - cReHL5HVkALMLmH+zvMW4wkeeXx2WzpIEWOIskWrPZ7jHgoaGUcPJBa2btm3Q/Sf - Dilgjx7cPOPxUwFOrxrlycro/coFVVUWmUYhjDd16fFxi9zd1vsEo0UOCdUgR2R7 - pvuDu2yynYhpESnEpPmqtUXFEMisIO4jHgRT/UUCgYBuH7kJKxrtauZCy9w/yf44 - mpLucMAKtLVKRoFD3xXuSJ9m1EoxaxVCAJ/MZH0C3SHmUaGQcoOpsbCjbHkbokX8 - dihlnbupzACQvOk0MiXB6gJxpUX01Fd+E+rabip/rhP4aNY0aFfv9y0/jG0BvYly - UQbAZ8/RGje0ZtU+fpTPwQKBgCNatC8fM3c4dw8GbPFaZRDNYxjJa0z8DkCcRf08 - jVzOUmXIKuf4N6xIcIZ+p/VoGiDZJu78moorfVPM4OjNQSFuNnhHdyz22xV6NP8y - 9Hug3fgwosbi5ENiD9tzCIsLKRsyeXTd9F9s4T4DbqxZ3n/v92yJNyNAmQraLZn0 - hdVBAoGAUGklBpYg5ina4Br+ciWGEWrm2+yGsr0/m2T67oLkM6c/zcvMW3sUrggc - /G4IqCj2VtCKaH0ZuTqLTIPA4xcpj0ouMnNi0Nvgkug+eLCOY+lWa//aWFH9U66a - xXpYX8uKwQYx4y3CJCmtRyo4MhGol+1rR8OBh/LMzmli++6MJS8= - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: calico-etcd-cab23-r720-13-peer - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEpQIBAAKCAQEA0pa6zcUAGIkJk1tdn/OjFjChIKp5hngrVdJung3XQljK/jLB - 7Ij6waHQzR+9fdhSOBeoO0Wggm14J76cucSuHC6FffJj5h5yL9lSuf4XQ0/konRe - V6FOXtLy6IiXueF/Bi69SBbUIWN4wGoj4jqi+P3Mj0PnOTq1/+tB/pkh8HkFvt+Z - leZZfifHzpR6+h8YZMogZqMhNEw66AzdpEvTfy0B3ugcfkU1rxQ4yFQH6UXRhjHo - 45c1GuIcgA1hhg+dS0Jw9eawJS8OctM3QpruKoRNuBr71a6tfEMR1KvzeW6G1Fa+ - AcIdGTW5SbE5YkZj4BLGq2qRYFkEeQ0wc4dSyQIDAQABAoIBAQDNMmg1ptbwEV/O - QUHaYPmx3pKylMozmBaJ2rFEuzHcCU9LIERL6jGEydr+dQYcgNOkqpCXqMG9NVPW - TmrCrP4GoeIbljt3eIVFUJrGdutOAKRFE+T1uEz4Is7kfGxziGFQsexoOS5clmOM - AiCTCRXSTuOrWbwNzMKY6zD0F1y1xkIEb+mjseUYioWlka8RMlssp0U8AAeG2qSC - aQbvnylHs/mjirB5O9hN/x/SxGjhUMjv95koAhG+su2ms1JwhMh6eY9Vt0KJ6NIx - 1rE2HkAHHELu9y4pDJQr5iQy2DziBOJ4zFWCrKOCCVCExScL+5Rjd/Q1lOayODTt - WES9R6v9AoGBAPUvVGLW/9S3rzNCJEBrSUYe1cCEsST0obASfH9uEsImnddGHbRI - Sg/0qsRcqhxctvZ5inP3z5xS9bsvG8HNh8SLd2fE4rZOz5kGkjNt6vszPf8hrJ9Q - 7NONKeKpg4Qpi5pu9PY+nKi1WUHlP0u07H4L7g8Ha+BkxqPbMYpFkfFnAoGBANvg - vCY8Il0DkTCSbBjbLob+0Oq4KgXPaw+eWiaz8pCYRkvmb7gehSQoR7/Nlihxvooq - Cm0gGyZdpYK3GuLhpPNoKfUxviUi2As/DgnYRfqiJFT7FZr4pD7FLUCH6JZVP0Xd - zM6PrSMIOmADNEDW/xSICM0W974v85pfqQJdSwxPAoGBAN97fJd7EUV7CB7YsuJk - 6C0Z/gu05yKgOKCcuQ4N7ts5B7YpGvowyhExGlZRgFzJxZtzvVdnEb2TgJhVoB9O - j+n+lZ/oPh2eSGtbKffmwMCnPGNI9mdhA/zwNrV7fX0BwVXKvU2WVIUSh4EgzEjd - aJKbnSnlwdaPBOBl8wntz9ERAoGBAJnsxuphWJES6TY+msv/zJ+WjTxz9n8gyEsj - yOqlOJ7+6t9Bj14uh3hbdncQfhkMH55rdecU/cyq7C4I7xp7alU3y3+p9fnbXbDp - 0HMV409k6NhQ+bwGajzDHj25pxpuzR+k+TZ1oHgQz4TdWVw25lVCMh8ZABA1U2zz - oMZV9y7DAoGAaPzOfLlPeseRARCz0mso4Y5elTgVlTv5bOHjtk7ozS66tyjVlyMN - zq1fKj07TG4zIX8aWAID8Nt3dw+03ucGyHV0euvav71H+6CXzdmDb7Oh81f+aSbA - X7SEof3XfLWlt9iigJD6AZEuRlB9/D9tn5phhrDfzTmX3Z8abiVUgxE= - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: calico-etcd-cab23-r720-14-peer - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEowIBAAKCAQEAwGcNR8v6cTFxIF0ZJ/HvovjqnvcYgBp3j9RkSl2EWV0tGyto - Pe9i3QSImqbFrmeta5lFHf5LTetbUWn8m+vHZS6dExHESysDtVH39DHaXwuPZwN4 - VnuCl4w38XhHwkgvfF7Tne3Vx/iakEmk8zmyUdcbBat2hj2gWFFL2uQwUqJ3Qeag - w2wREaRd1wdEMweklH3EkRTu4JEMEvxuGGppJUfj5i12uv/1lwVuk7WFMX3laCm+ - 26mgdoqGQ1jZTYJDv4vDC6RvhSDyYdV7f3wtHFn6frJwWTiriszaJdySIXiQX8ii - fEKt100wOQH15hIJfc1U7C92bMJ+DhI2wnNBGwIDAQABAoIBAB3jpG+D45sUCDPz - 4oWPEyApNSGO11KHSg2g/BeFYZsUW35+BsqgVqZpHuOPhuQqHQm7HL6lE4O+TUhf - g6uhPC+exy4AM5NN0lynqDJaUEc1n4hsRJSCyW3LjaFIgzVOS3oxrQQ6v1w6ZaCG - oEZcrzQBi6Qc1+PQzQkLUBJoIo2jhHhRJ5ygNLUnhZPQuYtjmTz6OLmc70uCQGpr - q85cyJIvGLPFJJG84AfZfYGE+5rGAmH0DJNJUa6NPLEw8RR7a5fZyIBDhb+yji22 - rj1+udMy60ZV8ROJW7wywqR+726ELAaDHFEU/OeSwUtszWBIZpIfLobYHFpZdpDF - Mc8moNkCgYEA0N8Y30SKLhzbq3Ig7VPS4msEGNUjJvMlct8YniFuHcN4zaWIFtEf - aDRoWnqa8CtVWl8FiuL+umpQ0eVkzH0R/vTVUq1wu06Y7XwYyLRNMnssw1PSyBED - 2QZF/j4Hk8JRAvva2RKXLwne+Lljeb9PmZuzxpdXjYNGmD9OiTdME98CgYEA69Cr - z+JPTwUSdBoPnkFeO1IZC+rflBFJzj3R50xjSiAp/Q+KvNogEvYzb5mbZW5RcyyV - uAYY+9OTdzQyZwxr8SDGK7ilwsQwnl/+uuLLn6HWOjqPAeLpbmB04mljl5Ft2ADN - 6Eks0NYJ5F1x25lmj7QXRtGYo+2WU7w2pp662kUCgYBnwIowTXF+GmObtCNbACpe - wd3VH/pIHLtbZipqUhzKuBBHxpPlEZfSQUYcu44/AqdxLoYoST1TCACBYrtBQFcy - GBfm67R1tkMMpHoDKFy4WKsRk4++RYVtxkn6UoGdCgcHvmclMLDccsDJN/2LulYl - 7UvNt9uLtcvZUIkIa+lkbQKBgQCj+iK/F9uWUyyV11ls7n+cOGZ6RwTZbXwpEgvY - DuIsNVl9Q0VyNSuAg/sYa3QHgELbF/G0WWkeE+3DQmSaC6Uzs1qaJHf/i3VTa+Uy - B2sYwey56OZwpV01B5W/qxE54ELFpSmJkPi871lJl0EJNw5+dviIok7GDvwtlf9a - tZ2xEQKBgFWMUupdVMl9DZJTN2RNP/4q6/FUTFfGRRoKUoVgN8e2X+nHikUvDTHd - 08mJqSHTFmQn/7bv4MH5mVbBAhgitcVXCvYooR6BNIL0SXbjgr2VNz/ZqVIsWGvW - fW8SM6qMR4CyZkEcW161Zvz4XzGnaIQ3MbkFtfJy/i+wfspdUFZr - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: calico-node-peer - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/CertificateKey/v1 ---- -data: | - -----BEGIN PUBLIC KEY----- - MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8Ndu2d3Wp0Th24IOVyt - wmhCWSTyCsY/+PZ6CO1JwhvxA/LLR+qmQEPGszJaBAxyUocgo3oCC8TrUPDD8TEK - O0erydvCT/MKkk/+oKoLTum7TEoWredGPHlri6xMqktFjlW4O2487JvBx5q1wObV - nb1vpv9pnW8isSBRWiQAlsol3Bai3+e+utz+7smQLh5OFYsGKVd3AuohecSMWXYQ - KPSl1qnQ7h3rNzj7J7Aw5soo7cJKWl8QpOG/qddWvUphtNCuveouv+V7UaK/kveZ - 2FzisZs3Jz4izLgi8r6hB/NbIOOc5NMmGOmhEf7UaXPE5E0u2lj9vEa05HMGgtcM - PQIDAQAB - -----END PUBLIC KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: service-account - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/PublicKey/v1 ---- -data: | - -----BEGIN RSA PRIVATE KEY----- - MIIEpAIBAAKCAQEAz8Ndu2d3Wp0Th24IOVytwmhCWSTyCsY/+PZ6CO1JwhvxA/LL - R+qmQEPGszJaBAxyUocgo3oCC8TrUPDD8TEKO0erydvCT/MKkk/+oKoLTum7TEoW - redGPHlri6xMqktFjlW4O2487JvBx5q1wObVnb1vpv9pnW8isSBRWiQAlsol3Bai - 3+e+utz+7smQLh5OFYsGKVd3AuohecSMWXYQKPSl1qnQ7h3rNzj7J7Aw5soo7cJK - Wl8QpOG/qddWvUphtNCuveouv+V7UaK/kveZ2FzisZs3Jz4izLgi8r6hB/NbIOOc - 5NMmGOmhEf7UaXPE5E0u2lj9vEa05HMGgtcMPQIDAQABAoIBABhHwa2EEvvA/aZH - IqjpftkIbDCU08CUmKdUzsA6UvNfZpRKjJ0z/Afoo9EPYlu0xKuGZTcVrCWJ9uI3 - sP5/960j3By0FQpY4fRlauGF3dp0EFKDGhFqxNeObRYepbsFHvTaabRwVqhkL4pP - N0x67Z4IpILEuKgQc+J1X2yEZpk4gq5j7AWvpVIjt1TdznLgpsmcUWT/MAh2uTiu - Fcre+xC3C9a8M2/Df3I5CRff1g4rIRIdOWG+5cqBu8tPEDBllyKZe+9KouhoxJIx - cd+ooLHhKKtR4nV8X7w6UiRLd6MYfcAEQKpkc8InP4oE93moSdyPGGUZf09kimfC - d5v+U/UCgYEA8IX/Y0DYaIy7XXtyDxAusDhYUewFIW7LVqmphSUVolgcSbILWki1 - OtfLMZJ/Ft+p7f+PSVFFi7Cm9E0nc8t/As4MhPNMMQxgzs0qaFfXVfEY1gY4KBwr - 8RpZn3/dHZSlZVjD5hp2ZagHEOmN3b7ZdqTYr2k1uAJe++YVHHcQKzcCgYEA3SG6 - P0RKGNpeJajIiUh7ehdA17FRw9vB8ui6tzh+2PxTtkv988GOBHH/NTaitvTvyi5D - u7ayyYcuQANQaKlWRB8zLq3Rwl7uXRF0fqKgK3yDGoZVdljBd0zjzIcuyzHJq4/W - KCVGDSFmmeAo+8r/zJkzsFX3kpLFEWRZlxIHhisCgYEAnEy3dWxCNU6ew1Tg/eDq - NiGnYzUY8GzrPlnqi1daA7F2UH2e2wC8pIxuwrwMUnTuHHciSebCZtBY7hDlPl5T - HyN/BzaDoKwGjNzOXhgXGwYduZc5DvefpoIVE40nx309LerNAs7XeaADV34ubpcD - AhKFrReVjQodZ1xRA7pri2kCgYAfWyH6yKctIQHKm0VcWh/QLy3tp+ItQKMe26tm - QaeTAyyno9ztzJtju/pxRD8MbGz4IVlPa9esRfPj9dRYEvL9k+MBEnq08hsgrVH0 - hwDpSa2ZfETwFCPS099VaDHVdEjhf/LhHG/zerH+zc9h7OYaz/qJXZdOfGtfTPh7 - OH5CowKBgQCeoKwc5o+WXZl+ebFpwX3eLE3mlGDGwLnJ3N8bue7IIHZOes3Zihbq - G1Bx31npUYt8Ylr7z7wbcLMuEGxWzdLJr6C+J6XwmI+l2j1q1knn0N7scptv54HH - BM1Yk/elAaeuAdKDrdud9daBhGuoBVgyAbpQiq0iXgomcPjvU2jvrg== - -----END RSA PRIVATE KEY----- -metadata: - layeringDefinition: - abstract: false - layer: site - name: service-account - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: deckhand/PrivateKey/v1 diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ceph_fsid.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ceph_fsid.yaml deleted file mode 100644 index 7201502..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ceph_fsid.yaml +++ /dev/null @@ -1,12 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ceph_fsid - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -# uuidgen -data: 7b7576f4-3358-4668-9112-100440079807 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ceph_swift_keystone_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ceph_swift_keystone_password.yaml deleted file mode 100644 index 9a9af1f..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ceph_swift_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ceph_swift_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/maas-region-key.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/maas-region-key.yaml deleted file mode 100644 index 73d4a69..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/maas-region-key.yaml +++ /dev/null @@ -1,12 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: maas-region-key - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -# openssl rand -hex 10 -data: 9026f6048d6a017dc913 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_barbican_oslo_db_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_barbican_oslo_db_password.yaml deleted file mode 100644 index c5f866c..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_barbican_oslo_db_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_barbican_oslo_db_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_barbican_oslo_messaging_admin_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_barbican_oslo_messaging_admin_password.yaml deleted file mode 100644 index bb19957..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_barbican_oslo_messaging_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_barbican_oslo_messaging_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_barbican_oslo_messaging_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_barbican_oslo_messaging_password.yaml deleted file mode 100644 index 9bf0217..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_barbican_oslo_messaging_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_barbican_oslo_messaging_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_barbican_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_barbican_password.yaml deleted file mode 100644 index 5122192..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_barbican_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_barbican_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_barbican_rabbitmq_erlang_cookie.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_barbican_rabbitmq_erlang_cookie.yaml deleted file mode 100644 index 32f8dae..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_barbican_rabbitmq_erlang_cookie.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_barbican_rabbitmq_erlang_cookie - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_cinder_oslo_db_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_cinder_oslo_db_password.yaml deleted file mode 100644 index b22f898..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_cinder_oslo_db_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_cinder_oslo_db_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_cinder_oslo_messaging_admin_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_cinder_oslo_messaging_admin_password.yaml deleted file mode 100644 index 040e657..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_cinder_oslo_messaging_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_cinder_oslo_messaging_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_cinder_oslo_messaging_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_cinder_oslo_messaging_password.yaml deleted file mode 100644 index 5d76ba7..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_cinder_oslo_messaging_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_cinder_oslo_messaging_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_cinder_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_cinder_password.yaml deleted file mode 100644 index 26565db..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_cinder_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_cinder_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_cinder_rabbitmq_erlang_cookie.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_cinder_rabbitmq_erlang_cookie.yaml deleted file mode 100644 index b1ac8ff..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_cinder_rabbitmq_erlang_cookie.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_cinder_rabbitmq_erlang_cookie - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_glance_oslo_db_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_glance_oslo_db_password.yaml deleted file mode 100644 index 0739069..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_glance_oslo_db_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_glance_oslo_db_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_glance_oslo_messaging_admin_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_glance_oslo_messaging_admin_password.yaml deleted file mode 100644 index 57db752..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_glance_oslo_messaging_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_glance_oslo_messaging_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_glance_oslo_messaging_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_glance_oslo_messaging_password.yaml deleted file mode 100644 index d103c27..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_glance_oslo_messaging_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_glance_oslo_messaging_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_glance_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_glance_password.yaml deleted file mode 100644 index 93ae0f2..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_glance_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_glance_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_glance_rabbitmq_erlang_cookie.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_glance_rabbitmq_erlang_cookie.yaml deleted file mode 100644 index 496fae3..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_glance_rabbitmq_erlang_cookie.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_glance_rabbitmq_erlang_cookie - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_heat_oslo_db_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_heat_oslo_db_password.yaml deleted file mode 100644 index 3352d4c..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_heat_oslo_db_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_heat_oslo_db_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_heat_oslo_messaging_admin_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_heat_oslo_messaging_admin_password.yaml deleted file mode 100644 index 074e688..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_heat_oslo_messaging_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_heat_oslo_messaging_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_heat_oslo_messaging_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_heat_oslo_messaging_password.yaml deleted file mode 100644 index 39f1327..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_heat_oslo_messaging_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_heat_oslo_messaging_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_heat_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_heat_password.yaml deleted file mode 100644 index 5777ebb..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_heat_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_heat_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_heat_rabbitmq_erlang_cookie.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_heat_rabbitmq_erlang_cookie.yaml deleted file mode 100644 index 74e2a99..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_heat_rabbitmq_erlang_cookie.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_heat_rabbitmq_erlang_cookie - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_heat_stack_user_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_heat_stack_user_password.yaml deleted file mode 100644 index 36db28b..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_heat_stack_user_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_heat_stack_user_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_heat_trustee_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_heat_trustee_password.yaml deleted file mode 100644 index 58129ef..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_heat_trustee_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_heat_trustee_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_horizon_oslo_db_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_horizon_oslo_db_password.yaml deleted file mode 100644 index 7c78d45..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_horizon_oslo_db_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_horizon_oslo_db_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_infra_elasticsearch_admin_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_infra_elasticsearch_admin_password.yaml deleted file mode 100644 index 78c265e..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_infra_elasticsearch_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_infra_elasticsearch_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_infra_grafana_admin_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_infra_grafana_admin_password.yaml deleted file mode 100644 index 9232de7..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_infra_grafana_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_infra_grafana_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_infra_grafana_oslo_db_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_infra_grafana_oslo_db_password.yaml deleted file mode 100644 index 6d5f49e..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_infra_grafana_oslo_db_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_infra_grafana_oslo_db_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_infra_grafana_oslo_db_session_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_infra_grafana_oslo_db_session_password.yaml deleted file mode 100644 index bd4e573..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_infra_grafana_oslo_db_session_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_infra_grafana_oslo_db_session_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_infra_kibana_admin_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_infra_kibana_admin_password.yaml deleted file mode 100644 index 56ecc33..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_infra_kibana_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_infra_kibana_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_infra_nagios_admin_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_infra_nagios_admin_password.yaml deleted file mode 100644 index 52dbe16..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_infra_nagios_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_infra_nagios_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_infra_openstack_exporter_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_infra_openstack_exporter_password.yaml deleted file mode 100644 index 64f78e1..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_infra_openstack_exporter_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_infra_openstack_exporter_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_infra_oslo_db_admin_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_infra_oslo_db_admin_password.yaml deleted file mode 100644 index 9c68e9d..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_infra_oslo_db_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_infra_oslo_db_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_keystone_admin_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_keystone_admin_password.yaml deleted file mode 100644 index 6c3f446..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_keystone_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_keystone_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_keystone_ldap_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_keystone_ldap_password.yaml deleted file mode 100644 index 2edf0f2..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_keystone_ldap_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_keystone_ldap_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_keystone_oslo_db_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_keystone_oslo_db_password.yaml deleted file mode 100644 index 07b2206..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_keystone_oslo_db_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_keystone_oslo_db_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_keystone_oslo_messaging_admin_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_keystone_oslo_messaging_admin_password.yaml deleted file mode 100644 index aec85c0..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_keystone_oslo_messaging_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_keystone_oslo_messaging_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_keystone_oslo_messaging_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_keystone_oslo_messaging_password.yaml deleted file mode 100644 index be716f4..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_keystone_oslo_messaging_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_keystone_oslo_messaging_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_keystone_rabbitmq_erlang_cookie.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_keystone_rabbitmq_erlang_cookie.yaml deleted file mode 100644 index ee7e4bd..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_keystone_rabbitmq_erlang_cookie.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_keystone_rabbitmq_erlang_cookie - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_neutron_oslo_db_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_neutron_oslo_db_password.yaml deleted file mode 100644 index 4d0b157..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_neutron_oslo_db_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_neutron_oslo_db_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_neutron_oslo_messaging_admin_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_neutron_oslo_messaging_admin_password.yaml deleted file mode 100644 index 4ac42c9..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_neutron_oslo_messaging_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_neutron_oslo_messaging_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_neutron_oslo_messaging_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_neutron_oslo_messaging_password.yaml deleted file mode 100644 index 6be02b9..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_neutron_oslo_messaging_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_neutron_oslo_messaging_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_neutron_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_neutron_password.yaml deleted file mode 100644 index dd0b2b6..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_neutron_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_neutron_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_neutron_rabbitmq_erlang_cookie.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_neutron_rabbitmq_erlang_cookie.yaml deleted file mode 100644 index 9e8ff8d..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_neutron_rabbitmq_erlang_cookie.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_neutron_rabbitmq_erlang_cookie - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_nova_oslo_db_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_nova_oslo_db_password.yaml deleted file mode 100644 index 2cd60f5..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_nova_oslo_db_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_nova_oslo_db_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_nova_oslo_messaging_admin_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_nova_oslo_messaging_admin_password.yaml deleted file mode 100644 index 487bcc5..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_nova_oslo_messaging_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_nova_oslo_messaging_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_nova_oslo_messaging_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_nova_oslo_messaging_password.yaml deleted file mode 100644 index 13569ba..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_nova_oslo_messaging_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_nova_oslo_messaging_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_nova_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_nova_password.yaml deleted file mode 100644 index 4c2223d..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_nova_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_nova_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_nova_rabbitmq_erlang_cookie.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_nova_rabbitmq_erlang_cookie.yaml deleted file mode 100644 index 7a885e6..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_nova_rabbitmq_erlang_cookie.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_nova_rabbitmq_erlang_cookie - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_oslo_cache_secret_key.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_oslo_cache_secret_key.yaml deleted file mode 100644 index 11747a7..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_oslo_cache_secret_key.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_oslo_cache_secret_key - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_oslo_db_admin_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_oslo_db_admin_password.yaml deleted file mode 100644 index 48df9ee..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_oslo_db_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_oslo_db_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_placement_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_placement_password.yaml deleted file mode 100644 index c72b59a..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/osh_placement_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: osh_placement_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_airflow_postgres_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_airflow_postgres_password.yaml deleted file mode 100644 index 8a1d648..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_airflow_postgres_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_airflow_postgres_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_armada_keystone_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_armada_keystone_password.yaml deleted file mode 100644 index 866efcc..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_armada_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_armada_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_barbican_keystone_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_barbican_keystone_password.yaml deleted file mode 100644 index cb2da22..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_barbican_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_barbican_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_barbican_oslo_db_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_barbican_oslo_db_password.yaml deleted file mode 100644 index 95a76ed..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_barbican_oslo_db_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_barbican_oslo_db_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_deckhand_keystone_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_deckhand_keystone_password.yaml deleted file mode 100644 index 5ee27f2..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_deckhand_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_deckhand_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_deckhand_postgres_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_deckhand_postgres_password.yaml deleted file mode 100644 index e63319b..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_deckhand_postgres_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_deckhand_postgres_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_drydock_keystone_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_drydock_keystone_password.yaml deleted file mode 100644 index b8083b5..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_drydock_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_drydock_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_drydock_postgres_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_drydock_postgres_password.yaml deleted file mode 100644 index 2eff525..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_drydock_postgres_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_drydock_postgres_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_keystone_admin_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_keystone_admin_password.yaml deleted file mode 100644 index 91f74fd..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_keystone_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_keystone_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_keystone_oslo_db_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_keystone_oslo_db_password.yaml deleted file mode 100644 index a9cb153..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_keystone_oslo_db_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_keystone_oslo_db_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_maas_admin_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_maas_admin_password.yaml deleted file mode 100644 index 402c129..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_maas_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_maas_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_maas_postgres_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_maas_postgres_password.yaml deleted file mode 100644 index 96ec574..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_maas_postgres_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_maas_postgres_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_oslo_db_admin_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_oslo_db_admin_password.yaml deleted file mode 100644 index b3c1325..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_oslo_db_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_oslo_db_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_oslo_messaging_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_oslo_messaging_password.yaml deleted file mode 100644 index 95d6c0e..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_oslo_messaging_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_oslo_messaging_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_postgres_admin_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_postgres_admin_password.yaml deleted file mode 100644 index 546de05..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_postgres_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_postgres_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_promenade_keystone_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_promenade_keystone_password.yaml deleted file mode 100644 index ac40d1e..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_promenade_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_promenade_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml deleted file mode 100644 index 6a2aef9..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_rabbitmq_erlang_cookie - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_shipyard_keystone_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_shipyard_keystone_password.yaml deleted file mode 100644 index 181a52a..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_shipyard_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_shipyard_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_shipyard_postgres_password.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_shipyard_postgres_password.yaml deleted file mode 100644 index de0eed7..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/secrets/passphrases/ucp_shipyard_postgres_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_shipyard_postgres_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password123 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/kubernetes/container-networking/etcd.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/kubernetes/container-networking/etcd.yaml deleted file mode 100644 index 3e547eb..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/kubernetes/container-networking/etcd.yaml +++ /dev/null @@ -1,159 +0,0 @@ ---- -# The purpose of this file is to build the list of calico etcd nodes and the -# calico etcd certs for those nodes in the environment. -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-calico-etcd - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: kubernetes-calico-etcd-global - actions: - - method: merge - path: . - storagePolicy: cleartext - substitutions: - # Generate a list of control plane nodes (i.e. genesis node + master node - # list) on which calico etcd will run and will need certs. It is assumed - # that Airship sites will have 4 control plane nodes, so this should not need to - # change for a new site. - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .genesis.hostname - dest: - path: .values.nodes[0].name - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .masters[0].hostname - dest: - path: .values.nodes[1].name - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .masters[1].hostname - dest: - path: .values.nodes[2].name - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .masters[2].hostname - dest: - path: .values.nodes[3].name - - # Certificate substitutions for the node names assembled on the above list. - # NEWSITE-CHANGEME: Per above, the number of substitutions should not need - # to change with a standard Airship deployment. However, the names of each - # deckhand certficiate should be updated with the correct hostnames for your - # environment. The ordering is important (Genesis is index 0, then master - # nodes in the order they are specified in common-addresses). - - # Genesis hostname - cab23-r720-11 - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-cab23-r720-11 - path: . - dest: - path: .values.nodes[0].tls.client.cert - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-cab23-r720-11 - path: . - dest: - path: .values.nodes[0].tls.client.key - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-cab23-r720-11-peer - path: . - dest: - path: .values.nodes[0].tls.peer.cert - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-cab23-r720-11-peer - path: . - dest: - path: .values.nodes[0].tls.peer.key - - # master node 1 hostname - cab23-r720-12 - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-cab23-r720-12 - path: . - dest: - path: .values.nodes[1].tls.client.cert - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-cab23-r720-12 - path: . - dest: - path: .values.nodes[1].tls.client.key - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-cab23-r720-12-peer - path: . - dest: - path: .values.nodes[1].tls.peer.cert - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-cab23-r720-12-peer - path: . - dest: - path: .values.nodes[1].tls.peer.key - - # master node 2 hostname - cab23-r720-13 - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-cab23-r720-13 - path: . - dest: - path: .values.nodes[2].tls.client.cert - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-cab23-r720-13 - path: . - dest: - path: .values.nodes[2].tls.client.key - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-cab23-r720-13-peer - path: . - dest: - path: .values.nodes[2].tls.peer.cert - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-cab23-r720-13-peer - path: . - dest: - path: .values.nodes[2].tls.peer.key - - # master node 3 hostname - cab23-r720-14 - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-cab23-r720-14 - path: . - dest: - path: .values.nodes[3].tls.client.cert - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-cab23-r720-14 - path: . - dest: - path: .values.nodes[3].tls.client.key - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-cab23-r720-14-peer - path: . - dest: - path: .values.nodes[3].tls.peer.cert - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-cab23-r720-14-peer - path: $ - dest: - path: .values.nodes[3].tls.peer.key - -data: {} -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/osh-infra/osh-infra-logging/elasticsearch.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/osh-infra/osh-infra-logging/elasticsearch.yaml deleted file mode 100644 index 6d379e8..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/osh-infra/osh-infra-logging/elasticsearch.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: elasticsearch - layeringDefinition: - abstract: false - layer: site - parentSelector: - hosttype: elasticsearch-global - actions: - - method: merge - path: . - storagePolicy: cleartext -data: {} -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/osh-infra/osh-infra-logging/fluent-logging.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/osh-infra/osh-infra-logging/fluent-logging.yaml deleted file mode 100644 index 71e330a..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/osh-infra/osh-infra-logging/fluent-logging.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: fluent-logging - layeringDefinition: - abstract: false - layer: site - parentSelector: - hosttype: fluent-logging-global - actions: - - method: merge - path: . - storagePolicy: cleartext -data: {} -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/osh/openstack-compute-kit/neutron.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/osh/openstack-compute-kit/neutron.yaml deleted file mode 100644 index 2547360..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/osh/openstack-compute-kit/neutron.yaml +++ /dev/null @@ -1,23 +0,0 @@ ---- -# This file defines hardware-specific settings for neutron. If you use the same -# hardware profile as this environment, you should not need to change this file. -# Otherwise, you should review the settings here and adjust for your hardware. -# In particular: -# 1. logical network interface names -# 2. physical device mappigns -# TODO: Should move to global layer and become tied to the hardware profile -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: neutron-fixme - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: neutron-global - actions: - - method: merge - path: . - storagePolicy: cleartext -data: {} -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/osh/openstack-compute-kit/nova.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/osh/openstack-compute-kit/nova.yaml deleted file mode 100644 index 32f94b8..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/osh/openstack-compute-kit/nova.yaml +++ /dev/null @@ -1,25 +0,0 @@ ---- -# This file defines hardware-specific settings for nova. If you use the same -# hardware profile as this environment, you should not need to change this file. -# Otherwise, you should review the settings here and adjust for your hardware. -# In particular: -# 1. vcpu_pin_set will change if the number of logical CPUs on the hardware -# changes. -# 2. pci alias / passthrough_whitelist could change if the NIC type or NIC -# slotting changes. -# TODO: Should move to global layer and become tied to the hardware profile -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: nova - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: nova-global - actions: - - method: merge - path: . - storagePolicy: cleartext -data: {} -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/ucp/ceph/ceph-osd.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/ucp/ceph/ceph-osd.yaml deleted file mode 100644 index 265c5b2..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/ucp/ceph/ceph-osd.yaml +++ /dev/null @@ -1,75 +0,0 @@ ---- -# The purpose of this file is to define environment-specific parameters for -# ceph-osd -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-ceph-osd - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: ucp-ceph-osd-global - actions: - - method: replace - path: .values.conf.storage.osd - - method: merge - path: . - storagePolicy: cleartext -data: - values: - conf: - storage: - # NEWSITE-CHANGEME: The OSD count and configuration here should not need - # to change if your HW matches the HW used in this environment. - # Otherwise you may need to add or subtract disks to this list. - osd: - - data: - type: block-logical - location: /dev/sdc - journal: - type: directory - location: /var/lib/ceph/cp/journal-sdc - - data: - type: block-logical - location: /dev/sdd - journal: - type: directory - location: /var/lib/ceph/cp/journal-sdd - - data: - type: block-logical - location: /dev/sde - journal: - type: directory - location: /var/lib/ceph/cp/journal-sde - - data: - type: block-logical - location: /dev/sdf - journal: - type: directory - location: /var/lib/ceph/cp/journal-sdf - - data: - type: block-logical - location: /dev/sdg - journal: - type: directory - location: /var/lib/ceph/cp/journal-sdg - - data: - type: block-logical - location: /dev/sdh - journal: - type: directory - location: /var/lib/ceph/cp/journal-sdh - - data: - type: block-logical - location: /dev/sdi - journal: - type: directory - location: /var/lib/ceph/cp/journal-sdi - - data: - type: block-logical - location: /dev/sdj - journal: - type: directory - location: /var/lib/ceph/cp/journal-sdj -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/ucp/divingbell/divingbell.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/ucp/divingbell/divingbell.yaml deleted file mode 100644 index 29f5a83..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/ucp/divingbell/divingbell.yaml +++ /dev/null @@ -1,51 +0,0 @@ ---- -# The purpose of this file is to define site-specific parameters to the -# UAM-lite portion of the divingbell chart: -# 1. User accounts to create on bare metal -# 2. SSH public key for operationg system access to the bare metal -# 3. Passwords for operating system access via iDrac/iLo console. SSH password- -# based auth is disabled. -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-divingbell - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: ucp-divingbell-global - actions: - - method: merge - path: . - storagePolicy: cleartext - substitutions: - - dest: - path: .values.conf.uamlite.users[0].user_sshkeys[0] - src: - schema: deckhand/PublicKey/v1 - name: airship_ssh_public_key - path: . - - dest: - path: .values.conf.uamlite.users[0].user_crypt_passwd - src: - schema: deckhand/Passphrase/v1 - name: ubuntu_crypt_password - path: . - - dest: - path: .values.conf.uamlite.users[1].user_sshkeys[0] - src: - schema: deckhand/PublicKey/v1 - name: airship_ssh_public_key - path: . -data: - values: - conf: - uamlite: - users: - - user_name: ubuntu - user_sudo: true - user_sshkeys: [] - - user_name: airship - user_sudo: true - user_sshkeys: [] -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/ucp/drydock/maas.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/ucp/drydock/maas.yaml deleted file mode 100644 index f0d2b32..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/ucp/drydock/maas.yaml +++ /dev/null @@ -1,37 +0,0 @@ ---- -# This file defines site-specific deviations for MaaS. -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-maas - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: ucp-maas-global - actions: - - method: replace - path: .values.conf.maas.proxy - - method: merge - path: . - storagePolicy: cleartext -data: - values: - conf: - maas: - images: - default_os: 'ubuntu' - default_image: 'xenial' - default_kernel: 'hwe-16.04' - proxy: - # Whether deploying nodes should use MaaS region as an APT proxy. - proxy_enabled: false - # NEWSITE-CHANGEME: Whether MaaS region should utilize an external proxy - # for accessing repos. Set to 'true' if your environment needs a proxy - # to get to the upstream package mirrors, and false otherwise. - peer_proxy_enabled: false - # NEWSITE-CHANGEME: If your site requires a proxy to reach upstream - # package mirrors, enter the proxy information here. Otherwise, comment - # out this line. - # proxy_server: http://proxy.example.com:8080 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/config/endpoints.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/config/endpoints.yaml deleted file mode 100644 index 5f58d06..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/config/endpoints.yaml +++ /dev/null @@ -1,1570 +0,0 @@ ---- -# The purpose of this file is to define the site's endpoint catalog. This should -# not need to be modified for a new site. -# #GLOBAL-CANDIDATE# -schema: pegleg/EndpointCatalogue/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_endpoints - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext - # substitutions: - # - src: - # schema: pegleg/CommonAddresses/v1 - # name: common-addresses - # path: .dns.ingress_domain - # dest: - # path: .ucp.identity.host_fqdn_override.public.host - # pattern: DOMAIN - # - src: - # schema: pegleg/CommonAddresses/v1 - # name: common-addresses - # path: .dns.ingress_domain - # dest: - # path: .ucp.shipyard.host_fqdn_override.public.host - # pattern: DOMAIN - # - src: - # schema: pegleg/CommonAddresses/v1 - # name: common-addresses - # path: .dns.ingress_domain - # dest: - # path: .ceph.object_store.host_fqdn_override.public.host - # pattern: DOMAIN - # - src: - # schema: pegleg/CommonAddresses/v1 - # name: common-addresses - # path: .dns.ingress_domain - # dest: - # path: .ceph.ceph_object_store.host_fqdn_override.public.host - # pattern: DOMAIN - # - src: - # schema: deckhand/Certificate/v1 - # name: ingress-crt - # path: . - # dest: - # path: .ceph.object_store.host_fqdn_override.public.tls.crt - # - src: - # schema: deckhand/CertificateAuthority/v1 - # name: ingress-ca - # path: . - # dest: - # path: .ceph.object_store.host_fqdn_override.public.tls.ca - # - src: - # schema: deckhand/CertificateKey/v1 - # name: ingress-key - # path: . - # dest: - # path: .ceph.object_store.host_fqdn_override.public.tls.key - # - src: - # schema: deckhand/Certificate/v1 - # name: ingress-crt - # path: . - # dest: - # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.crt - # - src: - # schema: deckhand/CertificateAuthority/v1 - # name: ingress-ca - # path: . - # dest: - # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.ca - # - src: - # schema: deckhand/CertificateKey/v1 - # name: ingress-key - # path: . - # dest: - # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.key - # - src: - # schema: deckhand/Certificate/v1 - # name: ingress-crt - # path: . - # dest: - # path: .ucp.identity.host_fqdn_override.public.tls.crt - # - src: - # schema: deckhand/CertificateAuthority/v1 - # name: ingress-ca - # path: . - # dest: - # path: .ucp.identity.host_fqdn_override.public.tls.ca - # - src: - # schema: deckhand/CertificateKey/v1 - # name: ingress-key - # path: . - # dest: - # path: .ucp.identity.host_fqdn_override.public.tls.key - # - src: - # schema: deckhand/Certificate/v1 - # name: ingress-crt - # path: . - # dest: - # path: .ucp.shipyard.host_fqdn_override.public.tls.crt - # - src: - # schema: deckhand/CertificateAuthority/v1 - # name: ingress-ca - # path: . - # dest: - # path: .ucp.shipyard.host_fqdn_override.public.tls.ca - # - src: - # schema: deckhand/CertificateKey/v1 - # name: ingress-key - # path: . - # dest: - # path: .ucp.shipyard.host_fqdn_override.public.tls.key -data: - ucp: - identity: - namespace: ucp - name: keystone - hosts: - default: keystone-api - public: keystone - host_fqdn_override: - default: null - # public: - # host: iam.DOMAIN - path: - default: /v3 - scheme: - default: http - # public: https - port: - admin: - default: 35357 - api: - default: 80 - public: 80 - armada: - name: armada - hosts: - default: armada-api - public: armada - port: - api: - default: 8000 - path: - default: /api/v1.0 - scheme: - default: http - host_fqdn_override: - default: null - deckhand: - name: deckhand - hosts: - default: deckhand-int - public: deckhand-api - port: - api: - default: 9000 - path: - default: /api/v1.0 - scheme: - default: http - host_fqdn_override: - default: null - postgresql: - name: postgresql - hosts: - default: postgresql - path: /DB_NAME - scheme: postgresql+psycopg2 - port: - postgresql: - default: 5432 - host_fqdn_override: - default: null - postgresql_airflow_celery: - name: postgresql_airflow_celery_db - hosts: - default: postgresql - path: /DB_NAME - scheme: db+postgresql - port: - postgresql: - default: 5432 - host_fqdn_override: - default: null - oslo_db: - hosts: - default: mariadb - discovery: mariadb-discovery - host_fqdn_override: - default: null - path: /DB_NAME - scheme: mysql+pymysql - port: - mysql: - default: 3306 - wsrep: - default: 4567 - key_manager: - name: barbican - hosts: - default: barbican-api - public: barbican - host_fqdn_override: - default: null - path: - default: /v1 - scheme: - default: http - port: - api: - default: 9311 - public: 80 - oslo_messaging: - namespace: null - hosts: - default: rabbitmq - host_fqdn_override: - default: null - path: /openstack - scheme: rabbit - port: - amqp: - default: 5672 - oslo_cache: - hosts: - default: memcached - host_fqdn_override: - default: null - port: - memcache: - default: 11211 - physicalprovisioner: - name: drydock - hosts: - default: drydock-api - port: - api: - default: 9000 - nodeport: 31900 - path: - default: /api/v1.0 - scheme: - default: http - host_fqdn_override: - default: null - maas_region_ui: - name: maas-region-ui - hosts: - default: maas-region-ui - public: maas - path: - default: /MAAS - scheme: - default: "http" - port: - region_ui: - default: 80 - public: 80 - host_fqdn_override: - default: null - kubernetesprovisioner: - name: promenade - hosts: - default: promenade-api - port: - api: - default: 80 - path: - default: /api/v1.0 - scheme: - default: http - host_fqdn_override: - default: null - shipyard: - name: shipyard - hosts: - default: shipyard-int - public: shipyard-api - port: - api: - default: 9000 - public: 80 - path: - default: /api/v1.0 - scheme: - default: http - # public: https - host_fqdn_override: - default: null - # public: - # host: shipyard.DOMAIN - airflow_web: - name: airflow-web - hosts: - default: airflow-web-int - public: airflow-web - port: - airflow_web: - default: 8080 - path: - default: / - scheme: - default: http - host_fqdn_override: - default: null - airflow_flower: - name: airflow-flower - hosts: - default: airflow-flower - port: - airflow_flower: - default: 5555 - path: - default: / - scheme: - default: http - host_fqdn_override: - default: null - ceph: - object_store: - name: swift - namespace: ceph - hosts: - default: ceph-rgw - public: radosgw - host_fqdn_override: - default: null - # public: - # host: object-store.DOMAIN - path: - default: /swift/v1 - scheme: - default: http - # public: "https" - port: - api: - default: 8088 - # public: 443 - ceph_object_store: - name: radosgw - namespace: ceph - hosts: - default: ceph-rgw - public: radosgw - host_fqdn_override: - default: null - # public: - # host: object-store.DOMAIN - path: - default: /auth/v1.0 - scheme: - default: "http" - # public: "https" - port: - api: - default: 8088 - # public: 443 - ceph_mon: - namespace: ceph - hosts: - default: ceph-mon - discovery: ceph-mon-discovery - host_fqdn_override: - default: null - port: - mon: - default: 6789 - ceph_mgr: - namespace: ceph - hosts: - default: ceph-mgr - host_fqdn_override: - default: null - port: - mgr: - default: 7000 - scheme: - default: http -... ---- -schema: pegleg/EndpointCatalogue/v1 -metadata: - schema: metadata/Document/v1 - name: osh_endpoints - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext - # substitutions: - # - src: - # schema: pegleg/CommonAddresses/v1 - # name: common-addresses - # path: .dns.ingress_domain - # dest: - # path: .osh.object_store.host_fqdn_override.public.host - # pattern: DOMAIN - # - src: - # schema: pegleg/CommonAddresses/v1 - # name: common-addresses - # path: .dns.ingress_domain - # dest: - # path: .osh.ceph_object_store.host_fqdn_override.public.host - # pattern: DOMAIN - # - src: - # schema: deckhand/Certificate/v1 - # name: ingress-crt - # path: . - # dest: - # path: .osh.object_store.host_fqdn_override.public.tls.crt - # - src: - # schema: deckhand/CertificateAuthority/v1 - # name: ingress-ca - # path: . - # dest: - # path: .osh.object_store.host_fqdn_override.public.tls.ca - # - src: - # schema: deckhand/CertificateKey/v1 - # name: ingress-key - # path: . - # dest: - # path: .osh.object_store.host_fqdn_override.public.tls.key - # - src: - # schema: deckhand/Certificate/v1 - # name: ingress-crt - # path: . - # dest: - # path: .osh.ceph_object_store.host_fqdn_override.public.tls.crt - # - src: - # schema: deckhand/CertificateAuthority/v1 - # name: ingress-ca - # path: . - # dest: - # path: .osh.ceph_object_store.host_fqdn_override.public.tls.ca - # - src: - # schema: deckhand/CertificateKey/v1 - # name: ingress-key - # path: . - # dest: - # path: .osh.ceph_object_store.host_fqdn_override.public.tls.key - # - src: - # schema: pegleg/CommonAddresses/v1 - # name: common-addresses - # path: .dns.ingress_domain - # dest: - # path: .osh.image.host_fqdn_override.public.host - # pattern: DOMAIN - # - src: - # schema: pegleg/CommonAddresses/v1 - # name: common-addresses - # path: .dns.ingress_domain - # dest: - # path: .osh.cloudformation.host_fqdn_override.public.host - # pattern: DOMAIN - # - src: - # schema: pegleg/CommonAddresses/v1 - # name: common-addresses - # path: .dns.ingress_domain - # dest: - # path: .osh.orchestration.host_fqdn_override.public.host - # pattern: DOMAIN - # - src: - # schema: pegleg/CommonAddresses/v1 - # name: common-addresses - # path: .dns.ingress_domain - # dest: - # path: .osh.compute.host_fqdn_override.public.host - # pattern: DOMAIN - # - src: - # schema: pegleg/CommonAddresses/v1 - # name: common-addresses - # path: .dns.ingress_domain - # dest: - # path: .osh.compute_novnc_proxy.host_fqdn_override.public.host - # pattern: DOMAIN - # - src: - # schema: pegleg/CommonAddresses/v1 - # name: common-addresses - # path: .dns.ingress_domain - # dest: - # path: .osh.placement.host_fqdn_override.public.host - # pattern: DOMAIN - # - src: - # schema: pegleg/CommonAddresses/v1 - # name: common-addresses - # path: .dns.ingress_domain - # dest: - # path: .osh.network.host_fqdn_override.public.host - # pattern: DOMAIN - # - src: - # schema: pegleg/CommonAddresses/v1 - # name: common-addresses - # path: .dns.ingress_domain - # dest: - # path: .osh.identity.host_fqdn_override.public.host - # pattern: DOMAIN - # - src: - # schema: pegleg/CommonAddresses/v1 - # name: common-addresses - # path: .dns.ingress_domain - # dest: - # path: .osh.dashboard.host_fqdn_override.public.host - # pattern: DOMAIN - # - src: - # schema: pegleg/CommonAddresses/v1 - # name: common-addresses - # path: .dns.ingress_domain - # dest: - # path: .osh.volume.host_fqdn_override.public.host - # pattern: DOMAIN - # - src: - # schema: pegleg/CommonAddresses/v1 - # name: common-addresses - # path: .dns.ingress_domain - # dest: - # path: .osh.volumev2.host_fqdn_override.public.host - # pattern: DOMAIN - # - src: - # schema: pegleg/CommonAddresses/v1 - # name: common-addresses - # path: .dns.ingress_domain - # dest: - # path: .osh.volumev3.host_fqdn_override.public.host - # pattern: DOMAIN - # - src: - # schema: deckhand/Certificate/v1 - # name: ingress-crt - # path: . - # dest: - # path: .osh.identity.host_fqdn_override.public.tls.crt - # - src: - # schema: deckhand/CertificateAuthority/v1 - # name: ingress-ca - # path: . - # dest: - # path: .osh.identity.host_fqdn_override.public.tls.ca - # - src: - # schema: deckhand/CertificateKey/v1 - # name: ingress-key - # path: . - # dest: - # path: .osh.identity.host_fqdn_override.public.tls.key - # - src: - # schema: deckhand/Certificate/v1 - # name: ingress-crt - # path: . - # dest: - # path: .osh.orchestration.host_fqdn_override.public.tls.crt - # - src: - # schema: deckhand/CertificateAuthority/v1 - # name: ingress-ca - # path: . - # dest: - # path: .osh.orchestration.host_fqdn_override.public.tls.ca - # - src: - # schema: deckhand/CertificateKey/v1 - # name: ingress-key - # path: . - # dest: - # path: .osh.orchestration.host_fqdn_override.public.tls.key - # - src: - # schema: deckhand/Certificate/v1 - # name: ingress-crt - # path: . - # dest: - # path: .osh.cloudformation.host_fqdn_override.public.tls.crt - # - src: - # schema: deckhand/CertificateAuthority/v1 - # name: ingress-ca - # path: . - # dest: - # path: .osh.cloudformation.host_fqdn_override.public.tls.ca - # - src: - # schema: deckhand/CertificateKey/v1 - # name: ingress-key - # path: . - # dest: - # path: .osh.cloudformation.host_fqdn_override.public.tls.key - # - src: - # schema: deckhand/Certificate/v1 - # name: ingress-crt - # path: . - # dest: - # path: .osh.dashboard.host_fqdn_override.public.tls.crt - # - src: - # schema: deckhand/CertificateAuthority/v1 - # name: ingress-ca - # path: . - # dest: - # path: .osh.dashboard.host_fqdn_override.public.tls.ca - # - src: - # schema: deckhand/CertificateKey/v1 - # name: ingress-key - # path: . - # dest: - # path: .osh.dashboard.host_fqdn_override.public.tls.key - # - src: - # schema: deckhand/Certificate/v1 - # name: ingress-crt - # path: . - # dest: - # path: .osh.image.host_fqdn_override.public.tls.crt - # - src: - # schema: deckhand/CertificateAuthority/v1 - # name: ingress-ca - # path: . - # dest: - # path: .osh.image.host_fqdn_override.public.tls.ca - # - src: - # schema: deckhand/CertificateKey/v1 - # name: ingress-key - # path: . - # dest: - # path: .osh.image.host_fqdn_override.public.tls.key - # - src: - # schema: deckhand/Certificate/v1 - # name: ingress-crt - # path: . - # dest: - # path: .osh.volume.host_fqdn_override.public.tls.crt - # - src: - # schema: deckhand/CertificateAuthority/v1 - # name: ingress-ca - # path: . - # dest: - # path: .osh.volume.host_fqdn_override.public.tls.ca - # - src: - # schema: deckhand/CertificateKey/v1 - # name: ingress-key - # path: . - # dest: - # path: .osh.volume.host_fqdn_override.public.tls.key - # - src: - # schema: deckhand/Certificate/v1 - # name: ingress-crt - # path: . - # dest: - # path: .osh.volumev2.host_fqdn_override.public.tls.crt - # - src: - # schema: deckhand/CertificateAuthority/v1 - # name: ingress-ca - # path: . - # dest: - # path: .osh.volumev2.host_fqdn_override.public.tls.ca - # - src: - # schema: deckhand/CertificateKey/v1 - # name: ingress-key - # path: . - # dest: - # path: .osh.volumev2.host_fqdn_override.public.tls.key - # - src: - # schema: deckhand/Certificate/v1 - # name: ingress-crt - # path: . - # dest: - # path: .osh.volumev3.host_fqdn_override.public.tls.crt - # - src: - # schema: deckhand/CertificateAuthority/v1 - # name: ingress-ca - # path: . - # dest: - # path: .osh.volumev3.host_fqdn_override.public.tls.ca - # - src: - # schema: deckhand/CertificateKey/v1 - # name: ingress-key - # path: . - # dest: - # path: .osh.volumev3.host_fqdn_override.public.tls.key - # - src: - # schema: deckhand/Certificate/v1 - # name: ingress-crt - # path: . - # dest: - # path: .osh.compute.host_fqdn_override.public.tls.crt - # - src: - # schema: deckhand/CertificateAuthority/v1 - # name: ingress-ca - # path: . - # dest: - # path: .osh.compute.host_fqdn_override.public.tls.ca - # - src: - # schema: deckhand/CertificateKey/v1 - # name: ingress-key - # path: . - # dest: - # path: .osh.compute.host_fqdn_override.public.tls.key - # - src: - # schema: deckhand/Certificate/v1 - # name: ingress-crt - # path: . - # dest: - # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.crt - # - src: - # schema: deckhand/CertificateAuthority/v1 - # name: ingress-ca - # path: . - # dest: - # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.ca - # - src: - # schema: deckhand/CertificateKey/v1 - # name: ingress-key - # path: . - # dest: - # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.key - # - src: - # schema: deckhand/Certificate/v1 - # name: ingress-crt - # path: . - # dest: - # path: .osh.placement.host_fqdn_override.public.tls.crt - # - src: - # schema: deckhand/CertificateAuthority/v1 - # name: ingress-ca - # path: . - # dest: - # path: .osh.placement.host_fqdn_override.public.tls.ca - # - src: - # schema: deckhand/CertificateKey/v1 - # name: ingress-key - # path: . - # dest: - # path: .osh.placement.host_fqdn_override.public.tls.key - # - src: - # schema: deckhand/Certificate/v1 - # name: ingress-crt - # path: . - # dest: - # path: .osh.network.host_fqdn_override.public.tls.crt - # - src: - # schema: deckhand/CertificateAuthority/v1 - # name: ingress-ca - # path: . - # dest: - # path: .osh.network.host_fqdn_override.public.tls.ca - # - src: - # schema: deckhand/CertificateKey/v1 - # name: ingress-key - # path: . - # dest: - # path: .osh.network.host_fqdn_override.public.tls.key -data: - osh: - object_store: - name: swift - namespace: ceph - hosts: - default: ceph-rgw - public: radosgw - host_fqdn_override: - default: null - # public: - # host: object-store.DOMAIN - path: - default: /swift/v1/KEY_$(tenant_id)s - scheme: - default: http - # public: "https" - port: - api: - default: 8088 - # public: 443 - ceph_object_store: - name: radosgw - namespace: ceph - hosts: - default: ceph-rgw - public: radosgw - host_fqdn_override: - default: null - # public: - # host: object-store.DOMAIN - path: - default: /auth/v1.0 - scheme: - default: "http" - # public: "https" - port: - api: - default: 8088 - # public: 443 - oslo_db: - hosts: - default: mariadb - discovery: mariadb-discovery - host_fqdn_override: - default: null - path: /DB_NAME - scheme: mysql+pymysql - port: - mysql: - default: 3306 - wsrep: - default: 4567 - keystone_oslo_messaging: - namespace: openstack - hosts: - default: keystone-rabbitmq - host_fqdn_override: - default: null - path: /keystone - scheme: rabbit - port: - amqp: - default: 5672 - http: - default: 15672 - keystone_rabbitmq_exporter: - namespace: openstack - hosts: - default: keystone-rabbitmq-exporter - host_fqdn_override: - default: null - path: - default: /metrics - scheme: - default: "http" - port: - metrics: - default: 9095 - oslo_cache: - namespace: openstack - hosts: - default: memcached - host_fqdn_override: - default: null - port: - memcache: - default: 11211 - identity: - namespace: openstack - name: keystone - hosts: - default: keystone-api - public: keystone - host_fqdn_override: - default: null - # public: - # host: identity.DOMAIN - path: - default: /v3 - scheme: - default: "http" - # public: "https" - port: - admin: - default: 35357 - api: - default: 80 - # public: 443 - glance_oslo_messaging: - namespace: openstack - hosts: - default: glance-rabbitmq - host_fqdn_override: - default: null - path: /glance - scheme: rabbit - port: - amqp: - default: 5672 - http: - default: 15672 - glance_rabbitmq_exporter: - namespace: openstack - hosts: - default: glance-rabbitmq-exporter - host_fqdn_override: - default: null - path: - default: /metrics - scheme: - default: "http" - port: - metrics: - default: 9095 - image: - name: glance - hosts: - default: glance-api - public: glance - host_fqdn_override: - default: null - # public: - # host: image.DOMAIN - path: - default: null - scheme: - default: "http" - # public: "https" - port: - api: - default: 9292 - # public: 443 - image_registry: - name: glance-registry - hosts: - default: glance-registry - public: glance-reg - host_fqdn_override: - default: null - path: - default: null - scheme: - default: "http" - port: - api: - default: 9191 - public: 80 - cinder_oslo_messaging: - namespace: openstack - hosts: - default: cinder-rabbitmq - host_fqdn_override: - default: null - path: /cinder - scheme: rabbit - port: - amqp: - default: 5672 - http: - default: 15672 - cinder_rabbitmq_exporter: - namespace: openstack - hosts: - default: cinder-rabbitmq-exporter - host_fqdn_override: - default: null - path: - default: /metrics - scheme: - default: "http" - port: - metrics: - default: 9095 - volume: - name: cinder - hosts: - default: cinder-api - public: cinder - host_fqdn_override: - default: null - # public: - # host: volume.DOMAIN - path: - default: "/v1/%(tenant_id)s" - scheme: - default: "http" - # public: "https" - port: - api: - default: 8776 - # public: 443 - volumev2: - name: cinderv2 - hosts: - default: cinder-api - public: cinder - host_fqdn_override: - default: null - # public: - # host: volume.DOMAIN - path: - default: "/v2/%(tenant_id)s" - scheme: - default: "http" - # public: "https" - port: - api: - default: 8776 - # public: 443 - volumev3: - name: cinderv3 - hosts: - default: cinder-api - public: cinder - host_fqdn_override: - default: null - # public: - # host: volume.DOMAIN - path: - default: "/v3/%(tenant_id)s" - scheme: - default: "http" - # public: "https" - port: - api: - default: 8776 - # public: 443 - heat_oslo_messaging: - namespace: openstack - hosts: - default: heat-rabbitmq - host_fqdn_override: - default: null - path: /heat - scheme: rabbit - port: - amqp: - default: 5672 - http: - default: 15672 - heat_rabbitmq_exporter: - namespace: openstack - hosts: - default: heat-rabbitmq-exporter - host_fqdn_override: - default: null - path: - default: /metrics - scheme: - default: "http" - port: - metrics: - default: 9095 - orchestration: - name: heat - hosts: - default: heat-api - public: heat - host_fqdn_override: - default: null - # public: - # host: orchestration.DOMAIN - path: - default: "/v1/%(project_id)s" - scheme: - default: "http" - # public: "https" - port: - api: - default: 8004 - # public: 443 - cloudformation: - name: heat-cfn - hosts: - default: heat-cfn - public: cloudformation - host_fqdn_override: - default: null - # public: - # host: cloudformation.DOMAIN - path: - default: /v1 - scheme: - default: "http" - # public: "https" - port: - api: - default: 8000 - # public: 443 - cloudwatch: - name: heat-cloudwatch - hosts: - default: heat-cloudwatch - public: cloudwatch - host_fqdn_override: - default: null - path: - default: null - type: null - scheme: - default: "http" - port: - api: - default: 8003 - public: 80 - neutron_oslo_messaging: - namespace: openstack - hosts: - default: neutron-rabbitmq - host_fqdn_override: - default: null - path: /neutron - scheme: rabbit - port: - amqp: - default: 5672 - http: - default: 15672 - neutron_rabbitmq_exporter: - namespace: openstack - hosts: - default: neutron-rabbitmq-exporter - host_fqdn_override: - default: null - path: - default: /metrics - scheme: - default: "http" - port: - metrics: - default: 9095 - network: - name: neutron - hosts: - default: neutron-server - public: neutron - host_fqdn_override: - default: null - # public: - # host: network.DOMAIN - path: - default: null - scheme: - default: "http" - # public: "https" - port: - api: - default: 9696 - # public: 443 - nova_oslo_messaging: - namespace: openstack - hosts: - default: nova-rabbitmq - host_fqdn_override: - default: null - path: /nova - scheme: rabbit - port: - amqp: - default: 5672 - http: - default: 15672 - nova_rabbitmq_exporter: - namespace: openstack - hosts: - default: nova-rabbitmq-exporter - host_fqdn_override: - default: null - path: - default: /metrics - scheme: - default: "http" - port: - metrics: - default: 9095 - compute: - name: nova - hosts: - default: nova-api - public: nova - host_fqdn_override: - default: null - # public: - # host: compute.DOMAIN - path: - default: "/v2/%(tenant_id)s" - scheme: - default: "http" - # public: "https" - port: - api: - default: 8774 - # public: 443 - novncproxy: - default: 443 - compute_metadata: - name: nova - hosts: - default: nova-metadata - public: metadata - host_fqdn_override: - default: null - path: - default: / - scheme: - default: "http" - port: - metadata: - default: 8775 - public: 80 - compute_novnc_proxy: - name: nova - hosts: - default: nova-novncproxy - public: novncproxy - host_fqdn_override: - default: null - # public: - # host: nova-novncproxy.DOMAIN - path: - default: /vnc_auto.html - scheme: - default: "http" - # public: "https" - port: - novnc_proxy: - default: 6080 - # public: 443 - compute_spice_proxy: - name: nova - hosts: - default: nova-spiceproxy - host_fqdn_override: - default: null - path: - default: /spice_auto.html - scheme: - default: "http" - port: - spice_proxy: - default: 6082 - placement: - name: placement - hosts: - default: placement-api - public: placement - host_fqdn_override: - default: null - # public: - # host: placement.DOMAIN - path: - default: / - scheme: - default: "http" - # public: "https" - port: - api: - default: 8778 - # public: 443 - dashboard: - name: horizon - hosts: - default: horizon-int - public: horizon - host_fqdn_override: - default: null - # public: - # host: dashboard.DOMAIN - path: - default: null - scheme: - default: "http" - # public: "https" - port: - web: - default: 80 - # public: 443 -... ---- -schema: pegleg/EndpointCatalogue/v1 -metadata: - schema: metadata/Document/v1 - name: osh_infra_endpoints - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext - # substitutions: - # - src: - # schema: pegleg/CommonAddresses/v1 - # name: common-addresses - # path: .dns.ingress_domain - # dest: - # path: .osh_infra.kibana.host_fqdn_override.public.host - # pattern: DOMAIN - # - src: - # schema: pegleg/CommonAddresses/v1 - # name: common-addresses - # path: .dns.ingress_domain - # dest: - # path: .osh_infra.grafana.host_fqdn_override.public.host - # pattern: DOMAIN - # - src: - # schema: pegleg/CommonAddresses/v1 - # name: common-addresses - # path: .dns.ingress_domain - # dest: - # path: .osh_infra.nagios.host_fqdn_override.public.host - # pattern: DOMAIN - # - src: - # schema: deckhand/Certificate/v1 - # name: ingress-crt - # path: . - # dest: - # path: .osh_infra.kibana.host_fqdn_override.public.tls.crt - # - src: - # schema: deckhand/CertificateAuthority/v1 - # name: ingress-ca - # path: . - # dest: - # path: .osh_infra.kibana.host_fqdn_override.public.tls.ca - # - src: - # schema: deckhand/CertificateKey/v1 - # name: ingress-key - # path: . - # dest: - # path: .osh_infra.kibana.host_fqdn_override.public.tls.key - # - src: - # schema: deckhand/Certificate/v1 - # name: ingress-crt - # path: . - # dest: - # path: .osh_infra.grafana.host_fqdn_override.public.tls.crt - # - src: - # schema: deckhand/CertificateAuthority/v1 - # name: ingress-ca - # path: . - # dest: - # path: .osh_infra.grafana.host_fqdn_override.public.tls.ca - # - src: - # schema: deckhand/CertificateKey/v1 - # name: ingress-key - # path: . - # dest: - # path: .osh_infra.grafana.host_fqdn_override.public.tls.key - # - src: - # schema: deckhand/Certificate/v1 - # name: ingress-crt - # path: . - # dest: - # path: .osh_infra.nagios.host_fqdn_override.public.tls.crt - # - src: - # schema: deckhand/CertificateAuthority/v1 - # name: ingress-ca - # path: . - # dest: - # path: .osh_infra.nagios.host_fqdn_override.public.tls.ca - # - src: - # schema: deckhand/CertificateKey/v1 - # name: ingress-key - # path: . - # dest: - # path: .osh_infra.nagios.host_fqdn_override.public.tls.key - # path: .osh_infra.nagios.host_fqdn_override.public.tls.key - # - src: - # schema: pegleg/CommonAddresses/v1 - # name: common-addresses - # path: .ldap.base_url - # dest: - # path: .osh_infra.ldap.host_fqdn_override.public.host - # pattern: DOMAIN - # - src: - # schema: pegleg/CommonAddresses/v1 - # name: common-addresses - # path: .ldap.auth_path - # dest: - # path: .osh_infra.ldap.path.default - # pattern: AUTH_PATH -data: - osh_infra: - elasticsearch: - name: elasticsearch - namespace: osh-infra - hosts: - data: elasticsearch-data - default: elasticsearch-logging - discovery: elasticsearch-discovery - public: elasticsearch - host_fqdn_override: - default: null - path: - default: null - scheme: - default: "http" - port: - http: - default: 80 - prometheus_elasticsearch_exporter: - namespace: null - hosts: - default: elasticsearch-exporter - host_fqdn_override: - default: null - path: - default: /metrics - scheme: - default: "http" - port: - metrics: - default: 9108 - fluentd: - namespace: osh-infra - name: fluentd - hosts: - default: fluentd-logging - host_fqdn_override: - default: null - path: - default: null - scheme: - default: "http" - port: - service: - default: 24224 - metrics: - default: 24220 - prometheus_fluentd_exporter: - namespace: osh-infra - hosts: - default: fluentd-exporter - host_fqdn_override: - default: null - path: - default: /metrics - scheme: - default: "http" - port: - metrics: - default: 9309 - oslo_db: - namespace: osh-infra - hosts: - default: mariadb - host_fqdn_override: - default: null - path: /DB_NAME - scheme: mysql+pymysql - port: - mysql: - default: 3306 - grafana: - name: grafana - namespace: osh-infra - hosts: - default: grafana-dashboard - public: grafana - host_fqdn_override: - default: null - # public: - # host: grafana.DOMAIN - path: - default: null - scheme: - default: "http" - # public: "https" - port: - grafana: - default: 3000 - # public: 443 - monitoring: - name: prometheus - namespace: osh-infra - hosts: - default: prom-metrics - public: prometheus - host_fqdn_override: - default: null - path: - default: null - scheme: - default: "http" - port: - api: - default: 9090 - public: 80 - kibana: - name: kibana - namespace: osh-infra - hosts: - default: kibana-dash - public: kibana - host_fqdn_override: - default: null - # public: - # host: kibana.DOMAIN - path: - default: null - scheme: - default: "http" - # public: "https" - port: - kibana: - default: 5601 - # public: 443 - alerts: - name: alertmanager - namespace: osh-infra - hosts: - default: alerts-engine - public: alertmanager - discovery: alertmanager-discovery - host_fqdn_override: - default: null - path: - default: null - scheme: - default: "http" - port: - api: - default: 9093 - public: 80 - mesh: - default: 6783 - kube_state_metrics: - namespace: kube-system - hosts: - default: kube-state-metrics - host_fqdn_override: - default: null - path: - default: null - scheme: - default: "http" - port: - http: - default: 8080 - kube_scheduler: - scheme: - default: "http" - path: - default: /metrics - kube_controller_manager: - scheme: - default: "http" - path: - default: /metrics - node_metrics: - namespace: kube-system - hosts: - default: node-exporter - host_fqdn_override: - default: null - path: - default: null - scheme: - default: "http" - port: - metrics: - default: 9100 - prometheus_port: - default: 9100 - prometheus_openstack_exporter: - namespace: openstack - hosts: - default: openstack-metrics - host_fqdn_override: - default: null - path: - default: null - scheme: - default: "http" - port: - exporter: - default: 9103 - nagios: - name: nagios - namespace: osh-infra - hosts: - default: nagios-metrics - public: nagios - host_fqdn_override: - default: null - # public: - # host: nagios.DOMAIN - path: - default: null - scheme: - default: http - # public: https - port: - http: - default: 80 - # public: 443 - ldap: - hosts: - default: ldap - host_fqdn_override: - default: null - public: - host: DOMAIN - path: - default: /AUTH_PATH - scheme: - default: "ldap" - port: - ldap: - default: 389 -... diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/manifests/full-site.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/manifests/full-site.yaml deleted file mode 100644 index 593dfc1..0000000 --- a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/manifests/full-site.yaml +++ /dev/null @@ -1,56 +0,0 @@ ---- -# This file defines the "full-site" armada manifest and should not need to -# change for new sites. -# #GLOBAL-CANDIDATE# -schema: armada/Manifest/v1 -metadata: - schema: metadata/Document/v1 - name: full-site - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: full-site-global - actions: - - method: merge - path: . - storagePolicy: cleartext -data: - release_prefix: airship - chart_groups: - - kubernetes-proxy - - kubernetes-container-networking - - kubernetes-dns - - kubernetes-etcd - - kubernetes-haproxy - - kubernetes-core - - ingress-kube-system - - ucp-ceph-update - - ucp-ceph-config - - ucp-core - - ucp-keystone - - ucp-divingbell - - ucp-armada - - ucp-deckhand - - ucp-drydock - - ucp-promenade - - ucp-shipyard - - osh-infra-ingress-controller - - osh-infra-ceph-config - - osh-infra-logging - - osh-infra-monitoring - - osh-infra-mariadb - - osh-infra-dashboards - - openstack-ingress-controller - - openstack-ceph-config - - openstack-mariadb - - openstack-memcached - - openstack-keystone - - openstack-radosgw - - openstack-glance - - openstack-cinder - - openstack-compute-kit - - openstack-heat - - osh-infra-prometheus-openstack-exporter - - openstack-horizon -... diff --git a/site_type/sriov/airship-treasuremap/type/foundry/v4.0/network/KubernetesNetwork.yaml b/site_type/sriov/airship-treasuremap/type/foundry/v4.0/network/KubernetesNetwork.yaml deleted file mode 100644 index 1124d63..0000000 --- a/site_type/sriov/airship-treasuremap/type/foundry/v4.0/network/KubernetesNetwork.yaml +++ /dev/null @@ -1,97 +0,0 @@ ---- -schema: promenade/KubernetesNetwork/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-network - layeringDefinition: - abstract: false - layer: type - storagePolicy: cleartext - substitutions: - # DNS - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .dns.cluster_domain - dest: - path: .dns.cluster_domain - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .dns.service_ip - dest: - path: .dns.service_ip - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .dns.upstream_servers - dest: - path: .dns.upstream_servers - - # Kubernetes IPs - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.api_service_ip - dest: - path: .kubernetes.service_ip - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.pod_cidr - dest: - path: .kubernetes.pod_cidr - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.service_cidr - dest: - path: .kubernetes.service_cidr - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.apiserver_port - dest: - path: .kubernetes.apiserver_port - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.haproxy_port - dest: - path: .kubernetes.haproxy_port - - # etcd IPs - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .etcd.container_port - dest: - path: .etcd.container_port - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .etcd.haproxy_port - dest: - path: .etcd.haproxy_port - - # proxy - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .proxy.http - dest: - path: .proxy.url - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .proxy.no_proxy - dest: - path: .proxy.additional_no_proxy - -data: - dns: - bootstrap_validation_checks: - - calico-etcd.kube-system.svc.cluster.local - - kubernetes-etcd.kube-system.svc.cluster.local - - kubernetes.default.svc.cluster.local -... diff --git a/site_type/sriov/templates/baremetal/bootaction-sriov-blacklist.j2 b/site_type/sriov/templates/baremetal/bootaction-sriov-blacklist.j2 deleted file mode 100644 index 2ad6637..0000000 --- a/site_type/sriov/templates/baremetal/bootaction-sriov-blacklist.j2 +++ /dev/null @@ -1,42 +0,0 @@ ---- -############################################################################## -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -schema: 'drydock/BootAction/v1' -metadata: - schema: 'metadata/Document/v1' - name: i40evf_blacklist - storagePolicy: 'cleartext' - layeringDefinition: - abstract: false - layer: site - labels: - application: 'drydock' -data: - signaling: false - node_filter: - filter_set_type: 'union' - filter_set: - - filter_type: 'union' - assets: - - path: /etc/modprobe.d/sriov_blacklist.conf - type: file - permissions: '644' - data_pipeline: - - utf8_decode - data: | - blacklist i40evf -... diff --git a/site_type/sriov/templates/baremetal/calico-ip-rules.j2 b/site_type/sriov/templates/baremetal/calico-ip-rules.j2 deleted file mode 100644 index 328a1b6..0000000 --- a/site_type/sriov/templates/baremetal/calico-ip-rules.j2 +++ /dev/null @@ -1,160 +0,0 @@ ---- -############################################################################## -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -schema: 'drydock/BootAction/v1' -metadata: - schema: 'metadata/Document/v1' - name: calico-ip-rules - storagePolicy: 'cleartext' - layeringDefinition: - abstract: false - layer: site - labels: - application: 'drydock' - substitutions: - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.pod_cidr - dest: - path: .assets[0].data - pattern: DH_SUB_POD_CIDR -data: - signaling: false - assets: - - path: /etc/systemd/system/configure-ip-rules.service - type: unit - permissions: '444' - data: |- - [Unit] - Description=IP Rules Initialization Service - After=network-online.target local-fs.target - - [Service] - Type=simple - ExecStart=/opt/configure-ip-rules.sh -g {{yaml.networks.ksn.vrrp_ip}} -c {{yaml.kubernetes.pod_cidr}} -s {{yaml.networks.ksn.additional_cidrs | first}} - - [Install] - WantedBy=multi-user.target - data_pipeline: - - utf8_decode - - path: /opt/configure-ip-rules.sh - type: file - permissions: '700' - data_pipeline: - - utf8_decode - data: |- - #!/bin/bash - set -ex - - function usage() { - cat <&2 - exit 1 - ;; - :) - echo "Missing argument for option: -${OPTARG}" >&2 - exit 1 - ;; - *) - echo "Unimplemented option: -${OPTARG}" >&2 - exit 1 - ;; - esac - done - shift $((OPTIND-1)) - - if [ "x$POD_CIDR" == "x" ]; then - echo "Missing pod CIDR, e.g -c {{yaml.kubernetes.pod_cidr}}" >&2 - usage - exit 1 - fi - - if [ "x$INTERFACE" == "x" ]; then - echo "Missing interface, e.g. -i bond1.2006" >&2 - usage - exit 1 - fi - - while ! ip route list dev "${INTERFACE}" > /dev/null; do - echo Waiting for device "${INTERFACE}" to be ready. >&2 - sleep 5 - done - - intra_vrrp_ip=$(ip route list dev "${INTERFACE}" | awk '($2~/via/){print $3}' | head -n 1) - - TABLE="1500" - - # Setup a routing table for traffic from service IPs - ip route flush table "${TABLE}" - ip route add default via "${intra_vrrp_ip}" table "${TABLE}" - - if [ "x$OVERLAP_CIDR" != "x" ]; then - # NOTE(mb874d): This is a work-around for nodes not receiving complete - # routes via BGP. It may also be required for brownfield large sites. - ip route add "${OVERLAP_CIDR}" via "${intra_vrrp_ip}" - fi - - if [ "x$SERVICE_CIDR" != "x" ]; then - # Traffic from the service IPs to pods should use the pod network. - ip rule add \ - from "${SERVICE_CIDR}" \ - to "${POD_CIDR}" \ - lookup main \ - pref 10000 - # Other traffic from service IPs should only use the VRRP IP - ip rule add \ - from "${SERVICE_CIDR}" \ - lookup "${TABLE}" \ - pref 10100 - fi -... diff --git a/site_type/sriov/templates/baremetal/promjoin.j2 b/site_type/sriov/templates/baremetal/promjoin.j2 deleted file mode 100644 index d16b48e..0000000 --- a/site_type/sriov/templates/baremetal/promjoin.j2 +++ /dev/null @@ -1,65 +0,0 @@ ---- -############################################################################## -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -schema: 'drydock/BootAction/v1' -metadata: - schema: 'metadata/Document/v1' - name: promjoin - storagePolicy: 'cleartext' - layeringDefinition: - abstract: false - layer: site - labels: - application: 'drydock' -data: - signaling: false - node_filter: - filter_set_type: 'union' - filter_set: - - filter_type: 'union' - node_names: -{% for server in yaml.masters %} - - '{{server.name}}' -{% endfor %} -{% if 'workers' in yaml %}{% for server in yaml.workers %} - - '{{server.name}}' -{% endfor %}{% endif %} -{% raw %} # TODO(alanmeadows) move what is global about this document - everything except nodenames to global - assets: - - path: /opt/promjoin.sh - type: file - permissions: '555' - # TODO(alanmeadows) You must replace the ip= parameter below with the appropriate MaaS network name of the network - # you should use to contact kubernetes in the case below, this is cab24_mgmt - location: promenade+http://promenade-api.ucp.svc.cluster.local/api/v1.0/join-scripts?design_ref={{ action.design_ref | urlencode }}&hostname={{ node.hostname }}&ip={{ node.network.calico.ip }}{% for k, v in node.labels.items() %}&labels.dynamic={{ k }}={{ v }}{% endfor %} - location_pipeline: - - template - data_pipeline: - - utf8_decode - - path: /lib/systemd/system/promjoin.service - type: unit - permissions: '600' - data: |- - W1VuaXRdCkRlc2NyaXB0aW9uPVByb21lbmFkZSBJbml0aWFsaXphdGlvbiBTZXJ2aWNlCkFmdGVy - PW5ldHdvcmstb25saW5lLnRhcmdldCBsb2NhbC1mcy50YXJnZXQKQ29uZGl0aW9uUGF0aEV4aXN0 - cz0hL3Zhci9saWIvcHJvbS5kb25lCgpbU2VydmljZV0KVHlwZT1zaW1wbGUKRXhlY1N0YXJ0PS9v - cHQvcHJvbWpvaW4uc2gKCltJbnN0YWxsXQpXYW50ZWRCeT1tdWx0aS11c2VyLnRhcmdldAo= - data_pipeline: - - base64_decode - - utf8_decode -{% endraw %} -... diff --git a/site_type/sriov/templates/baremetal/rack.j2 b/site_type/sriov/templates/baremetal/rack.j2 deleted file mode 100644 index d265d78..0000000 --- a/site_type/sriov/templates/baremetal/rack.j2 +++ /dev/null @@ -1,108 +0,0 @@ -{% for server in yaml.masters %} ---- -############################################################################## -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## -schema: 'drydock/BaremetalNode/v1' -metadata: - schema: 'metadata/Document/v1' - name: {{server.name}} - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - host_profile: ControlPlane - # the hostname for a server, could be used in multiple DNS domains to - # represent different interfaces - addressing: - # Which network the address applies to. If a network appears in addressing - # that isn't assigned to an interface, design validation will fail - - network: oob - address: {{server.oob}} - - network: pxe - # The address assigned. Either a explicit IPv4 or IPv6 address - # or dhcp or slaac - address: {{server.pxe}} - - network: oam - address: {{server.host}} - - network: storage - address: {{server.storage}} - - network: overlay - address: {{server.neutron}} - - network: calico - address: {{server.ksn}} - metadata: - rack: RACK01 - tags: - - 'masters' -{% if 'platform' in yaml %} - platform: - kernel_params: -{% for key, value in yaml.platform.kernel_params.items() %} - {{key}}: '{{value}}' -{% endfor %} -{% if 'vcpu_pin_set' in yaml.platform %} - isolcpus: '{{yaml.platform.vcpu_pin_set}}' -{% endif %} -{% endif %} -{% endfor %} -{% if 'workers' in yaml %}{% for server in yaml.workers %} ---- -schema: 'drydock/BaremetalNode/v1' -metadata: - schema: 'metadata/Document/v1' - name: {{server.name}} - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - host_profile: ComputePlane - # the hostname for a server, could be used in multiple DNS domains to - # represent different interfaces - addressing: - # Which network the address applies to. If a network appears in addressing - # that isn't assigned to an interface, design validation will fail - - network: oob - address: {{server.oob}} - - network: pxe - # The address assigned. Either a explicit IPv4 or IPv6 address - # or dhcp or slaac - address: {{server.pxe}} - - network: oam - address: {{server.host}} - - network: storage - address: {{server.storage}} - - network: overlay - address: {{server.neutron}} - - network: calico - address: {{server.ksn}} - metadata: - rack: RACK01 - tags: - - 'workers' -{% if 'platform' in yaml %} - platform: - kernel_params: -{% for key, value in yaml.platform.kernel_params.items() %} - {{key}}: '{{value}}' -{% endfor %} -{% if 'vcpu_pin_set' in yaml.platform %} - isolcpus: '{{yaml.platform.vcpu_pin_set}}' -{% endif %} -{% endif %} -{% endfor %}{% endif %} -... diff --git a/site_type/sriov/templates/networks/common-addresses.j2 b/site_type/sriov/templates/networks/common-addresses.j2 deleted file mode 100644 index 95cd802..0000000 --- a/site_type/sriov/templates/networks/common-addresses.j2 +++ /dev/null @@ -1,104 +0,0 @@ ---- -############################################################################## -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -schema: pegleg/CommonAddresses/v1 -metadata: - schema: metadata/Document/v1 - name: common-addresses - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - calico: - ip_autodetection_method: interface={{yaml.networks.ksn.interface}} - etcd: - service_ip: 10.96.232.136 - - dns: - cluster_domain: cluster.local - service_ip: 10.96.0.10 - upstream_servers: -{% for server in yaml.dns.upstream_servers %} - - {{server}} -{% endfor %} - upstream_servers_joined: '{{yaml.dns.upstream_servers|batch(2)|first|join(',')}}' - ingress_domain: {{yaml.dns.ingress_domain}} - genesis: - hostname: {{yaml.genesis.name}} - ip: {{yaml.genesis.ksn}} - - bootstrap: - ip: {{yaml.genesis.pxe}} - - kubernetes: - api_service_ip: {{yaml.kubernetes.api_service_ip}} - etcd_service_ip: {{yaml.kubernetes.etcd_service_ip}} - pod_cidr: {{yaml.kubernetes.pod_cidr}} - service_cidr: {{yaml.kubernetes.service_cidr}} - apiserver_port: 6443 - haproxy_port: 6553 - service_node_port_range: 30000-32767 - - etcd: - container_port: 2379 - haproxy_port: 2378 - - masters: -{% for master in yaml.masters %} - - hostname: {{master.name}} -{% endfor %} - - proxy: - http: "" - https: "" - no_proxy: [] - - node_ports: - drydock_api: 30000 - maas_api: 30001 - maas_proxy: 31800 # hardcoded in MAAS - shipyard_api: 30003 - airflow_web: 30004 - - ntp: - servers_joined: '0.ubuntu.pool.ntp.org,1.ubuntu.pool.ntp.org,2.ubuntu.pool.ntp.org' - - # Used for FQDN setup/definition - domain: - url: {{yaml.site_name}}.lab.akraino.org - - ldap: - base_url: 'its-a-ldap.example.com' - url: 'ldap://its-a-ldap.example.com' - auth_path: DC=test,DC=test,DC=com?sAMAccountName?sub?memberof=CN=test,OU=Application,OU=Groups,DC=test,DC=test,DC=com - common_name: AP-NC_Test_Users - subdomain: testitservices - domain: example - - storage: - ceph: - public_cidr: '{{yaml.networks.storage.cidr}}' - cluster_cidr: '{{yaml.networks.storage.cidr}}' - - neutron: - tunnel_device: '{{yaml.networks.neutron.interface}}' - external_iface: '{{yaml.networks.primary}}' - - openvswitch: - external_iface: '{{yaml.networks.primary}}' -... diff --git a/site_type/sriov/templates/networks/physical/rack.j2 b/site_type/sriov/templates/networks/physical/rack.j2 deleted file mode 100644 index 86e4441..0000000 --- a/site_type/sriov/templates/networks/physical/rack.j2 +++ /dev/null @@ -1,221 +0,0 @@ ---- -############################################################################## -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -schema: 'drydock/NetworkLink/v1' -metadata: - schema: 'metadata/Document/v1' - name: oob - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - labels: - noconfig: enabled - bonding: - mode: disabled - mtu: 9000 - linkspeed: auto - trunking: - mode: disabled - default_network: oob - allowed_networks: - - oob -... ---- -schema: 'drydock/Network/v1' -metadata: - schema: 'metadata/Document/v1' - name: oob - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - cidr: {{yaml.networks.oob.cidr}} - routes: - - subnet: '0.0.0.0/0' - gateway: {{yaml.networks.oob.routes.gateway}} - ranges: - - type: static - start: {{yaml.networks.oob.ranges.static.start}} - end: {{yaml.networks.oob.ranges.static.end}} -... ---- -schema: 'drydock/NetworkLink/v1' -metadata: - schema: 'metadata/Document/v1' - name: pxe - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - bonding: - mode: disabled - mtu: 9000 - linkspeed: auto - trunking: - mode: disabled - default_network: pxe - allowed_networks: - - pxe -... ---- -schema: 'drydock/Network/v1' -metadata: - schema: 'metadata/Document/v1' - name: pxe - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - cidr: {{yaml.networks.pxe.cidr}} - routes: - - subnet: '0.0.0.0/0' - gateway: {{yaml.networks.pxe.routes.gateway}} - ranges: - - type: reserved - start: {{yaml.networks.pxe.ranges.reserved.start}} - end: {{yaml.networks.pxe.ranges.reserved.end}} - - type: static - start: {{yaml.networks.pxe.ranges.static.start}} - end: {{yaml.networks.pxe.ranges.static.end}} - - type: dhcp - start: {{yaml.networks.pxe.ranges.dhcp.start}} - end: {{yaml.networks.pxe.ranges.dhcp.end}} - dns: - domain: {% if 'dns' in yaml.networks.pxe and 'domain' in yaml.networks.pxe.dns %}{{yaml.networks.pxe.dns.domain}} - {% else %}{{yaml.dns.domain}} - {% endif %} - servers: '{% if 'dns' in yaml.networks.pxe %}{{yaml.networks.pxe.dns.servers}}{% else %}{{yaml.dns.upstream_servers|join(' ')}}{% endif %}' -... ---- -schema: 'drydock/NetworkLink/v1' -metadata: - schema: 'metadata/Document/v1' - name: bond0 - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - bonding: -{% if yaml.networks.bonded %} - mode: 802.3ad - hash: layer3+4 - peer_rate: fast - mon_rate: 100 - up_delay: 1000 - down_delay: 3000 -{% else %} - mode: disabled -{% endif %} - mtu: 9000 - linkspeed: auto - trunking: - mode: 802.1q - allowed_networks: - - oam - - storage - - overlay - - calico -... ---- -schema: 'drydock/Network/v1' -metadata: - schema: 'metadata/Document/v1' - name: oam - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - vlan: '{{yaml.networks.host.vlan}}' - mtu: 9000 - cidr: {{yaml.networks.host.cidr}} - routes: - - subnet: '0.0.0.0/0' - gateway: {{yaml.networks.host.routes.gateway}} - ranges: - - type: reserved - start: {{yaml.networks.host.ranges.reserved.start}} - end: {{yaml.networks.host.ranges.reserved.end}} - - type: static - start: {{yaml.networks.host.ranges.static.start}} - end: {{yaml.networks.host.ranges.static.end}} - dns: - domain: {% if 'dns' in yaml.networks.host and 'domain' in yaml.networks.host.dns %}{{yaml.networks.host.dns.domain}} - {% else %}{{yaml.dns.domain}} - {% endif %} - servers: '{% if 'dns' in yaml.networks.host %}{{yaml.networks.host.dns.servers}}{% else %}{{yaml.dns.upstream_servers|join(' ')}}{% endif %}' -... ---- -schema: 'drydock/Network/v1' -metadata: - schema: 'metadata/Document/v1' - name: storage - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - vlan: '{{yaml.networks.storage.vlan}}' - mtu: 9000 - cidr: {{yaml.networks.storage.cidr}} - ranges: - - type: static - start: {{yaml.networks.storage.ranges.static.start}} - end: {{yaml.networks.storage.ranges.static.end}} -... ---- -schema: 'drydock/Network/v1' -metadata: - schema: 'metadata/Document/v1' - name: overlay - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - vlan: '{{yaml.networks.neutron.vlan}}' - mtu: 9000 - cidr: {{yaml.networks.neutron.cidr}} - ranges: - - type: static - start: {{yaml.networks.neutron.ranges.static.start}} - end: {{yaml.networks.neutron.ranges.static.end}} -... ---- -schema: 'drydock/Network/v1' -metadata: - schema: 'metadata/Document/v1' - name: calico - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - vlan: '{{yaml.networks.ksn.vlan}}' - mtu: 9000 - cidr: {{yaml.networks.ksn.cidr}} - ranges: - - type: static - start: {{yaml.networks.ksn.ranges.static.start}} - end: {{yaml.networks.ksn.ranges.static.end}} -... diff --git a/site_type/sriov/templates/profiles/hardware/generic.j2 b/site_type/sriov/templates/profiles/hardware/generic.j2 deleted file mode 100644 index 78ae3e2..0000000 --- a/site_type/sriov/templates/profiles/hardware/generic.j2 +++ /dev/null @@ -1,35 +0,0 @@ ---- -############################################################################## -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -schema: 'drydock/HardwareProfile/v1' -metadata: - schema: 'metadata/Document/v1' - name: DELL_HP_Generic - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - vendor: {{yaml.hardware.vendor}} - generation: '{{yaml.hardware.generation}}' - hw_version: '{{yaml.hardware.hw_version}}' - bios_version: '{{yaml.hardware.bios_version}}' - boot_mode: bios - bootstrap_protocol: pxe - pxe_interface: 0 - device_aliases: {} -... diff --git a/site_type/sriov/templates/profiles/host/compute-r01.j2 b/site_type/sriov/templates/profiles/host/compute-r01.j2 deleted file mode 100644 index fcaa3e1..0000000 --- a/site_type/sriov/templates/profiles/host/compute-r01.j2 +++ /dev/null @@ -1,118 +0,0 @@ ---- -############################################################################## -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -schema: drydock/HostProfile/v1 -metadata: - schema: metadata/Document/v1 - name: ComputePlane - storagePolicy: cleartext - labels: - hosttype: ComputePlane - layeringDefinition: - abstract: false - layer: site - substitutions: - - dest: - path: .oob.credential - src: - schema: deckhand/Passphrase/v1 - name: ipmi_admin_password - path: . -data: - hardware_profile: DELL_HP_Generic - oob: - type: 'ipmi' - network: 'oob' - account: '{{yaml.ipmi_admin.username}}' - primary_network: 'oam' - hardware_profile: DELL_HP_Generic - interfaces: - pxe: - device_link: pxe - slaves: - - '{{yaml.networks.pxe.interface}}' - networks: - - 'pxe' - bond0: - device_link: bond0 - slaves: -{% for slave in yaml.networks.slaves %} - - '{{ slave.name }}' -{% endfor %} - networks: - - 'oam' - - 'storage' - - 'overlay' - - 'calico' - p1p1: - slaves: - - 'sriov_nic01' - sriov: - vf_count: 32 # Currently ignored - trustedmode: false - p3p2: - slaves: - - 'sriov_nic02' - sriov: - vf_count: 32 # Currently ignored - trustedmode: false - storage: - physical_devices: -{% for disk in yaml.disks_compute %} - {{disk.name}}: - {% if 'labels' in disk %} - labels: - {% for key, value in disk.labels.items() %} - {{key}}: '{{value}}' - {% endfor %} - {% endif %} - partitions: - {% for p in disk.partitions %} - - name: '{{p.name}}' - size: '{{p.size}}' - filesystem: - mountpoint: '{{p.mountpoint}}' - fstype: 'ext4' - mount_options: 'defaults' - {% endfor %} -{% endfor %} - platform: - image: 'xenial' - kernel: 'hwe-16.04' - kernel_params: -{% if 'platform' in yaml and 'kernel_params' in yaml.platform %} -{% for key, value in yaml.platform.kernel_params.items() %} - {{key}}: '{{value}}' -{% endfor %} -{% else %} - console: 'ttyS1,115200n8' - intel_iommu: 'on' - iommu: 'pt' - amd_iommu: 'on' - transparent_hugepage: 'never' -{% endif %} -{% if 'platform' in yaml and 'vcpu_pin_set' in yaml.platform %} - isolcpus: '{{yaml.platform.vcpu_pin_set}}' -{% endif %} - metadata: - owner_data: - openstack-nova-compute: enabled - openvswitch: enabled - openstack-libvirt: kernel - sriov: enabled - beta.kubernetes.io/fluentd-ds-ready: 'true' -... diff --git a/site_type/sriov/templates/profiles/host/cp-r01.j2 b/site_type/sriov/templates/profiles/host/cp-r01.j2 deleted file mode 100644 index b88d621..0000000 --- a/site_type/sriov/templates/profiles/host/cp-r01.j2 +++ /dev/null @@ -1,168 +0,0 @@ ---- -############################################################################## -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -schema: drydock/HostProfile/v1 -metadata: - schema: metadata/Document/v1 - name: ControlPlane - storagePolicy: cleartext - labels: - hosttype: ControlPlane - layeringDefinition: - abstract: false - layer: site - substitutions: - - dest: - path: .oob.credential - src: - schema: deckhand/Passphrase/v1 - name: ipmi_admin_password - path: . -data: - oob: - type: 'ipmi' - network: 'oob' - account: '{{yaml.ipmi_admin.username}}' - primary_network: 'oam' - hardware_profile: DELL_HP_Generic - interfaces: - pxe: - device_link: pxe - slaves: - - '{{yaml.networks.pxe.interface}}' - networks: - - 'pxe' - bond0: - device_link: bond0 - slaves: -{% for slave in yaml.networks.slaves %} - - '{{ slave.name }}' -{% endfor %} - networks: - - 'oam' - - 'storage' - - 'overlay' - - 'calico' - p1p1: - slaves: - - 'sriov_nic01' - sriov: - vf_count: 32 # Currently ignored - trustedmode: false - p3p2: - slaves: - - 'sriov_nic02' - sriov: - vf_count: 32 # Currently ignored - trustedmode: false - storage: - physical_devices: -{% for disk in yaml.disks %} - {{disk.name}}: - {% if 'labels' in disk %} - labels: - {% for key, value in disk.labels.items() %} - {{key}}: '{{value}}' - {% endfor %} - {% endif %} - partitions: - {% for p in disk.partitions %} - - name: '{{p.name}}' - size: '{{p.size}}' - filesystem: - mountpoint: '{{p.mountpoint}}' - fstype: 'ext4' - mount_options: 'defaults' - {% endfor %} -{% endfor %} - platform: - image: 'xenial' - kernel: 'hwe-16.04' - kernel_params: -{% if 'platform' in yaml and 'kernel_params' in yaml.platform %} -{% for key, value in yaml.platform.kernel_params.items() %} - {{key}}: '{{value}}' -{% endfor %} -{% else %} - console: 'ttyS1,115200n8' - intel_iommu: 'on' - iommu: 'pt' - amd_iommu: 'on' - transparent_hugepage: 'never' -{% endif %} -{% if 'platform' in yaml and 'vcpu_pin_set' in yaml.platform %} - isolcpus: '{{yaml.platform.vcpu_pin_set}}' -{% endif %} - metadata: - owner_data: - control-plane: enabled - ucp-control-plane: enabled - openstack-control-plane: enabled - openstack-heat: enabled - openstack-keystone: enabled - openstack-rabbitmq: enabled - openstack-dns-helper: enabled - openstack-mariadb: enabled - openstack-nova-control: enabled - openstack-etcd: enabled - openstack-mistral: enabled - openstack-memcached: enabled - openstack-glance: enabled - openstack-horizon: enabled - openstack-cinder-control: enabled - openstack-cinder-volume: control - openstack-neutron: enabled - openstack-libvirt: kernel - openvswitch: enabled - openstack-nova-compute: enabled - ucp-barbican: enabled - ceph-bootstrap: enabled - ceph-mon: enabled - ceph-mgr: enabled - ceph-osd: enabled - ceph-mds: enabled - ceph-rgw: enabled - ucp-maas: enabled - kube-dns: enabled - kubernetes-apiserver: enabled - kubernetes-controller-manager: enabled - kubernetes-etcd: enabled - kubernetes-scheduler: enabled - tiller-helm: enabled - kube-etcd: enabled - calico-policy: enabled - calico-node: enabled - calico-etcd: enabled - ucp-armada: enabled - ucp-drydock: enabled - ucp-deckhand: enabled - ucp-shipyard: enabled - IAM: enabled - ucp-promenade: enabled - prometheus-server: enabled - prometheus-client: enabled - fluentd: enabled - influxdb: enabled - kibana: enabled - elasticsearch-client: enabled - elasticsearch-master: enabled - elasticsearch-data: enabled - postgresql: enabled - kube-ingress: enabled - sriov: enabled - beta.kubernetes.io/fluentd-ds-ready: 'true' -... diff --git a/site_type/sriov/templates/profiles/region.j2 b/site_type/sriov/templates/profiles/region.j2 deleted file mode 100644 index eaf838f..0000000 --- a/site_type/sriov/templates/profiles/region.j2 +++ /dev/null @@ -1,36 +0,0 @@ ---- -############################################################################## -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -schema: 'drydock/Region/v1' -metadata: - schema: 'metadata/Document/v1' - name: {{yaml.site_name}} - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext - substitutions: - - dest: - path: .authorized_keys[0] - src: - schema: deckhand/PublicKey/v1 - name: localadmin_ssh_public_key - path: . -data: - tag_definitions: [] - authorized_keys: [] -... diff --git a/site_type/sriov/templates/secrets/passphrases/ipmi_admin_password.j2 b/site_type/sriov/templates/secrets/passphrases/ipmi_admin_password.j2 deleted file mode 100644 index 1f0e8a2..0000000 --- a/site_type/sriov/templates/secrets/passphrases/ipmi_admin_password.j2 +++ /dev/null @@ -1,27 +0,0 @@ ---- -############################################################################## -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ipmi_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: '{{yaml.ipmi_admin.password}}' -... diff --git a/site_type/sriov/templates/site-definition.j2 b/site_type/sriov/templates/site-definition.j2 deleted file mode 100644 index bf44d95..0000000 --- a/site_type/sriov/templates/site-definition.j2 +++ /dev/null @@ -1,29 +0,0 @@ ---- -############################################################################## -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -schema: pegleg/SiteDefinition/v1 -metadata: - schema: metadata/Document/v1 - layeringDefinition: - abstract: false - layer: site - name: {{yaml.site_name}} - storagePolicy: cleartext -data: - revision: v4.0 - site_type: foundry -... diff --git a/site_type/sriov/templates/software/charts/kubernetes/container-networking/calico.j2 b/site_type/sriov/templates/software/charts/kubernetes/container-networking/calico.j2 deleted file mode 100644 index 7b14a5d..0000000 --- a/site_type/sriov/templates/software/charts/kubernetes/container-networking/calico.j2 +++ /dev/null @@ -1,64 +0,0 @@ ---- -############################################################################## -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - replacement: true - name: kubernetes-calico - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: kubernetes-calico-global - actions: - - method: merge - path: . - storagePolicy: cleartext -data: - values: - networking: - settings: -{% if ('peers' in yaml.networks.ksn and yaml.networks.ksn.peers is not none and yaml.networks.ksn.peers is iterable ) %} - mesh: "off" -{% else %} - mesh: "on" -{% endif %} - ippool: - ipip: - enabled: "false" - mode: "cross-subnet" - bgp: - asnumber: {{yaml.networks.ksn.local_asnumber}} - ipv4: - additional_cidrs: -{% for add_cidr in yaml.networks.ksn.additional_cidrs %} - - {{add_cidr}} -{% endfor %} -{% if ('peers' in yaml.networks.ksn and yaml.networks.ksn.peers is not none and yaml.networks.ksn.peers is iterable ) %} - peers: -{% for peer in yaml.networks.ksn.peers %} - - apiVersion: v1 - kind: bgpPeer - metadata: - peerIP: {{peer.ip}} - scope: {{peer.scope}} - spec: - asnumber: {{peer.asnumber}} -{% endfor %} -{% endif %} -... diff --git a/site_type/sriov/templates/software/charts/kubernetes/container-networking/etcd.j2 b/site_type/sriov/templates/software/charts/kubernetes/container-networking/etcd.j2 deleted file mode 100644 index d9b4f9b..0000000 --- a/site_type/sriov/templates/software/charts/kubernetes/container-networking/etcd.j2 +++ /dev/null @@ -1,169 +0,0 @@ ---- -############################################################################## -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-calico-etcd - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: kubernetes-calico-etcd-global - actions: - - method: merge - path: . - storagePolicy: cleartext - substitutions: - - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.calico.etcd - dest: - path: .source - - # Image versions - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.calico.etcd - dest: - path: .values.images.tags - - # IP addresses - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .calico.etcd.service_ip - dest: - path: .values.service.ip - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .calico.etcd.service_ip - dest: - path: .values.anchor.etcdctl_endpoint - - # CAs - - src: - schema: deckhand/CertificateAuthority/v1 - name: calico-etcd - path: . - dest: - path: .values.secrets.tls.client.ca - - src: - schema: deckhand/CertificateAuthority/v1 - name: calico-etcd-peer - path: . - dest: - path: .values.secrets.tls.peer.ca - - # Anchor client cert - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-anchor - path: . - dest: - path: .values.secrets.anchor.tls.cert - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-anchor - path: . - dest: - path: .values.secrets.anchor.tls.key - - # Node names -{% set count = [0] %} -{% for server in yaml.masters %} - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .masters[{{count[0]}}].hostname - dest: - path: .values.nodes[{{count[0]}}].name - {% if count.append(count.pop() + 1) %}{% endif %} -{% endfor %} - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .genesis.hostname - dest: - path: .values.nodes[{{count[0]}}].name - - # Server certs -{% set count = [0] %} -{% for server in yaml.masters %} - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-{{server.name}} - path: . - dest: - path: .values.nodes[{{count[0]}}].tls.client.cert - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-{{server.name}} - path: . - dest: - path: .values.nodes[{{count[0]}}].tls.client.key - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-{{server.name}}-peer - path: . - dest: - path: .values.nodes[{{count[0]}}].tls.peer.cert - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-{{server.name}}-peer - path: . - dest: - path: .values.nodes[{{count[0]}}].tls.peer.key - {% if count.append(count.pop() + 1) %}{% endif %} -{% endfor %} - - # NOTE(mb874d): Be sure we generate these certs for genesis. - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-{{yaml.genesis.name}} - path: . - dest: - path: .values.nodes[{{count[0]}}].tls.client.cert - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-{{yaml.genesis.name}} - path: . - dest: - path: .values.nodes[{{count[0]}}].tls.client.key - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-{{yaml.genesis.name}}-peer - path: . - dest: - path: .values.nodes[{{count[0]}}].tls.peer.cert - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-{{yaml.genesis.name}}-peer - path: . - dest: - path: .values.nodes[{{count[0]}}].tls.peer.key - -data: - values: - manifests: - test_etcd_health: false -... diff --git a/site_type/sriov/templates/software/charts/kubernetes/etcd/etcd.j2 b/site_type/sriov/templates/software/charts/kubernetes/etcd/etcd.j2 deleted file mode 100644 index 9cc4322..0000000 --- a/site_type/sriov/templates/software/charts/kubernetes/etcd/etcd.j2 +++ /dev/null @@ -1,165 +0,0 @@ ---- -############################################################################## -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-etcd - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: kubernetes-etcd-global - actions: - - method: merge - path: . - storagePolicy: cleartext - substitutions: - - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.etcd - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.etcd - dest: - path: .values.images.tags - - # IP addresses - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.etcd_service_ip - dest: - path: .values.service.ip - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.etcd_service_ip - dest: - path: .values.anchor.etcdctl_endpoint - - # CAs - - src: - schema: deckhand/CertificateAuthority/v1 - name: kubernetes-etcd - path: . - dest: - path: .values.secrets.tls.client.ca - - src: - schema: deckhand/CertificateAuthority/v1 - name: kubernetes-etcd-peer - path: . - dest: - path: .values.secrets.tls.peer.ca - - - src: - schema: deckhand/Certificate/v1 - name: kubernetes-etcd-anchor - path: . - dest: - path: .values.secrets.anchor.tls.cert - - src: - schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-anchor - path: . - dest: - path: .values.secrets.anchor.tls.key - - # Node names -{% set count = [0] %} -{% for server in yaml.masters %} - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .masters[{{count[0]}}].hostname - dest: - path: .values.nodes[{{count[0]}}].name - {% if count.append(count.pop() + 1) %}{% endif %} -{% endfor %} - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .genesis.hostname - dest: - path: .values.nodes[{{count[0]}}].name - - # Server certs -{% set count = [0] %} -{% for server in yaml.masters %} - - src: - schema: deckhand/Certificate/v1 - name: kubernetes-etcd-{{server.name}} - path: . - dest: - path: .values.nodes[{{count[0]}}].tls.client.cert - - src: - schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-{{server.name}} - path: . - dest: - path: .values.nodes[{{count[0]}}].tls.client.key - - src: - schema: deckhand/Certificate/v1 - name: kubernetes-etcd-{{server.name}}-peer - path: . - dest: - path: .values.nodes[{{count[0]}}].tls.peer.cert - - src: - schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-{{server.name}}-peer - path: . - dest: - path: .values.nodes[{{count[0]}}].tls.peer.key - {% if count.append(count.pop() + 1) %}{% endif %} -{% endfor %} - - # Genesis node - - src: - schema: deckhand/Certificate/v1 - name: kubernetes-etcd-genesis - path: . - dest: - path: .values.nodes[{{count[0]}}].tls.client.cert - - src: - schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-genesis - path: . - dest: - path: .values.nodes[{{count[0]}}].tls.client.key - - src: - schema: deckhand/Certificate/v1 - name: kubernetes-etcd-genesis-peer - path: . - dest: - path: .values.nodes[{{count[0]}}].tls.peer.cert - - src: - schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-genesis-peer - path: $ - dest: - path: .values.nodes[{{count[0]}}].tls.peer.key - -data: {} -... diff --git a/site_type/sriov/templates/software/charts/kubernetes/ingress/ingress.j2 b/site_type/sriov/templates/software/charts/kubernetes/ingress/ingress.j2 deleted file mode 100644 index d7121cb..0000000 --- a/site_type/sriov/templates/software/charts/kubernetes/ingress/ingress.j2 +++ /dev/null @@ -1,32 +0,0 @@ ---- -############################################################################## -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ingress-kube-system - layeringDefinition: - abstract: false - layer: site - parentSelector: - ingress: kube-system - actions: - - method: merge - path: . - storagePolicy: cleartext -data: {} -... diff --git a/site_type/sriov/templates/software/charts/ucp/ceph/ceph-client-update.j2 b/site_type/sriov/templates/software/charts/ucp/ceph/ceph-client-update.j2 deleted file mode 100644 index 8f09f97..0000000 --- a/site_type/sriov/templates/software/charts/ucp/ceph/ceph-client-update.j2 +++ /dev/null @@ -1,37 +0,0 @@ ---- -############################################################################## -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-ceph-client-update - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: ucp-ceph-client-update-global - actions: - - method: merge - path: . - storagePolicy: cleartext -data: - values: - conf: - pool: - target: - osd: {{yaml.storage.total_osd_count}} -... diff --git a/site_type/sriov/templates/software/charts/ucp/ceph/ceph-client.j2 b/site_type/sriov/templates/software/charts/ucp/ceph/ceph-client.j2 deleted file mode 100644 index ec13391..0000000 --- a/site_type/sriov/templates/software/charts/ucp/ceph/ceph-client.j2 +++ /dev/null @@ -1,37 +0,0 @@ ---- -############################################################################## -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-ceph-client - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: ucp-ceph-client-global - actions: - - method: merge - path: . - storagePolicy: cleartext -data: - values: - conf: - pool: - target: - osd: {{yaml.storage.osd_count}} -... diff --git a/site_type/sriov/templates/software/charts/ucp/ceph/ceph-osd.j2 b/site_type/sriov/templates/software/charts/ucp/ceph/ceph-osd.j2 deleted file mode 100644 index ce786f3..0000000 --- a/site_type/sriov/templates/software/charts/ucp/ceph/ceph-osd.j2 +++ /dev/null @@ -1,46 +0,0 @@ ---- -############################################################################## -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-ceph-osd - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: ucp-ceph-osd-global - actions: - - method: replace - path: .values.conf.storage.osd - - method: merge - path: . - storagePolicy: cleartext -data: - values: - conf: - storage: - osd: -{% for osd in yaml.storage.osds %} - - data: - type: block-logical - location: {{osd.data}} - journal: - type: directory - location: {{osd.journal}} -{% endfor %} -... diff --git a/site_type/sriov/templates/software/charts/ucp/promenade/promenade.j2 b/site_type/sriov/templates/software/charts/ucp/promenade/promenade.j2 deleted file mode 100644 index 3ba5671..0000000 --- a/site_type/sriov/templates/software/charts/ucp/promenade/promenade.j2 +++ /dev/null @@ -1,40 +0,0 @@ ---- -############################################################################## -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-promenade - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: ucp-promenade-global - actions: - - method: merge - path: . - storagePolicy: cleartext -data: - values: - pod: - env: - promenade_api: - - name: no_proxy - value: localhost,127.0.0.1,192.168.0.0/16,172.0.0.0/8,10.0.0.0/8 - - name: NO_PROXY - value: localhost,127.0.0.1,192.168.0.0/16,172.0.0.0/8,10.0.0.0/8 -... diff --git a/tools/1prom-gen.sh b/tools/1prom-gen.sh index e3c8792..144b7aa 100755 --- a/tools/1prom-gen.sh +++ b/tools/1prom-gen.sh @@ -112,12 +112,91 @@ prepare_tar(){ tar cvf ./tars/promenade-bundle-$SITE.tar -C ./tars/$SITE . } -create_directories -get_site_config -gen_certs -gen_bundle -create_scripts -prepare_tar +#create_directories +#get_site_config +#gen_certs +#gen_bundle +#create_scripts +#prepare_tar + +( +echo "# Collecting config files in $AIRSHIP_TREASUREMAP/site/$SITE" +cd $AIRSHIP_TREASUREMAP +rm -rf $AIRSHIP_TREASUREMAP/${SITE}_collected +mkdir -p $AIRSHIP_TREASUREMAP/${SITE}_collected +$AIRSHIP_TREASUREMAP/tools/airship pegleg site -r /target collect $SITE -s ${SITE}_collected || true +) + +( +echo "# Rendering config files in $AIRSHIP_TREASUREMAP/site/$SITE" +cd $AIRSHIP_TREASUREMAP +$AIRSHIP_TREASUREMAP/tools/airship pegleg site -r /target render $SITE > ${SITE}_render.yaml || true +) + +( +echo "# Generating certs for $AIRSHIP_TREASUREMAP/site/$SITE" +cd $AIRSHIP_TREASUREMAP +rm -rf $AIRSHIP_TREASUREMAP/${SITE}_certs +mkdir -p $AIRSHIP_TREASUREMAP/${SITE}_certs +$AIRSHIP_TREASUREMAP/tools/airship promenade generate-certs -o /target/${SITE}_certs /target/${SITE}_collected/*.yaml +) + +( +echo "# Copying certs to $AIRSHIP_TREASUREMAP/site/$SITE" +cd $AIRSHIP_TREASUREMAP +mkdir -p $AIRSHIP_TREASUREMAP/site/${SITE}/secrets/certificates +cp $AIRSHIP_TREASUREMAP/${SITE}_certs/certificates.yaml $AIRSHIP_TREASUREMAP/site/${SITE}/secrets/certificates +) + +( +echo "# Collecting config files with certs in $AIRSHIP_TREASUREMAP/site/$SITE" +cd $AIRSHIP_TREASUREMAP +rm -rf $AIRSHIP_TREASUREMAP/${SITE}_collected +mkdir -p $AIRSHIP_TREASUREMAP/${SITE}_collected +$AIRSHIP_TREASUREMAP/tools/airship pegleg site -r /target collect $SITE -s ${SITE}_collected +) + +( +echo "# Generating Promenade bundle with $AIRSHIP_TREASUREMAP/${SITE}_collected" +cd $AIRSHIP_TREASUREMAP +rm -rf $AIRSHIP_TREASUREMAP/${SITE}_bundle +mkdir -p $AIRSHIP_TREASUREMAP/${SITE}_bundle +$AIRSHIP_TREASUREMAP/tools/airship promenade build-all --validators -o /target/${SITE}_bundle /target/${SITE}_collected/*.yaml +) + +( +echo "# Copying scripts to $AIRSHIP_TREASUREMAP/${SITE}_bundle" + #KEYSTONE_IMAGE=$(grep "keystone_db_sync: docker.io" $AIRSHIP_TREASUREMAP/global/software/config/versions.yaml | uniq | awk '{print $2}') + SHIPYARD_IMAGE=$(grep "shipyard_db_sync" $AIRSHIP_TREASUREMAP/global/software/config/versions.yaml | uniq | awk '{print $2}') + + DRYDOCK_PASSWORD=$(grep "^data:" $AIRSHIP_TREASUREMAP/site/$SITE/secrets/passphrases/ucp_drydock_keystone_password.yaml | awk '{print $2}') + SHIPYARD_PASSWORD=$(grep "^data:" $AIRSHIP_TREASUREMAP/site/$SITE/secrets/passphrases/ucp_shipyard_keystone_password.yaml | awk '{print $2}') + REGION_NAME=$SITE + + DEPLOY_SCRIPT=$AIRSHIP_TREASUREMAP/${SITE}_bundle/deploy_site.sh + IPTABLES_SCRIPT=$AIRSHIP_TREASUREMAP/${SITE}_bundle/update_iptables.sh + + cp $YAML_BUILDS/tools/deploy_site.sh $AIRSHIP_TREASUREMAP/${SITE}_bundle + sed -i -e "s,KEYSTONE_IMAGE=,KEYSTONE_IMAGE=$KEYSTONE_IMAGE,g" $DEPLOY_SCRIPT + sed -i -e "s,SHIPYARD_IMAGE=,SHIPYARD_IMAGE=$SHIPYARD_IMAGE,g" $DEPLOY_SCRIPT + sed -i -e "s/DRYDOCK_PASSWORD=/DRYDOCK_PASSWORD=$DRYDOCK_PASSWORD/g" $DEPLOY_SCRIPT + sed -i -e "s/SHIPYARD_PASSWORD=/SHIPYARD_PASSWORD=$SHIPYARD_PASSWORD/g" $DEPLOY_SCRIPT + sed -i -e "s/REGION_NAME=/REGION_NAME=$REGION_NAME/g" $DEPLOY_SCRIPT + sed -i -e "s/{{yaml.genesis.host}}/$GENESIS_HOST/g" $DEPLOY_SCRIPT + + cp $YAML_BUILDS/tools/update_iptables.sh $AIRSHIP_TREASUREMAP/${SITE}_bundle + sed -i -e "s,HOST_INTERFACE=,HOST_INTERFACE=$HOST_INTERFACE,g" $IPTABLES_SCRIPT + sed -i -e "s,PXE_INTERFACE=,PXE_INTERFACE=$PXE_INTERFACE,g" $IPTABLES_SCRIPT + + cp $YAML_BUILDS/tools/cleanup.sh $AIRSHIP_TREASUREMAP/${SITE}_bundle +) + +( + echo "# Generating Promenade tar bundle $YAML_BUILDS/tars/promenade-bundle-$SITE.tar" + mkdir -p $YAML_BUILDS/tars + rm -f $YAML_BUILDS/tars/promenade-bundle-$SITE.tar + tar cvf $YAML_BUILDS/tars/promenade-bundle-$SITE.tar -C $AIRSHIP_TREASUREMAP/${SITE}_bundle . +) exec 2>&- exec 1>&- diff --git a/tools/2genesis.sh b/tools/2genesis.sh index b4065ac..0da6f92 100755 --- a/tools/2genesis.sh +++ b/tools/2genesis.sh @@ -58,7 +58,7 @@ ssh $GENESIS_HOST << EOF tar -xmf promenade-bundle-$SITE.tar EOF # Update BIOS Setting -python $YAML_BUILDS/scripts/update_bios_settings.py $SITE.yaml +#python $YAML_BUILDS/scripts/update_bios_settings.py $SITE.yaml exec 2>&- exec 1>&- diff --git a/tools/3deploy_site.sh b/tools/3deploy_site.sh index 06a95b0..34fb3dc 100755 --- a/tools/3deploy_site.sh +++ b/tools/3deploy_site.sh @@ -39,14 +39,14 @@ source $(dirname $0)/env_$SITE.sh ssh $GENESIS_HOST << EOF cd /root/akraino - bash configs/promenade-bundle/genesis.sh + bash genesis.sh # Shipyard takes time to really come up and start responding. date sleep 900 # Following is a workaround, tested on dell servers. # TODO to be removed when not required. bash update_iptables.sh - bash deploy_site.sh + #bash deploy_site.sh EOF exec 2>&- diff --git a/tools/generate_yamls.sh b/tools/generate_yamls.sh index 65adf90..9187e85 100755 --- a/tools/generate_yamls.sh +++ b/tools/generate_yamls.sh @@ -40,6 +40,12 @@ echo "#######################################" python ./scripts/jcopy.py $SITE.yaml ./tools/j2/set_site_env.sh ./tools/env_$SITE.sh source ./tools/env_$SITE.sh +if [ ! -d "$AIRSHIP_TREASUREMAP" ] && [ -f "${AIRSHIP_TREASUREMAP}.tgz" ]; then + echo "Expanding [${AIRSHIP_TREASUREMAP}.tgz] to directory [$AIRSHIP_TREASUREMAP]." + mkdir -p "$AIRSHIP_TREASUREMAP" + tar xzvf "${AIRSHIP_TREASUREMAP}.tgz" --strip-components=1 -C "$AIRSHIP_TREASUREMAP" +fi + if [ ! -d "$AIRSHIP_TREASUREMAP" ]; then echo "ERROR: Missing AIRSHIP_TREASUREMAP directory [$AIRSHIP_TREASUREMAP]." exit -1 @@ -50,5 +56,27 @@ if [ ! -d "$AIRSHIP_TEMPLATES" ]; then exit -1 fi +echo "# Generating templates to $YAML_BUILDS/site/$SITE" +rm -rf $YAML_BUILDS/site/$SITE +mkdir -p $YAML_BUILDS/site/$SITE python ./scripts/jcopy.py $SITE.yaml $AIRSHIP_TEMPLATES $YAML_BUILDS/site/$SITE -cp -r site/common/* site/$SITE/ + +echo "# Merging config files to $AIRSHIP_TREASUREMAP/site/$SITE" +rm -rf $AIRSHIP_TREASUREMAP/site/$SITE +mkdir -p $AIRSHIP_TREASUREMAP/site/$SITE + +cp -r $AIRSHIP_TREASUREMAP/site/seaworthy/* $AIRSHIP_TREASUREMAP/site/$SITE +cp -r $YAML_BUILDS/site/$SITE/* $AIRSHIP_TREASUREMAP/site/$SITE + +CONFIG_COUNT=`find $AIRSHIP_TREASUREMAP/site/$SITE -type f | wc -l` +echo "#######################################" +echo "# Created site $AIRSHIP_TREASUREMAP/site/$SITE with $CONFIG_COUNT config files" +echo "#######################################" + +( +echo "# Linting config files in $AIRSHIP_TREASUREMAP/site/$SITE" +cd $AIRSHIP_TREASUREMAP +$AIRSHIP_TREASUREMAP/tools/airship pegleg site -r /target lint $SITE -x P001 -x P005 || true +) + +echo "#######################################" diff --git a/tools/j2/serverrc.j2 b/tools/j2/serverrc.j2 index 0356fd3..bb7686b 100644 --- a/tools/j2/serverrc.j2 +++ b/tools/j2/serverrc.j2 @@ -33,16 +33,16 @@ SRV_MAC={{yaml.genesis.mac_address}} {% endif %} # the boot device is the device name on which the OS will be loaded -SRV_BOOT_DEVICE={{yaml.disks[0].name}} -SRV_CEPH_DEVICE={{yaml.disks[1].name}} +SRV_BOOT_DEVICE={{yaml.hardware.device_aliases|selectattr('key', 'equalto', 'bootdisk') | map(attribute='name')|first|replace("/dev/","")}} +SRV_CEPH_DEVICE={{yaml.hardware.device_aliases|selectattr('key', 'equalto', 'cephjournal1') | map(attribute='name')|first|replace("/dev/","")}} # ipxe script to use - based on the os version and kernel to install # valid options are script-hwe-16.04.6-amd64.ipxe or script-16.04.6-amd64.ipxe SRV_BLD_SCRIPT=script-hwe-16.04.6-amd64.ipxe # template xml file to set bios and raid configuration settings -SRV_BIOS_TEMPLATE={% if 'bios_template' in yaml.genesis %}{{yaml.genesis.bios_template}} - {% else %}{{yaml.hardware.bios_template}} +SRV_BIOS_TEMPLATE={% if 'bios_template' in yaml.genesis %}{{yaml.genesis.bios_template|default("",true)}} + {% else %}{{yaml.hardware.bios_template|default("",true)}} {% endif %} SRV_BOOT_TEMPLATE={% if 'boot_template' in yaml.genesis %}{{yaml.genesis.boot_template}} {% else %}{{yaml.hardware.boot_template}} diff --git a/tools/j2/set_site_env.sh b/tools/j2/set_site_env.sh index 3b2936c..bfb62dc 100755 --- a/tools/j2/set_site_env.sh +++ b/tools/j2/set_site_env.sh @@ -18,18 +18,10 @@ {% if 'site_type' in yaml %} export SITE_TYPE={{yaml.site_type}} echo SITE_TYPE=$SITE_TYPE -export AIRSHIP_TREASUREMAP=/opt/akraino/yaml_builds/site_type/{{yaml.site_type}}/airship-treasuremap +export AIRSHIP_TREASUREMAP=/opt/akraino/yaml_builds/site_type/{{yaml.site_type}}/treasuremap echo AIRSHIP_TREASUREMAP=$AIRSHIP_TREASUREMAP export AIRSHIP_TEMPLATES=/opt/akraino/yaml_builds/site_type/{{yaml.site_type}}/templates/ echo AIRSHIP_TEMPLATES=$AIRSHIP_TEMPLATES -{% else %} -# ASSUME SRIOV FOR BACKWARD COMPATIBILITY -export SITE_TYPE=sriov -echo SITE_TYPE=$SITE_TYPE -export AIRSHIP_TREASUREMAP=/opt/akraino/yaml_builds/site_type/sriov/airship-treasuremap -echo AIRSHIP_TREASUREMAP=$AIRSHIP_TREASUREMAP -export AIRSHIP_TEMPLATES=/opt/akraino/yaml_builds/site_type/sriov/templates/ -echo AIRSHIP_TEMPLATES=$AIRSHIP_TEMPLATES {% endif %} export GENESIS_HOST={{yaml.genesis.host}} echo GENESIS_HOST=$GENESIS_HOST