From 969b27c95ac8ad9b79ebb8630fc916fad1b48314 Mon Sep 17 00:00:00 2001 From: Roman Gorshunov Date: Wed, 15 Apr 2020 10:54:01 +0200 Subject: [PATCH] Deprecate airship-in-a-bottle Change-Id: Iabd48994f97a7c58fe902216f831f51cb72115f0 --- .github/SECURITY.md | 9 - .gitignore | 10 - .zuul.yaml | 98 -- LICENSE | 201 ---- Makefile | 25 - README.md | 63 +- Vagrantfile | 87 -- .../global/common/layering-policy.yaml | 10 - .../schemas/pegleg/SiteDefinition/v1.yaml | 19 - .../bootactions/seccomp-profiles.yaml | 31 - .../global/v1.0demo/profiles/genesis.yaml | 121 -- .../v1.0demo/profiles/kubernetes-host.yaml | 127 -- .../profiles/security/seccomp_default.yaml | 787 ------------ .../v1.0demo/schemas/armada/Chart/v1.yaml | 12 - .../schemas/armada/ChartGroup/v1.yaml | 12 - .../v1.0demo/schemas/armada/Manifest/v1.yaml | 12 - .../schemas/drydock/BaremetalNode/v1.yaml | 164 --- .../schemas/drydock/BootAction/v1.yaml | 94 -- .../schemas/drydock/HardwareProfile/v1.yaml | 49 - .../schemas/drydock/HostProfile/v1.yaml | 155 --- .../v1.0demo/schemas/drydock/Network/v1.yaml | 71 -- .../schemas/drydock/NetworkLink/v1.yaml | 48 - .../v1.0demo/schemas/drydock/Rack/v1.yaml | 36 - .../v1.0demo/schemas/drydock/Region/v1.yaml | 31 - .../schemas/pegleg/AccountCatalogue/v1.yaml | 645 ---------- .../schemas/pegleg/AppArmorProfile/v1.yaml | 17 - .../schemas/pegleg/CommonAddresses/v1.yaml | 116 -- .../pegleg/CommonSoftwareConfig/v1.yaml | 15 - .../schemas/pegleg/EndpointCatalogue/v1.yaml | 143 --- .../schemas/pegleg/SeccompProfile/v1.yaml | 19 - .../schemas/pegleg/SoftwareVersions/v1.yaml | 1066 ----------------- .../v1.0demo/schemas/promenade/Docker/v1.yaml | 16 - .../schemas/promenade/Genesis/v1.yaml | 144 --- .../schemas/promenade/HostSystem/v1.yaml | 137 --- .../schemas/promenade/Kubelet/v1.yaml | 31 - .../promenade/KubernetesNetwork/v1.yaml | 117 -- .../schemas/promenade/KubernetesNode/v1.yaml | 47 - .../promenade/PKICatalog/PKICatalog.yaml | 43 - .../shipyard/DeploymentConfiguration/v1.yaml | 81 -- .../shipyard/DeploymentStrategy/v1.yaml | 74 -- .../container-networking/calico.yaml | 170 --- .../container-networking/chart-group.yaml | 15 - .../kubernetes/container-networking/etcd.yaml | 142 --- .../charts/kubernetes/core/apiserver.yaml | 169 --- .../charts/kubernetes/core/chart-group.yaml | 15 - .../kubernetes/core/controller-manager.yaml | 119 -- .../charts/kubernetes/core/scheduler.yaml | 96 -- .../charts/kubernetes/dns/chart-group.yaml | 13 - .../charts/kubernetes/dns/coredns.yaml | 120 -- .../charts/kubernetes/etcd/chart-group.yaml | 13 - .../software/charts/kubernetes/etcd/etcd.yaml | 136 --- .../kubernetes/haproxy/chart-group.yaml | 13 - .../charts/kubernetes/haproxy/haproxy.yaml | 101 -- .../kubernetes/ingress/chart-group.yaml | 13 - .../charts/kubernetes/ingress/ingress.yaml | 86 -- .../charts/kubernetes/proxy/chart-group.yaml | 14 - .../kubernetes/proxy/kubernetes-proxy.yaml | 68 -- .../chart-group-infra.yaml | 16 - .../chart-group-shared.yaml | 17 - .../osh/component-infrastructure/glance.yaml | 99 -- .../osh/component-infrastructure/heat.yaml | 108 -- .../osh/component-infrastructure/horizon.yaml | 79 -- .../component-infrastructure/keystone.yaml | 104 -- .../osh/component-infrastructure/mariadb.yaml | 72 -- .../component-infrastructure/memcached.yaml | 67 -- .../component-infrastructure/rabbitmq.yaml | 69 -- .../charts/osh/compute-kit/chart-group.yaml | 17 - .../charts/osh/compute-kit/libvirt.yaml | 66 - .../charts/osh/compute-kit/neutron.yaml | 130 -- .../software/charts/osh/compute-kit/nova.yaml | 144 --- .../charts/osh/compute-kit/openvswitch.yaml | 67 -- .../charts/osh/ingress/chart-group.yaml | 14 - .../software/charts/osh/ingress/ingress.yaml | 62 - .../software/charts/ucp/armada/armada.yaml | 123 -- .../charts/ucp/armada/chart-group.yaml | 15 - .../software/charts/ucp/armada/tiller.yaml | 70 -- .../software/charts/ucp/core/chart-group.yaml | 17 - .../software/charts/ucp/core/ingress.yaml | 76 -- .../software/charts/ucp/core/mariadb.yaml | 109 -- .../software/charts/ucp/core/postgresql.yaml | 101 -- .../software/charts/ucp/core/rabbitmq.yaml | 114 -- .../charts/ucp/deckhand/barbican.yaml | 188 --- .../charts/ucp/deckhand/chart-group.yaml | 16 - .../charts/ucp/deckhand/deckhand.yaml | 178 --- .../charts/ucp/divingbell/chart-group.yaml | 13 - .../charts/ucp/divingbell/divingbell.yaml | 93 -- .../charts/ucp/drydock/chart-group.yaml | 14 - .../software/charts/ucp/drydock/drydock.yaml | 180 --- .../software/charts/ucp/drydock/maas.yaml | 196 --- .../charts/ucp/keystone/chart-group.yaml | 14 - .../charts/ucp/keystone/keystone.yaml | 168 --- .../charts/ucp/keystone/memcached.yaml | 80 -- .../charts/ucp/promenade/chart-group.yaml | 13 - .../charts/ucp/promenade/promenade.yaml | 130 -- .../charts/ucp/services-chart-group.yaml | 21 - .../charts/ucp/shipyard/chart-group.yaml | 13 - .../charts/ucp/shipyard/shipyard.yaml | 306 ----- .../ucp/storage_provisioner/chart-group.yaml | 18 - .../ucp/storage_provisioner/nfs-prov.yaml | 85 -- .../v1.0demo/software/config/Docker.yaml | 16 - .../v1.0demo/software/config/Kubelet.yaml | 35 - .../v1.0demo/software/config/endpoints.yaml | 268 ----- .../software/config/service_accounts.yaml | 127 -- .../v1.0demo/software/config/versions.yaml | 719 ----------- .../software/manifests/bootstrap.yaml | 23 - .../software/manifests/full-site.yaml | 27 - .../deployment/deploymentConfiguration.yaml | 30 - .../demo/deployment/dev-configurables.yaml | 10 - .../site/demo/networks/common-addresses.yaml | 105 -- .../site/demo/pki/pki-catalog.yaml | 181 --- .../ceph_swift_keystone_password.yaml | 11 - .../passphrases/ipmi_admin_password.yaml | 11 - .../passphrases/maas_region_secret.yaml | 11 - .../ucp_airflow_oslo_messaging_password.yaml | 11 - .../ucp_airflow_postgres_password.yaml | 11 - .../ucp_armada_keystone_password.yaml | 11 - .../ucp_barbican_keystone_password.yaml | 11 - .../ucp_barbican_oslo_db_password.yaml | 11 - .../ucp_deckhand_keystone_password.yaml | 11 - .../ucp_deckhand_postgres_password.yaml | 11 - .../ucp_drydock_keystone_password.yaml | 11 - .../ucp_drydock_postgres_password.yaml | 11 - .../ucp_keystone_admin_password.yaml | 11 - .../ucp_keystone_oslo_db_password.yaml | 11 - .../passphrases/ucp_maas_admin_password.yaml | 11 - .../ucp_maas_postgres_password.yaml | 11 - .../ucp_oslo_db_admin_password.yaml | 11 - .../ucp_oslo_messaging_password.yaml | 11 - .../ucp_postgres_admin_password.yaml | 11 - .../ucp_promenade_keystone_password.yaml | 11 - .../ucp_rabbitmq_erlang_cookie.yaml | 11 - .../ucp_shipyard_keystone_password.yaml | 11 - .../ucp_shipyard_postgres_password.yaml | 11 - .../site/demo/site-definition.yaml | 11 - .../kubernetes/container-networking/etcd.yaml | 122 -- .../software/charts/kubernetes/etcd/etcd.yaml | 121 -- .../charts/kubernetes/ingress/ingress.yaml | 33 - .../software/charts/ucp/drydock/maas.yaml | 30 - .../deployment/deploymentConfiguration.yaml | 30 - .../deployment/dev-configurables.yaml | 10 - .../dev-proxy/networks/common-addresses.yaml | 105 -- .../site/dev-proxy/pki/pki-catalog.yaml | 181 --- .../ceph_swift_keystone_password.yaml | 11 - .../passphrases/ipmi_admin_password.yaml | 11 - .../passphrases/maas_region_secret.yaml | 11 - .../ucp_airflow_oslo_messaging_password.yaml | 11 - .../ucp_airflow_postgres_password.yaml | 11 - .../ucp_armada_keystone_password.yaml | 11 - .../ucp_barbican_keystone_password.yaml | 11 - .../ucp_barbican_oslo_db_password.yaml | 11 - .../ucp_deckhand_keystone_password.yaml | 11 - .../ucp_deckhand_postgres_password.yaml | 11 - .../ucp_drydock_keystone_password.yaml | 11 - .../ucp_drydock_postgres_password.yaml | 11 - .../ucp_keystone_admin_password.yaml | 11 - .../ucp_keystone_oslo_db_password.yaml | 11 - .../passphrases/ucp_maas_admin_password.yaml | 11 - .../ucp_maas_postgres_password.yaml | 11 - .../ucp_oslo_db_admin_password.yaml | 11 - .../ucp_oslo_messaging_password.yaml | 11 - .../ucp_postgres_admin_password.yaml | 11 - .../ucp_promenade_keystone_password.yaml | 11 - .../ucp_rabbitmq_erlang_cookie.yaml | 11 - .../ucp_shipyard_keystone_password.yaml | 11 - .../ucp_shipyard_postgres_password.yaml | 11 - .../site/dev-proxy/site-definition.yaml | 11 - .../kubernetes/container-networking/etcd.yaml | 122 -- .../software/charts/kubernetes/etcd/etcd.yaml | 121 -- .../ucp/storage_provisioner/chart-group.yaml | 18 - .../ucp/storage_provisioner/nfs-prov.yaml | 85 -- .../deployment/deploymentConfiguration.yaml | 30 - .../dev/deployment/dev-configurables.yaml | 10 - .../site/dev/networks/common-addresses.yaml | 105 -- .../site/dev/pki/pki-catalog.yaml | 181 --- .../ceph_swift_keystone_password.yaml | 11 - .../passphrases/ipmi_admin_password.yaml | 11 - .../passphrases/maas_region_secret.yaml | 11 - .../ucp_airflow_oslo_messaging_password.yaml | 11 - .../ucp_airflow_postgres_password.yaml | 11 - .../ucp_armada_keystone_password.yaml | 11 - .../ucp_barbican_keystone_password.yaml | 11 - .../ucp_barbican_oslo_db_password.yaml | 11 - .../ucp_deckhand_keystone_password.yaml | 11 - .../ucp_deckhand_postgres_password.yaml | 11 - .../ucp_drydock_keystone_password.yaml | 11 - .../ucp_drydock_postgres_password.yaml | 11 - .../ucp_keystone_admin_password.yaml | 11 - .../ucp_keystone_oslo_db_password.yaml | 11 - .../passphrases/ucp_maas_admin_password.yaml | 11 - .../ucp_maas_postgres_password.yaml | 11 - .../ucp_oslo_db_admin_password.yaml | 11 - .../ucp_oslo_messaging_password.yaml | 11 - .../ucp_postgres_admin_password.yaml | 11 - .../ucp_promenade_keystone_password.yaml | 11 - .../ucp_rabbitmq_erlang_cookie.yaml | 11 - .../ucp_shipyard_keystone_password.yaml | 11 - .../ucp_shipyard_postgres_password.yaml | 11 - .../site/dev/site-definition.yaml | 11 - .../kubernetes/container-networking/etcd.yaml | 122 -- .../software/charts/kubernetes/etcd/etcd.yaml | 121 -- .../ucp/storage_provisioner/chart-group.yaml | 18 - .../ucp/storage_provisioner/nfs-prov.yaml | 77 -- .../gate-multinode/baremetal/bootactions.yaml | 34 - .../site/gate-multinode/baremetal/nodes.yaml | 58 - .../deployment/deployStrat.yaml | 26 - .../deployment/deploymentConfiguration.yaml | 31 - .../deployment/dev-configurables.yaml | 13 - .../networks/common-addresses.yaml | 63 - .../networks/physical/network.yaml | 49 - .../site/gate-multinode/pki/pki-catalog.yaml | 271 ----- .../profile/hardware/generic_vm.yaml | 23 - .../gate-multinode/profile/host/defaults.yaml | 49 - .../site/gate-multinode/profile/region.yaml | 21 - .../ceph_swift_keystone_password.yaml | 11 - .../passphrases/ipmi_admin_password.yaml | 11 - .../passphrases/maas_region_secret.yaml | 11 - .../ucp_airflow_oslo_messaging_password.yaml | 11 - .../ucp_airflow_postgres_password.yaml | 11 - .../ucp_armada_keystone_password.yaml | 11 - .../ucp_barbican_keystone_password.yaml | 11 - .../ucp_barbican_oslo_db_password.yaml | 11 - .../ucp_deckhand_keystone_password.yaml | 11 - .../ucp_deckhand_postgres_password.yaml | 11 - .../ucp_drydock_keystone_password.yaml | 11 - .../passphrases/ucp_drydock_kvm_ssh_key.yaml | 38 - .../ucp_drydock_postgres_password.yaml | 11 - .../ucp_keystone_admin_password.yaml | 11 - .../ucp_keystone_oslo_db_password.yaml | 11 - .../passphrases/ucp_maas_admin_password.yaml | 11 - .../ucp_maas_postgres_password.yaml | 11 - .../ucp_oslo_db_admin_password.yaml | 11 - .../ucp_oslo_messaging_password.yaml | 11 - .../ucp_postgres_admin_password.yaml | 11 - .../ucp_promenade_keystone_password.yaml | 11 - .../ucp_rabbitmq_erlang_cookie.yaml | 11 - .../ucp_shipyard_keystone_password.yaml | 11 - .../ucp_shipyard_postgres_password.yaml | 11 - .../site/gate-multinode/site-definition.yaml | 11 - .../kubernetes/container-networking/etcd.yaml | 188 --- .../software/charts/kubernetes/etcd/etcd.yaml | 185 --- .../charts/kubernetes/ingress/ingress.yaml | 24 - .../software/charts/ucp/drydock/drydock.yaml | 38 - .../software/charts/ucp/drydock/maas.yaml | 35 - .../storage_provisioner/ceph-config-os.yaml | 123 -- .../ucp/storage_provisioner/ceph-config.yaml | 123 -- .../charts/ucp/storage_provisioner/ceph.yaml | 277 ----- .../ucp/storage_provisioner/chart-group.yaml | 26 - .../software/configs/endpoints.yaml | 33 - .../software/configs/versions.yaml | 22 - .../v1.0demo/network/KubernetesNetwork.yaml | 87 -- doc/requirements.txt | 3 - doc/source/api-conventions.rst | 359 ------ doc/source/code-conventions.rst | 220 ---- doc/source/conf.py | 160 --- doc/source/conventions.rst | 54 - doc/source/dev-getting-started.rst | 170 --- doc/source/documentation-conventions.rst | 95 -- doc/source/docutils.conf | 2 - doc/source/index.rst | 74 -- doc/source/security/guide.rst | 65 - doc/source/security/haproxy.rst | 64 - doc/source/security/template.rst | 79 -- doc/source/security/ubuntu.rst | 256 ---- doc/source/service-logging-conventions.rst | 73 -- manifests/common/creds.sh | 56 - manifests/common/deploy-airship.sh | 491 -------- manifests/dev_minimal/README.txt | 113 -- manifests/dev_minimal/set-env.sh | 53 - manifests/dev_single_node/README.txt | 32 - .../dev_single_node/airship-in-a-bottle.sh | 163 --- .../dev_single_node/test_create_heat_stack.sh | 94 -- tools/gate/playbooks/zuul-linter.yaml | 30 - tools/multi_nodes_gate/README.md | 6 - tools/openstack_cli_docker_base_command.sh | 44 - tools/run_openstack_cli.sh | 30 - tox.ini | 14 - 276 files changed, 10 insertions(+), 18634 deletions(-) delete mode 100644 .github/SECURITY.md delete mode 100644 .gitignore delete mode 100644 .zuul.yaml delete mode 100644 LICENSE delete mode 100644 Makefile delete mode 100644 Vagrantfile delete mode 100644 deployment_files/global/common/layering-policy.yaml delete mode 100644 deployment_files/global/common/schemas/pegleg/SiteDefinition/v1.yaml delete mode 100644 deployment_files/global/v1.0demo/baremetal/bootactions/seccomp-profiles.yaml delete mode 100644 deployment_files/global/v1.0demo/profiles/genesis.yaml delete mode 100644 deployment_files/global/v1.0demo/profiles/kubernetes-host.yaml delete mode 100644 deployment_files/global/v1.0demo/profiles/security/seccomp_default.yaml delete mode 100644 deployment_files/global/v1.0demo/schemas/armada/Chart/v1.yaml delete mode 100644 deployment_files/global/v1.0demo/schemas/armada/ChartGroup/v1.yaml delete mode 100644 deployment_files/global/v1.0demo/schemas/armada/Manifest/v1.yaml delete mode 100644 deployment_files/global/v1.0demo/schemas/drydock/BaremetalNode/v1.yaml delete mode 100644 deployment_files/global/v1.0demo/schemas/drydock/BootAction/v1.yaml delete mode 100644 deployment_files/global/v1.0demo/schemas/drydock/HardwareProfile/v1.yaml delete mode 100644 deployment_files/global/v1.0demo/schemas/drydock/HostProfile/v1.yaml delete mode 100644 deployment_files/global/v1.0demo/schemas/drydock/Network/v1.yaml delete mode 100644 deployment_files/global/v1.0demo/schemas/drydock/NetworkLink/v1.yaml delete mode 100644 deployment_files/global/v1.0demo/schemas/drydock/Rack/v1.yaml delete mode 100644 deployment_files/global/v1.0demo/schemas/drydock/Region/v1.yaml delete mode 100644 deployment_files/global/v1.0demo/schemas/pegleg/AccountCatalogue/v1.yaml delete mode 100644 deployment_files/global/v1.0demo/schemas/pegleg/AppArmorProfile/v1.yaml delete mode 100644 deployment_files/global/v1.0demo/schemas/pegleg/CommonAddresses/v1.yaml delete mode 100644 deployment_files/global/v1.0demo/schemas/pegleg/CommonSoftwareConfig/v1.yaml delete mode 100644 deployment_files/global/v1.0demo/schemas/pegleg/EndpointCatalogue/v1.yaml delete mode 100644 deployment_files/global/v1.0demo/schemas/pegleg/SeccompProfile/v1.yaml delete mode 100644 deployment_files/global/v1.0demo/schemas/pegleg/SoftwareVersions/v1.yaml delete mode 100644 deployment_files/global/v1.0demo/schemas/promenade/Docker/v1.yaml delete mode 100644 deployment_files/global/v1.0demo/schemas/promenade/Genesis/v1.yaml delete mode 100644 deployment_files/global/v1.0demo/schemas/promenade/HostSystem/v1.yaml delete mode 100644 deployment_files/global/v1.0demo/schemas/promenade/Kubelet/v1.yaml delete mode 100644 deployment_files/global/v1.0demo/schemas/promenade/KubernetesNetwork/v1.yaml delete mode 100644 deployment_files/global/v1.0demo/schemas/promenade/KubernetesNode/v1.yaml delete mode 100644 deployment_files/global/v1.0demo/schemas/promenade/PKICatalog/PKICatalog.yaml delete mode 100644 deployment_files/global/v1.0demo/schemas/shipyard/DeploymentConfiguration/v1.yaml delete mode 100644 deployment_files/global/v1.0demo/schemas/shipyard/DeploymentStrategy/v1.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/kubernetes/container-networking/calico.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/kubernetes/container-networking/chart-group.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/kubernetes/container-networking/etcd.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/kubernetes/core/apiserver.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/kubernetes/core/chart-group.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/kubernetes/core/controller-manager.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/kubernetes/core/scheduler.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/kubernetes/dns/chart-group.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/kubernetes/dns/coredns.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/kubernetes/etcd/chart-group.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/kubernetes/etcd/etcd.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/kubernetes/haproxy/chart-group.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/kubernetes/haproxy/haproxy.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/kubernetes/ingress/chart-group.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/kubernetes/ingress/ingress.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/kubernetes/proxy/chart-group.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/kubernetes/proxy/kubernetes-proxy.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/chart-group-infra.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/chart-group-shared.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/glance.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/heat.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/horizon.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/keystone.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/mariadb.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/memcached.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/rabbitmq.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/osh/compute-kit/chart-group.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/osh/compute-kit/libvirt.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/osh/compute-kit/neutron.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/osh/compute-kit/nova.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/osh/compute-kit/openvswitch.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/osh/ingress/chart-group.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/osh/ingress/ingress.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/ucp/armada/armada.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/ucp/armada/chart-group.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/ucp/armada/tiller.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/ucp/core/chart-group.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/ucp/core/ingress.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/ucp/core/mariadb.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/ucp/core/postgresql.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/ucp/core/rabbitmq.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/ucp/deckhand/barbican.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/ucp/deckhand/chart-group.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/ucp/deckhand/deckhand.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/ucp/divingbell/chart-group.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/ucp/divingbell/divingbell.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/ucp/drydock/chart-group.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/ucp/drydock/drydock.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/ucp/drydock/maas.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/ucp/keystone/chart-group.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/ucp/keystone/keystone.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/ucp/keystone/memcached.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/ucp/promenade/chart-group.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/ucp/promenade/promenade.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/ucp/services-chart-group.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/ucp/shipyard/chart-group.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/ucp/shipyard/shipyard.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/ucp/storage_provisioner/chart-group.yaml delete mode 100644 deployment_files/global/v1.0demo/software/charts/ucp/storage_provisioner/nfs-prov.yaml delete mode 100644 deployment_files/global/v1.0demo/software/config/Docker.yaml delete mode 100644 deployment_files/global/v1.0demo/software/config/Kubelet.yaml delete mode 100644 deployment_files/global/v1.0demo/software/config/endpoints.yaml delete mode 100644 deployment_files/global/v1.0demo/software/config/service_accounts.yaml delete mode 100644 deployment_files/global/v1.0demo/software/config/versions.yaml delete mode 100644 deployment_files/global/v1.0demo/software/manifests/bootstrap.yaml delete mode 100644 deployment_files/global/v1.0demo/software/manifests/full-site.yaml delete mode 100644 deployment_files/site/demo/deployment/deploymentConfiguration.yaml delete mode 100644 deployment_files/site/demo/deployment/dev-configurables.yaml delete mode 100644 deployment_files/site/demo/networks/common-addresses.yaml delete mode 100644 deployment_files/site/demo/pki/pki-catalog.yaml delete mode 100644 deployment_files/site/demo/secrets/passphrases/ceph_swift_keystone_password.yaml delete mode 100644 deployment_files/site/demo/secrets/passphrases/ipmi_admin_password.yaml delete mode 100644 deployment_files/site/demo/secrets/passphrases/maas_region_secret.yaml delete mode 100644 deployment_files/site/demo/secrets/passphrases/ucp_airflow_oslo_messaging_password.yaml delete mode 100644 deployment_files/site/demo/secrets/passphrases/ucp_airflow_postgres_password.yaml delete mode 100644 deployment_files/site/demo/secrets/passphrases/ucp_armada_keystone_password.yaml delete mode 100644 deployment_files/site/demo/secrets/passphrases/ucp_barbican_keystone_password.yaml delete mode 100644 deployment_files/site/demo/secrets/passphrases/ucp_barbican_oslo_db_password.yaml delete mode 100644 deployment_files/site/demo/secrets/passphrases/ucp_deckhand_keystone_password.yaml delete mode 100644 deployment_files/site/demo/secrets/passphrases/ucp_deckhand_postgres_password.yaml delete mode 100644 deployment_files/site/demo/secrets/passphrases/ucp_drydock_keystone_password.yaml delete mode 100644 deployment_files/site/demo/secrets/passphrases/ucp_drydock_postgres_password.yaml delete mode 100644 deployment_files/site/demo/secrets/passphrases/ucp_keystone_admin_password.yaml delete mode 100644 deployment_files/site/demo/secrets/passphrases/ucp_keystone_oslo_db_password.yaml delete mode 100644 deployment_files/site/demo/secrets/passphrases/ucp_maas_admin_password.yaml delete mode 100644 deployment_files/site/demo/secrets/passphrases/ucp_maas_postgres_password.yaml delete mode 100644 deployment_files/site/demo/secrets/passphrases/ucp_oslo_db_admin_password.yaml delete mode 100644 deployment_files/site/demo/secrets/passphrases/ucp_oslo_messaging_password.yaml delete mode 100644 deployment_files/site/demo/secrets/passphrases/ucp_postgres_admin_password.yaml delete mode 100644 deployment_files/site/demo/secrets/passphrases/ucp_promenade_keystone_password.yaml delete mode 100644 deployment_files/site/demo/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml delete mode 100644 deployment_files/site/demo/secrets/passphrases/ucp_shipyard_keystone_password.yaml delete mode 100644 deployment_files/site/demo/secrets/passphrases/ucp_shipyard_postgres_password.yaml delete mode 100644 deployment_files/site/demo/site-definition.yaml delete mode 100644 deployment_files/site/demo/software/charts/kubernetes/container-networking/etcd.yaml delete mode 100644 deployment_files/site/demo/software/charts/kubernetes/etcd/etcd.yaml delete mode 100644 deployment_files/site/demo/software/charts/kubernetes/ingress/ingress.yaml delete mode 100644 deployment_files/site/demo/software/charts/ucp/drydock/maas.yaml delete mode 100644 deployment_files/site/dev-proxy/deployment/deploymentConfiguration.yaml delete mode 100644 deployment_files/site/dev-proxy/deployment/dev-configurables.yaml delete mode 100644 deployment_files/site/dev-proxy/networks/common-addresses.yaml delete mode 100644 deployment_files/site/dev-proxy/pki/pki-catalog.yaml delete mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ceph_swift_keystone_password.yaml delete mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ipmi_admin_password.yaml delete mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/maas_region_secret.yaml delete mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_airflow_oslo_messaging_password.yaml delete mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_airflow_postgres_password.yaml delete mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_armada_keystone_password.yaml delete mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_barbican_keystone_password.yaml delete mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_barbican_oslo_db_password.yaml delete mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_deckhand_keystone_password.yaml delete mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_deckhand_postgres_password.yaml delete mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_drydock_keystone_password.yaml delete mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_drydock_postgres_password.yaml delete mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_keystone_admin_password.yaml delete mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_keystone_oslo_db_password.yaml delete mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_maas_admin_password.yaml delete mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_maas_postgres_password.yaml delete mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_oslo_db_admin_password.yaml delete mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_oslo_messaging_password.yaml delete mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_postgres_admin_password.yaml delete mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_promenade_keystone_password.yaml delete mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml delete mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_shipyard_keystone_password.yaml delete mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_shipyard_postgres_password.yaml delete mode 100644 deployment_files/site/dev-proxy/site-definition.yaml delete mode 100644 deployment_files/site/dev-proxy/software/charts/kubernetes/container-networking/etcd.yaml delete mode 100644 deployment_files/site/dev-proxy/software/charts/kubernetes/etcd/etcd.yaml delete mode 100644 deployment_files/site/dev-proxy/software/charts/ucp/storage_provisioner/chart-group.yaml delete mode 100644 deployment_files/site/dev-proxy/software/charts/ucp/storage_provisioner/nfs-prov.yaml delete mode 100644 deployment_files/site/dev/deployment/deploymentConfiguration.yaml delete mode 100644 deployment_files/site/dev/deployment/dev-configurables.yaml delete mode 100644 deployment_files/site/dev/networks/common-addresses.yaml delete mode 100644 deployment_files/site/dev/pki/pki-catalog.yaml delete mode 100644 deployment_files/site/dev/secrets/passphrases/ceph_swift_keystone_password.yaml delete mode 100644 deployment_files/site/dev/secrets/passphrases/ipmi_admin_password.yaml delete mode 100644 deployment_files/site/dev/secrets/passphrases/maas_region_secret.yaml delete mode 100644 deployment_files/site/dev/secrets/passphrases/ucp_airflow_oslo_messaging_password.yaml delete mode 100644 deployment_files/site/dev/secrets/passphrases/ucp_airflow_postgres_password.yaml delete mode 100644 deployment_files/site/dev/secrets/passphrases/ucp_armada_keystone_password.yaml delete mode 100644 deployment_files/site/dev/secrets/passphrases/ucp_barbican_keystone_password.yaml delete mode 100644 deployment_files/site/dev/secrets/passphrases/ucp_barbican_oslo_db_password.yaml delete mode 100644 deployment_files/site/dev/secrets/passphrases/ucp_deckhand_keystone_password.yaml delete mode 100644 deployment_files/site/dev/secrets/passphrases/ucp_deckhand_postgres_password.yaml delete mode 100644 deployment_files/site/dev/secrets/passphrases/ucp_drydock_keystone_password.yaml delete mode 100644 deployment_files/site/dev/secrets/passphrases/ucp_drydock_postgres_password.yaml delete mode 100644 deployment_files/site/dev/secrets/passphrases/ucp_keystone_admin_password.yaml delete mode 100644 deployment_files/site/dev/secrets/passphrases/ucp_keystone_oslo_db_password.yaml delete mode 100644 deployment_files/site/dev/secrets/passphrases/ucp_maas_admin_password.yaml delete mode 100644 deployment_files/site/dev/secrets/passphrases/ucp_maas_postgres_password.yaml delete mode 100644 deployment_files/site/dev/secrets/passphrases/ucp_oslo_db_admin_password.yaml delete mode 100644 deployment_files/site/dev/secrets/passphrases/ucp_oslo_messaging_password.yaml delete mode 100644 deployment_files/site/dev/secrets/passphrases/ucp_postgres_admin_password.yaml delete mode 100644 deployment_files/site/dev/secrets/passphrases/ucp_promenade_keystone_password.yaml delete mode 100644 deployment_files/site/dev/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml delete mode 100644 deployment_files/site/dev/secrets/passphrases/ucp_shipyard_keystone_password.yaml delete mode 100644 deployment_files/site/dev/secrets/passphrases/ucp_shipyard_postgres_password.yaml delete mode 100644 deployment_files/site/dev/site-definition.yaml delete mode 100644 deployment_files/site/dev/software/charts/kubernetes/container-networking/etcd.yaml delete mode 100644 deployment_files/site/dev/software/charts/kubernetes/etcd/etcd.yaml delete mode 100644 deployment_files/site/dev/software/charts/ucp/storage_provisioner/chart-group.yaml delete mode 100644 deployment_files/site/dev/software/charts/ucp/storage_provisioner/nfs-prov.yaml delete mode 100644 deployment_files/site/gate-multinode/baremetal/bootactions.yaml delete mode 100644 deployment_files/site/gate-multinode/baremetal/nodes.yaml delete mode 100644 deployment_files/site/gate-multinode/deployment/deployStrat.yaml delete mode 100644 deployment_files/site/gate-multinode/deployment/deploymentConfiguration.yaml delete mode 100644 deployment_files/site/gate-multinode/deployment/dev-configurables.yaml delete mode 100644 deployment_files/site/gate-multinode/networks/common-addresses.yaml delete mode 100644 deployment_files/site/gate-multinode/networks/physical/network.yaml delete mode 100644 deployment_files/site/gate-multinode/pki/pki-catalog.yaml delete mode 100644 deployment_files/site/gate-multinode/profile/hardware/generic_vm.yaml delete mode 100644 deployment_files/site/gate-multinode/profile/host/defaults.yaml delete mode 100644 deployment_files/site/gate-multinode/profile/region.yaml delete mode 100644 deployment_files/site/gate-multinode/secrets/passphrases/ceph_swift_keystone_password.yaml delete mode 100644 deployment_files/site/gate-multinode/secrets/passphrases/ipmi_admin_password.yaml delete mode 100644 deployment_files/site/gate-multinode/secrets/passphrases/maas_region_secret.yaml delete mode 100644 deployment_files/site/gate-multinode/secrets/passphrases/ucp_airflow_oslo_messaging_password.yaml delete mode 100644 deployment_files/site/gate-multinode/secrets/passphrases/ucp_airflow_postgres_password.yaml delete mode 100644 deployment_files/site/gate-multinode/secrets/passphrases/ucp_armada_keystone_password.yaml delete mode 100644 deployment_files/site/gate-multinode/secrets/passphrases/ucp_barbican_keystone_password.yaml delete mode 100644 deployment_files/site/gate-multinode/secrets/passphrases/ucp_barbican_oslo_db_password.yaml delete mode 100644 deployment_files/site/gate-multinode/secrets/passphrases/ucp_deckhand_keystone_password.yaml delete mode 100644 deployment_files/site/gate-multinode/secrets/passphrases/ucp_deckhand_postgres_password.yaml delete mode 100644 deployment_files/site/gate-multinode/secrets/passphrases/ucp_drydock_keystone_password.yaml delete mode 100644 deployment_files/site/gate-multinode/secrets/passphrases/ucp_drydock_kvm_ssh_key.yaml delete mode 100644 deployment_files/site/gate-multinode/secrets/passphrases/ucp_drydock_postgres_password.yaml delete mode 100644 deployment_files/site/gate-multinode/secrets/passphrases/ucp_keystone_admin_password.yaml delete mode 100644 deployment_files/site/gate-multinode/secrets/passphrases/ucp_keystone_oslo_db_password.yaml delete mode 100644 deployment_files/site/gate-multinode/secrets/passphrases/ucp_maas_admin_password.yaml delete mode 100644 deployment_files/site/gate-multinode/secrets/passphrases/ucp_maas_postgres_password.yaml delete mode 100644 deployment_files/site/gate-multinode/secrets/passphrases/ucp_oslo_db_admin_password.yaml delete mode 100644 deployment_files/site/gate-multinode/secrets/passphrases/ucp_oslo_messaging_password.yaml delete mode 100644 deployment_files/site/gate-multinode/secrets/passphrases/ucp_postgres_admin_password.yaml delete mode 100644 deployment_files/site/gate-multinode/secrets/passphrases/ucp_promenade_keystone_password.yaml delete mode 100644 deployment_files/site/gate-multinode/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml delete mode 100644 deployment_files/site/gate-multinode/secrets/passphrases/ucp_shipyard_keystone_password.yaml delete mode 100644 deployment_files/site/gate-multinode/secrets/passphrases/ucp_shipyard_postgres_password.yaml delete mode 100644 deployment_files/site/gate-multinode/site-definition.yaml delete mode 100644 deployment_files/site/gate-multinode/software/charts/kubernetes/container-networking/etcd.yaml delete mode 100644 deployment_files/site/gate-multinode/software/charts/kubernetes/etcd/etcd.yaml delete mode 100644 deployment_files/site/gate-multinode/software/charts/kubernetes/ingress/ingress.yaml delete mode 100644 deployment_files/site/gate-multinode/software/charts/ucp/drydock/drydock.yaml delete mode 100644 deployment_files/site/gate-multinode/software/charts/ucp/drydock/maas.yaml delete mode 100644 deployment_files/site/gate-multinode/software/charts/ucp/storage_provisioner/ceph-config-os.yaml delete mode 100644 deployment_files/site/gate-multinode/software/charts/ucp/storage_provisioner/ceph-config.yaml delete mode 100644 deployment_files/site/gate-multinode/software/charts/ucp/storage_provisioner/ceph.yaml delete mode 100644 deployment_files/site/gate-multinode/software/charts/ucp/storage_provisioner/chart-group.yaml delete mode 100644 deployment_files/site/gate-multinode/software/configs/endpoints.yaml delete mode 100644 deployment_files/site/gate-multinode/software/configs/versions.yaml delete mode 100644 deployment_files/type/single-node/v1.0demo/network/KubernetesNetwork.yaml delete mode 100644 doc/requirements.txt delete mode 100644 doc/source/api-conventions.rst delete mode 100644 doc/source/code-conventions.rst delete mode 100644 doc/source/conf.py delete mode 100644 doc/source/conventions.rst delete mode 100644 doc/source/dev-getting-started.rst delete mode 100644 doc/source/documentation-conventions.rst delete mode 100644 doc/source/docutils.conf delete mode 100644 doc/source/index.rst delete mode 100644 doc/source/security/guide.rst delete mode 100644 doc/source/security/haproxy.rst delete mode 100644 doc/source/security/template.rst delete mode 100644 doc/source/security/ubuntu.rst delete mode 100644 doc/source/service-logging-conventions.rst delete mode 100644 manifests/common/creds.sh delete mode 100755 manifests/common/deploy-airship.sh delete mode 100644 manifests/dev_minimal/README.txt delete mode 100644 manifests/dev_minimal/set-env.sh delete mode 100644 manifests/dev_single_node/README.txt delete mode 100755 manifests/dev_single_node/airship-in-a-bottle.sh delete mode 100755 manifests/dev_single_node/test_create_heat_stack.sh delete mode 100644 tools/gate/playbooks/zuul-linter.yaml delete mode 100644 tools/multi_nodes_gate/README.md delete mode 100755 tools/openstack_cli_docker_base_command.sh delete mode 100755 tools/run_openstack_cli.sh delete mode 100644 tox.ini diff --git a/.github/SECURITY.md b/.github/SECURITY.md deleted file mode 100644 index bd5888ab..00000000 --- a/.github/SECURITY.md +++ /dev/null @@ -1,9 +0,0 @@ -# Security Policy - -## Reporting a Vulnerability - -The Airship community is committed to expediently confirming, resolving, and -disclosing all reported security vulnerabilities. To report a security -vulnerabillity, please refer to our [vulnerability management process][1]. - -[1]: https://airship-docs.readthedocs.io/en/latest/security/vulnerabilities.html diff --git a/.gitignore b/.gitignore deleted file mode 100644 index b141fc8a..00000000 --- a/.gitignore +++ /dev/null @@ -1,10 +0,0 @@ -# Sphinx documentation -doc/_build/ -doc/build/ -.tox - -# OSX folder settings files -.DS_Store - -# Other -.vagrant/ diff --git a/.zuul.yaml b/.zuul.yaml deleted file mode 100644 index fae940e6..00000000 --- a/.zuul.yaml +++ /dev/null @@ -1,98 +0,0 @@ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -- project: - templates: - - docs-on-readthedocs - vars: - rtd_webhook_id: '38573' - rtd_project_name: 'airshipit' - check: - jobs: - - airship-in-a-bottle-linter - gate: - jobs: - - airship-in-a-bottle-linter - - post: - jobs: - - airship-in-a-bottle-upload-git-mirror - -- nodeset: - name: airship-integration-single-node - nodes: - - name: primary - label: ubuntu-bionic - -- job: - name: airship-in-a-bottle-linter - run: tools/gate/playbooks/zuul-linter.yaml - nodeset: airship-integration-single-node - -- job: - name: airship-in-a-bottle-upload-git-mirror - parent: upload-git-mirror - description: Mirrors airship/in-a-bottle to airshipit/airship-in-a-bottle - vars: - git_mirror_repository: airshipit/airship-in-a-bottle - secrets: - - name: git_mirror_credentials - secret: airship-in-a-bottle-airshipit-github-secret - pass-to-parent: true - -- secret: - name: airship-in-a-bottle-airshipit-github-secret - data: - user: git - host: github.com - host_key: github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== - ssh_key: !encrypted/pkcs1-oaep - - G7vSue9nRd4lCtNCSmg4NR4ZG34tyvUeURQkk0JGa98zYC+RDFlrSewg+7paYyf/8b+Jb - P2BlnoyyHeJeQ1P+pf9ifElL3iKS7GBk6GALHuwMxZX5rAKVndLeGDn3+aGpLqPmv68uE - o1TPStHSGMZvypo0qbZJP5B9ao1t88K+DPp4q4ym4AkW7ErQ30YvZ+8rtPF7srN0hsGtZ - 8HU3LZbGn9EjlF2HP2n2j9QL2yVOFG2m3U4fO8D76ek7Gk/fB6kPo4d1DTYLKmjfgd/3v - CHh7QiRINIcNu0EOD+i5ODdnyKNjbHQxhKJXd1xCLjNzwPDmeu1QkAZUgSQLD65AtrXa4 - Gta0UW2Im7U1/F6Q/6j5EqakshV90F6EuenOGoIJ9ZjDGoNohaTeuY+ri+QwwMeTU/DCX - RYIIuHu3rI/QsQYF3o02uY0dwpGO3YtRPkXN5B74RTObfCNllTSs/N6m1RbQHB+hjoEVp - fN+qk+n1MQGfWJiE5dZFsBQYLiVJhlbC+M/5NjR8pUtcsNlcpqSjuQ+PVYazACYlyJJ4/ - 59qjXb1Qpk4KOronTQCoYnNU+pxKy8I4hzFWGYJKYS0l8BN39eco1Gqo1hXTl28nxQ+bJ - p5F/UOx3shizH95s+bPNbiBwRoo9sEkhFoSlA1UZxRALflnGgJgXJs2/GEPcPQ= - - izn/asLSpM5n+z1vzegsMpXJl9UY2LqNi5Pyu8nwez/uKG66Ew4eEZf40LyCxaSg+zg8v - kXd+sx9iV0JyGpWUmSZzFmqD6/GVp4/uXrDchb4L+PqX2I+3BCVpQ/EIXVmgFpj1D91oQ - /cccWsgYN/ryLMja4Jq1vVTgCNT9t7LyLXk21TgNfaQwv4Q8YMv6efLb+EHihN+k9UsO6 - JkwrwigrL8C3jPuoBHPKxexdTMm40GGk/+DA+wSEtWXlMDea+dk9ZOILfWVaMuUGidOdC - HF9agZqb3rALTlUOVuGGTHYQXAtrgC0CL1AiRZh0upOmtBMIfT5cVCmJBkuNOKyJpQgjq - Ela7r1tiNJ/BS0FdLtG1v2jpHC1dxK7GkLoUsmMITxf8awW9018JcfAGfC7pIGyIokLvs - OWrCDWk5MWW1LkrwciV78TJqVT24uaYGGYePLJ8b17sw2Jm0C54pUJJpYOFHU8D2gg23+ - tl5jskCBwU22rOkm7vCfRAg7gtowPqV3HQQDbfH0CXq5XeE8+i/NMa5NWguUWoX+KyCTO - GRx47DPg0HpwDs0yCSsQ60eWi01ozWGQycQTzXI0iCkaQUFsGNV0tqxQYXesVAdhtFcdV - ZL5cRE5vnIVXP7/UFBsYgVpVayr6GSMakJrBGG4QTz+FMuTQVYun/oSjq1NLSs= - - MK7umdAeVLj9FHLrF2NVxp5r1/m6f04c79K53g8ctCtniw9JugbCyL4GXz8N4/G9d624K - XFcL7YNyIAfFgfY5oPmAutw7ygdBFmjHd+h3cGrx5qQTpzqln7qJPi1No7OzSOey3P0Dj - ryLSFHSDBo1kjp8yOvhFDZROK0o3+QEdW0jlFnnnNt3+/Ki5UrRwHkD5r0ZBk1nRdLKKB - ieKNfzyGpgnT5EDaciSoex8UiQhU1mMX9QNpHBoFLKz4gwJE2tqYo/tiF+D92aYtgURN2 - UznLWoq+SDzcsjEpRotMsVGI55EjKJ3wpRqJvK3S7RA0/BbIc9j7p8gyoDTdEZ2M5IxRZ - OA5NCV2jdbZVJ85ArUCCaSI+gFBP3cOzJooFnHxlGeKm91a8dEFDgOKVt4b36+hLQ1PUg - ZhIZuA8iLxb2PTV1BsB3f1G+NUFzS8obDF2e+OP1BSSpF/NdqVxN92rZmBt6Uatb68fLm - aEiZyid12k9QmktyaLabFXuABttvJ9xDmLxZlqkkHcFkC/avbRWFwnwqwlXmFU1jlAlgr - FMxbxU13PFw22wQlsex/OZb1TOKTwKKPzkYIChpYSo4UHo2Q3FuIzqc/BoeSwZL7riAp5 - w/zeb1Vji9r+xWgxWe13tpFC/CtOtWxkH28COSpjPgdFOj6RU08ZTMyAkHtP8o= - - XmAtvtkHqu5qTwYGIN62GyyY5AqKg+dwD+iv29vCeOE4DE7o30v1fuPk0qBEfRtygohC0 - dan+KeZMi+9SpohTK+EgEynb140jnW1WS635G+IrvU1XvKba+AyO6qebmoKvFaNLFJtw5 - uNmnGAKQKlyG43UeVyPYyaVEpNhOvo+n1DxgdORTguCW64Fysq1SR4lswGBwpOdPRsq6c - qMY+7adnDEWwpR54BjevUGV45adLyRUIq563oc8vUXRy8JXbMiscFTgsEVf2C+GzYDhJU - 06AV3ewAstKps2YHiePYocavLESL0+mLDNS90jIWYiRac0VRpUFuZ6v/RxlO+6zPNpRbm - lGlpG/MR823nmz0YnRw8Px/XflYF49+PDnRXrgRVD8CkM/pWmaFSHDClQElGVczsEJE8v - ieG0MPkCbp058WSQjBgSllLkiG7hvuOUu7PvgQDrC+VhEp54O7cjxQkTN5q+DXlkKZc16 - WNWfC0qYhsIjKfYO6vCNzIbjPB0T84cDI1FYCVVVEzn+1YFiI2DyI4lTClt/QDLJGPFJT - xAz5fmUOOeR3bMPrsfCd1t3l6B5bDtPuLDoFIc7SeWB2uqo05FuKRNfgLb1oGC6JTouWW - uk5BHGqmM5TPdeXbLxF58fGDD61VWxzuFgL68CIZcFN9qk/VP1ab6ThSeNc6FM= diff --git a/LICENSE b/LICENSE deleted file mode 100644 index 8dada3ed..00000000 --- a/LICENSE +++ /dev/null @@ -1,201 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "{}" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright {yyyy} {name of copyright owner} - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/Makefile b/Makefile deleted file mode 100644 index c6c6a9be..00000000 --- a/Makefile +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright 2018 AT&T Intellectual Property. All other rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -SHELL = /bin/bash - -.PHONY: clean -clean: - rm -rf doc/build - -.PHONY: docs -docs: clean build_docs - -.PHONY: build_docs -build_docs: - tox -e docs diff --git a/README.md b/README.md index 117de095..dd976f2d 100644 --- a/README.md +++ b/README.md @@ -1,56 +1,13 @@ -# Airship in a Bottle +This project is no longer maintained. -Airship is a broad integration of several components -enabling an automated, resilient Kubernetes-based infrastructure for hosting -Helm-deployed containerized workloads. +The contents of this repository are still available in the Git source +code management system. To see the contents of this repository before +it reached its end of life, please check out the previous commit with +"git checkout HEAD^1". -Airship is the name for the project formerly known as UCP or the Undercloud -Platform. +For replacement code, please, refer to https://docs.airshipit.org +(Airship Treasuremap), specifically to one of the sites: Airskiff, +Airsloop, Seaworthy and others. -Find more documentation for Airship in a Bottle on -[Read the Docs](https://airshipit.readthedocs.io/). - -To get started, run the following in a fresh Ubuntu 16.04 VM -(minimum 4vCPU/20GB RAM/32GB disk). This will deploy Airship and Openstack Helm -(OSH): -``` -sudo -i -mkdir -p /root/deploy && cd "$_" -git clone https://opendev.org/airship/airship-in-a-bottle -cd /root/deploy/airship-in-a-bottle/manifests/dev_single_node -./airship-in-a-bottle.sh -``` - -Or, alternatively, if you have Vagrant installed, just run the following -(only libvirt/kvm hypervisor is tested, but vagrant box supports VMware -Desktop/Workstation/Fusion, Parallels, and Hyper-V): -``` -curl -O https://opendev.org/airship/airship-in-a-bottle/raw/branch/master/Vagrantfile -vagrant up -``` - -## Components - -### Shipyard - -Platform orchestrator for initial deployment, platform updates, and server -redeployments - -### Promenade - -The bootstrapper for the Kubernetes control plane - both on an initial genesis node -to get a working Kubernetes cluster and for adding additional nodes to the existing -Kubernetes cluster. - -### Armada - -Provisioner for Helm charts. Provides the capability to override chart values.yaml -items. - -### Drydock - -The orchestrator for physical asset provisioning (e.g. server deployment). - -### Deckhand - -YAML design data manager. +For any further questions, please email +airship-discuss@lists.airshipit.org or join #airshipit on Freenode. diff --git a/Vagrantfile b/Vagrantfile deleted file mode 100644 index 22011e22..00000000 --- a/Vagrantfile +++ /dev/null @@ -1,87 +0,0 @@ -# -*- mode: ruby -*- -# vi: set ft=ruby : - -# All Vagrant configuration is done below. The "2" in Vagrant.configure -# configures the configuration version (we support older styles for -# backwards compatibility). Please don't change it unless you know what -# you're doing. -Vagrant.configure("2") do |config| - # The most common configuration options are documented and commented below. - # For a complete reference, please see the online documentation at - # https://docs.vagrantup.com. - - # Every Vagrant development environment requires a box. You can search for - # boxes at https://vagrantcloud.com/search. - config.vm.box = "generic/ubuntu1604" - - # Disable automatic box update checking. If you disable this, then - # boxes will only be checked for updates when the user runs - # `vagrant box outdated`. This is not recommended. - # config.vm.box_check_update = false - - # Create a forwarded port mapping which allows access to a specific port - # within the machine from a port on the host machine. In the example below, - # accessing "localhost:8080" will access port 80 on the guest machine. - # NOTE: This will enable public access to the opened port - # config.vm.network "forwarded_port", guest: 80, host: 8080 - - # Create a forwarded port mapping which allows access to a specific port - # within the machine from a port on the host machine and only allow access - # via 127.0.0.1 to disable public access - # config.vm.network "forwarded_port", guest: 80, host: 8080, host_ip: "127.0.0.1" - - # Create a private network, which allows host-only access to the machine - # using a specific IP. - # config.vm.network "private_network", ip: "192.168.33.10" - - # Create a public network, which generally matched to bridged network. - # Bridged networks make the machine appear as another physical device on - # your network. - # config.vm.network "public_network" - - # Share an additional folder to the guest VM. The first argument is - # the path on the host to the actual folder. The second argument is - # the path on the guest to mount the folder. And the optional third - # argument is a set of non-required options. - # config.vm.synced_folder "../data", "/vagrant_data" - - # Provider-specific configuration so you can fine-tune various - # backing providers for Vagrant. These expose provider-specific options. - # Example for VirtualBox: - #config.vm.provider "virtualbox" do |vb| - # # Display the VirtualBox GUI when booting the machine - # # vb.gui = true - #end - [:virtualbox, :parallels, :libvirt, :hyperv].each do |provider| - config.vm.provider provider do |vplh, override| - vplh.cpus = 4 - vplh.memory = 20480 - end - end - [:vmware_fusion, :vmware_workstation, :vmware_desktop].each do |provider| - config.vm.provider provider do |vmw, override| - vmw.vmx["memsize"] = "20480" - vmw.vmx["numvcpus"] = "4" - end - end - # - # View the documentation for the provider you are using for more - # information on available options. - - # Enable provisioning with a shell script. Additional provisioners such as - # Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the - # documentation for more information about their specific syntax and use. - # config.vm.provision "shell", inline: <<-SHELL - # apt-get update - # apt-get install -y apache2 - # SHELL - config.vm.define "n0" do |node| - node.vm.hostname = "n0" - node.vm.provision :shell, inline: <<-SHELL - mkdir /root/deploy - git clone https://opendev.org/airship/airship-in-a-bottle /root/deploy/airship-in-a-bottle - cd /root/deploy/airship-in-a-bottle/manifests/dev_single_node - ./airship-in-a-bottle.sh -y - SHELL - end -end diff --git a/deployment_files/global/common/layering-policy.yaml b/deployment_files/global/common/layering-policy.yaml deleted file mode 100644 index e86d0bab..00000000 --- a/deployment_files/global/common/layering-policy.yaml +++ /dev/null @@ -1,10 +0,0 @@ ---- -schema: deckhand/LayeringPolicy/v1 -metadata: - schema: metadata/Control/v1 - name: layering-policy -data: - layerOrder: - - global - - type - - site diff --git a/deployment_files/global/common/schemas/pegleg/SiteDefinition/v1.yaml b/deployment_files/global/common/schemas/pegleg/SiteDefinition/v1.yaml deleted file mode 100644 index 3878eb3b..00000000 --- a/deployment_files/global/common/schemas/pegleg/SiteDefinition/v1.yaml +++ /dev/null @@ -1,19 +0,0 @@ ---- -schema: deckhand/DataSchema/v1 -metadata: - schema: metadata/Control/v1 - name: pegleg/SiteDefinition/v1 -data: - $schema: http://json-schema.org/schema# - type: object - - properties: - revision: - type: string - pattern: '^v.+$' - site_type: - type: string - required: - - revision - - site_type - additionalProperties: false diff --git a/deployment_files/global/v1.0demo/baremetal/bootactions/seccomp-profiles.yaml b/deployment_files/global/v1.0demo/baremetal/bootactions/seccomp-profiles.yaml deleted file mode 100644 index 70bd7815..00000000 --- a/deployment_files/global/v1.0demo/baremetal/bootactions/seccomp-profiles.yaml +++ /dev/null @@ -1,31 +0,0 @@ ---- -schema: 'drydock/BootAction/v1' -metadata: - schema: 'metadata/Document/v1' - name: seccomp-profiles - storagePolicy: 'cleartext' - layeringDefinition: - abstract: false - layer: global - substitutions: - - src: - schema: pegleg/SeccompProfile/v1 - name: seccomp-default - path: .savePath - dest: - path: .assets[0].path - - src: - schema: pegleg/SeccompProfile/v1 - name: seccomp-default - path: .content - dest: - path: .assets[0].data - -data: - signaling: false - assets: - - type: file - permissions: '600' - data_pipeline: - - utf8_decode -... diff --git a/deployment_files/global/v1.0demo/profiles/genesis.yaml b/deployment_files/global/v1.0demo/profiles/genesis.yaml deleted file mode 100644 index 7420a83a..00000000 --- a/deployment_files/global/v1.0demo/profiles/genesis.yaml +++ /dev/null @@ -1,121 +0,0 @@ ---- -schema: promenade/Genesis/v1 -metadata: - schema: metadata/Document/v1 - name: genesis - labels: - genesis: enabled - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Software versions for bootstrapping phase - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.armada.api - dest: - path: .images.armada - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.armada.tiller - dest: - path: .images.helm.tiller - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.apiserver.apiserver - dest: - path: .images.kubernetes.apiserver - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.controller-manager.controller_manager - dest: - path: .images.kubernetes.controller-manager - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.etcd.etcd - dest: - path: .images.kubernetes.etcd - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.scheduler.scheduler - dest: - path: .images.kubernetes.scheduler - - # Site-specific configuration - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .genesis.hostname - dest: - path: .hostname - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .genesis.ip - dest: - path: .ip - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .dns.node_domain - dest: - path: .domain - - # Command prefix - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.service_cidr - dest: - path: .apiserver.command_prefix[1] - pattern: SERVICE_CIDR - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.service_node_port_range - dest: - path: .apiserver.command_prefix[2] - pattern: SERVICE_NODE_PORT_RANGE - -data: - apiserver: - command_prefix: - - /apiserver - - --service-cluster-ip-range=SERVICE_CIDR - - --service-node-port-range=SERVICE_NODE_PORT_RANGE - - --authorization-mode=Node,RBAC - - --admission-control=NamespaceLifecycle,LimitRanger,ServiceAccount,PersistentVolumeLabel,DefaultStorageClass,ResourceQuota,DefaultTolerationSeconds - - --endpoint-reconciler-type=lease - armada: - target_manifest: cluster-bootstrap - labels: - dynamic: - - calico-etcd=enabled - - coredns=enabled - - kube-ingress=enabled - - kubernetes-apiserver=enabled - - kubernetes-controller-manager=enabled - - kubernetes-etcd=enabled - - kubernetes-scheduler=enabled - - openstack-compute-node=enabled - - openstack-control-plane=enabled - - openvswitch=enabled - - promenade-genesis=enabled - - ucp-control-plane=enabled - - ceph-mon=enabled - - ceph-mds=enabled - - ceph-osd=enabled - - ceph-rgw=enabled - - ceph-mgr=enabled - files: - - path: /var/lib/anchor/calico-etcd-bootstrap - content: "# placeholder for triggering calico etcd bootstrapping\n# this file will be deleted" - mode: 0644 -... diff --git a/deployment_files/global/v1.0demo/profiles/kubernetes-host.yaml b/deployment_files/global/v1.0demo/profiles/kubernetes-host.yaml deleted file mode 100644 index f900664a..00000000 --- a/deployment_files/global/v1.0demo/profiles/kubernetes-host.yaml +++ /dev/null @@ -1,127 +0,0 @@ ---- -schema: promenade/HostSystem/v1 -metadata: - schema: metadata/Document/v1 - name: host-system - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .files.kubelet - dest: - path: .files[0].tar_url - - # Initial CoreDNS image (used during node Genesis and node join) - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.coredns.coredns - dest: - path: .images.coredns - - # Initial CoreDNS image (used during node Genesis and node join) - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.haproxy.haproxy - dest: - path: .images.haproxy - - # Operational tools - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.armada.helm - dest: - path: .images.helm.helm - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.kubectl - dest: - path: .images.kubernetes.kubectl - - # System packages - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .packages.named.docker - dest: - path: .packages.required.docker - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .packages.named.socat - dest: - path: .packages.required.socat - - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .packages.unnamed - dest: - path: .packages.additional - -data: - files: - - path: /opt/kubernetes/bin/kubelet - tar_path: kubernetes/node/bin/kubelet - mode: 0555 - - path: /etc/logrotate.d/json-logrotate - mode: 0444 - content: |- - /var/lib/docker/containers/*/*-json.log - { - compress - copytruncate - create 0644 root root - daily - dateext - dateformat -%Y%m%d-%s - maxsize 10M - missingok - notifempty - su root root - rotate 1 - } - packages: - # NOTE(mb874d): This method for specified repositories and keys will be - # change to align with Drydock's approach. Until then, we will specify - # it here. - repositories: - - deb http://apt.dockerproject.org/repo ubuntu-xenial main - keys: - - |- - -----BEGIN PGP PUBLIC KEY BLOCK----- - - mQINBFWln24BEADrBl5p99uKh8+rpvqJ48u4eTtjeXAWbslJotmC/CakbNSqOb9o - ddfzRvGVeJVERt/Q/mlvEqgnyTQy+e6oEYN2Y2kqXceUhXagThnqCoxcEJ3+KM4R - mYdoe/BJ/J/6rHOjq7Omk24z2qB3RU1uAv57iY5VGw5p45uZB4C4pNNsBJXoCvPn - TGAs/7IrekFZDDgVraPx/hdiwopQ8NltSfZCyu/jPpWFK28TR8yfVlzYFwibj5WK - dHM7ZTqlA1tHIG+agyPf3Rae0jPMsHR6q+arXVwMccyOi+ULU0z8mHUJ3iEMIrpT - X+80KaN/ZjibfsBOCjcfiJSB/acn4nxQQgNZigna32velafhQivsNREFeJpzENiG - HOoyC6qVeOgKrRiKxzymj0FIMLru/iFF5pSWcBQB7PYlt8J0G80lAcPr6VCiN+4c - NKv03SdvA69dCOj79PuO9IIvQsJXsSq96HB+TeEmmL+xSdpGtGdCJHHM1fDeCqkZ - hT+RtBGQL2SEdWjxbF43oQopocT8cHvyX6Zaltn0svoGs+wX3Z/H6/8P5anog43U - 65c0A+64Jj00rNDr8j31izhtQMRo892kGeQAaaxg4Pz6HnS7hRC+cOMHUU4HA7iM - zHrouAdYeTZeZEQOA7SxtCME9ZnGwe2grxPXh/U/80WJGkzLFNcTKdv+rwARAQAB - tDdEb2NrZXIgUmVsZWFzZSBUb29sIChyZWxlYXNlZG9ja2VyKSA8ZG9ja2VyQGRv - Y2tlci5jb20+iQI4BBMBAgAiBQJVpZ9uAhsvBgsJCAcDAgYVCAIJCgsEFgIDAQIe - AQIXgAAKCRD3YiFXLFJgnbRfEAC9Uai7Rv20QIDlDogRzd+Vebg4ahyoUdj0CH+n - Ak40RIoq6G26u1e+sdgjpCa8jF6vrx+smpgd1HeJdmpahUX0XN3X9f9qU9oj9A4I - 1WDalRWJh+tP5WNv2ySy6AwcP9QnjuBMRTnTK27pk1sEMg9oJHK5p+ts8hlSC4Sl - uyMKH5NMVy9c+A9yqq9NF6M6d6/ehKfBFFLG9BX+XLBATvf1ZemGVHQusCQebTGv - 0C0V9yqtdPdRWVIEhHxyNHATaVYOafTj/EF0lDxLl6zDT6trRV5n9F1VCEh4Aal8 - L5MxVPcIZVO7NHT2EkQgn8CvWjV3oKl2GopZF8V4XdJRl90U/WDv/6cmfI08GkzD - YBHhS8ULWRFwGKobsSTyIvnbk4NtKdnTGyTJCQ8+6i52s+C54PiNgfj2ieNn6oOR - 7d+bNCcG1CdOYY+ZXVOcsjl73UYvtJrO0Rl/NpYERkZ5d/tzw4jZ6FCXgggA/Zxc - jk6Y1ZvIm8Mt8wLRFH9Nww+FVsCtaCXJLP8DlJLASMD9rl5QS9Ku3u7ZNrr5HWXP - HXITX660jglyshch6CWeiUATqjIAzkEQom/kEnOrvJAtkypRJ59vYQOedZ1sFVEL - MXg2UCkD/FwojfnVtjzYaTCeGwFQeqzHmM241iuOmBYPeyTY5veF49aBJA1gEJOQ - TvBR8Q== - =Fm3p - -----END PGP PUBLIC KEY BLOCK----- diff --git a/deployment_files/global/v1.0demo/profiles/security/seccomp_default.yaml b/deployment_files/global/v1.0demo/profiles/security/seccomp_default.yaml deleted file mode 100644 index 2ff6a7fd..00000000 --- a/deployment_files/global/v1.0demo/profiles/security/seccomp_default.yaml +++ /dev/null @@ -1,787 +0,0 @@ ---- -# The data content of this file is referred from the Moby project as -# mentioned in the link below: -# https://github.com/moby/moby/blob/master/profiles/seccomp/default.json -schema: 'pegleg/SeccompProfile/v1' -metadata: - schema: 'metadata/Document/v1' - name: seccomp-default - storagePolicy: 'cleartext' - layeringDefinition: - abstract: false - layer: global -data: - # Path for seccomp profile root directory. - seccompDirPath: /var/lib/kubelet/seccomp - # Path to save seccomp profile as file. - # This should be same as seccompDirPath with file name. - savePath: /var/lib/kubelet/seccomp/seccomp_default - # Content of default seccomp profile file. - content: | - { - "defaultAction": "SCMP_ACT_ERRNO", - "archMap": [ - { - "architecture": "SCMP_ARCH_X86_64", - "subArchitectures": [ - "SCMP_ARCH_X86", - "SCMP_ARCH_X32" - ] - }, - { - "architecture": "SCMP_ARCH_AARCH64", - "subArchitectures": [ - "SCMP_ARCH_ARM" - ] - }, - { - "architecture": "SCMP_ARCH_MIPS64", - "subArchitectures": [ - "SCMP_ARCH_MIPS", - "SCMP_ARCH_MIPS64N32" - ] - }, - { - "architecture": "SCMP_ARCH_MIPS64N32", - "subArchitectures": [ - "SCMP_ARCH_MIPS", - "SCMP_ARCH_MIPS64" - ] - }, - { - "architecture": "SCMP_ARCH_MIPSEL64", - "subArchitectures": [ - "SCMP_ARCH_MIPSEL", - "SCMP_ARCH_MIPSEL64N32" - ] - }, - { - "architecture": "SCMP_ARCH_MIPSEL64N32", - "subArchitectures": [ - "SCMP_ARCH_MIPSEL", - "SCMP_ARCH_MIPSEL64" - ] - }, - { - "architecture": "SCMP_ARCH_S390X", - "subArchitectures": [ - "SCMP_ARCH_S390" - ] - } - ], - "syscalls": [ - { - "names": [ - "accept", - "accept4", - "access", - "adjtimex", - "alarm", - "bind", - "brk", - "capget", - "capset", - "chdir", - "chmod", - "chown", - "chown32", - "clock_getres", - "clock_gettime", - "clock_nanosleep", - "close", - "connect", - "copy_file_range", - "creat", - "dup", - "dup2", - "dup3", - "epoll_create", - "epoll_create1", - "epoll_ctl", - "epoll_ctl_old", - "epoll_pwait", - "epoll_wait", - "epoll_wait_old", - "eventfd", - "eventfd2", - "execve", - "execveat", - "exit", - "exit_group", - "faccessat", - "fadvise64", - "fadvise64_64", - "fallocate", - "fanotify_mark", - "fchdir", - "fchmod", - "fchmodat", - "fchown", - "fchown32", - "fchownat", - "fcntl", - "fcntl64", - "fdatasync", - "fgetxattr", - "flistxattr", - "flock", - "fork", - "fremovexattr", - "fsetxattr", - "fstat", - "fstat64", - "fstatat64", - "fstatfs", - "fstatfs64", - "fsync", - "ftruncate", - "ftruncate64", - "futex", - "futimesat", - "getcpu", - "getcwd", - "getdents", - "getdents64", - "getegid", - "getegid32", - "geteuid", - "geteuid32", - "getgid", - "getgid32", - "getgroups", - "getgroups32", - "getitimer", - "getpeername", - "getpgid", - "getpgrp", - "getpid", - "getppid", - "getpriority", - "getrandom", - "getresgid", - "getresgid32", - "getresuid", - "getresuid32", - "getrlimit", - "get_robust_list", - "getrusage", - "getsid", - "getsockname", - "getsockopt", - "get_thread_area", - "gettid", - "gettimeofday", - "getuid", - "getuid32", - "getxattr", - "inotify_add_watch", - "inotify_init", - "inotify_init1", - "inotify_rm_watch", - "io_cancel", - "ioctl", - "io_destroy", - "io_getevents", - "ioprio_get", - "ioprio_set", - "io_setup", - "io_submit", - "ipc", - "kill", - "lchown", - "lchown32", - "lgetxattr", - "link", - "linkat", - "listen", - "listxattr", - "llistxattr", - "_llseek", - "lremovexattr", - "lseek", - "lsetxattr", - "lstat", - "lstat64", - "madvise", - "memfd_create", - "mincore", - "mkdir", - "mkdirat", - "mknod", - "mknodat", - "mlock", - "mlock2", - "mlockall", - "mmap", - "mmap2", - "mprotect", - "mq_getsetattr", - "mq_notify", - "mq_open", - "mq_timedreceive", - "mq_timedsend", - "mq_unlink", - "mremap", - "msgctl", - "msgget", - "msgrcv", - "msgsnd", - "msync", - "munlock", - "munlockall", - "munmap", - "nanosleep", - "newfstatat", - "_newselect", - "open", - "openat", - "pause", - "pipe", - "pipe2", - "poll", - "ppoll", - "prctl", - "pread64", - "preadv", - "preadv2", - "prlimit64", - "pselect6", - "pwrite64", - "pwritev", - "pwritev2", - "read", - "readahead", - "readlink", - "readlinkat", - "readv", - "recv", - "recvfrom", - "recvmmsg", - "recvmsg", - "remap_file_pages", - "removexattr", - "rename", - "renameat", - "renameat2", - "restart_syscall", - "rmdir", - "rt_sigaction", - "rt_sigpending", - "rt_sigprocmask", - "rt_sigqueueinfo", - "rt_sigreturn", - "rt_sigsuspend", - "rt_sigtimedwait", - "rt_tgsigqueueinfo", - "sched_getaffinity", - "sched_getattr", - "sched_getparam", - "sched_get_priority_max", - "sched_get_priority_min", - "sched_getscheduler", - "sched_rr_get_interval", - "sched_setaffinity", - "sched_setattr", - "sched_setparam", - "sched_setscheduler", - "sched_yield", - "seccomp", - "select", - "semctl", - "semget", - "semop", - "semtimedop", - "send", - "sendfile", - "sendfile64", - "sendmmsg", - "sendmsg", - "sendto", - "setfsgid", - "setfsgid32", - "setfsuid", - "setfsuid32", - "setgid", - "setgid32", - "setgroups", - "setgroups32", - "setitimer", - "setpgid", - "setpriority", - "setregid", - "setregid32", - "setresgid", - "setresgid32", - "setresuid", - "setresuid32", - "setreuid", - "setreuid32", - "setrlimit", - "set_robust_list", - "setsid", - "setsockopt", - "set_thread_area", - "set_tid_address", - "setuid", - "setuid32", - "setxattr", - "shmat", - "shmctl", - "shmdt", - "shmget", - "shutdown", - "sigaltstack", - "signalfd", - "signalfd4", - "sigreturn", - "socket", - "socketcall", - "socketpair", - "splice", - "stat", - "stat64", - "statfs", - "statfs64", - "statx", - "symlink", - "symlinkat", - "sync", - "sync_file_range", - "syncfs", - "sysinfo", - "syslog", - "tee", - "tgkill", - "time", - "timer_create", - "timer_delete", - "timerfd_create", - "timerfd_gettime", - "timerfd_settime", - "timer_getoverrun", - "timer_gettime", - "timer_settime", - "times", - "tkill", - "truncate", - "truncate64", - "ugetrlimit", - "umask", - "uname", - "unlink", - "unlinkat", - "utime", - "utimensat", - "utimes", - "vfork", - "vmsplice", - "wait4", - "waitid", - "waitpid", - "write", - "writev" - ], - "action": "SCMP_ACT_ALLOW", - "args": [], - "comment": "", - "includes": {}, - "excludes": {} - }, - { - "names": [ - "personality" - ], - "action": "SCMP_ACT_ALLOW", - "args": [ - { - "index": 0, - "value": 0, - "valueTwo": 0, - "op": "SCMP_CMP_EQ" - } - ], - "comment": "", - "includes": {}, - "excludes": {} - }, - { - "names": [ - "personality" - ], - "action": "SCMP_ACT_ALLOW", - "args": [ - { - "index": 0, - "value": 8, - "valueTwo": 0, - "op": "SCMP_CMP_EQ" - } - ], - "comment": "", - "includes": {}, - "excludes": {} - }, - { - "names": [ - "personality" - ], - "action": "SCMP_ACT_ALLOW", - "args": [ - { - "index": 0, - "value": 131072, - "valueTwo": 0, - "op": "SCMP_CMP_EQ" - } - ], - "comment": "", - "includes": {}, - "excludes": {} - }, - { - "names": [ - "personality" - ], - "action": "SCMP_ACT_ALLOW", - "args": [ - { - "index": 0, - "value": 131080, - "valueTwo": 0, - "op": "SCMP_CMP_EQ" - } - ], - "comment": "", - "includes": {}, - "excludes": {} - }, - { - "names": [ - "personality" - ], - "action": "SCMP_ACT_ALLOW", - "args": [ - { - "index": 0, - "value": 4294967295, - "valueTwo": 0, - "op": "SCMP_CMP_EQ" - } - ], - "comment": "", - "includes": {}, - "excludes": {} - }, - { - "names": [ - "sync_file_range2" - ], - "action": "SCMP_ACT_ALLOW", - "args": [], - "comment": "", - "includes": { - "arches": [ - "ppc64le" - ] - }, - "excludes": {} - }, - { - "names": [ - "arm_fadvise64_64", - "arm_sync_file_range", - "sync_file_range2", - "breakpoint", - "cacheflush", - "set_tls" - ], - "action": "SCMP_ACT_ALLOW", - "args": [], - "comment": "", - "includes": { - "arches": [ - "arm", - "arm64" - ] - }, - "excludes": {} - }, - { - "names": [ - "arch_prctl" - ], - "action": "SCMP_ACT_ALLOW", - "args": [], - "comment": "", - "includes": { - "arches": [ - "amd64", - "x32" - ] - }, - "excludes": {} - }, - { - "names": [ - "modify_ldt" - ], - "action": "SCMP_ACT_ALLOW", - "args": [], - "comment": "", - "includes": { - "arches": [ - "amd64", - "x32", - "x86" - ] - }, - "excludes": {} - }, - { - "names": [ - "s390_pci_mmio_read", - "s390_pci_mmio_write", - "s390_runtime_instr" - ], - "action": "SCMP_ACT_ALLOW", - "args": [], - "comment": "", - "includes": { - "arches": [ - "s390", - "s390x" - ] - }, - "excludes": {} - }, - { - "names": [ - "open_by_handle_at" - ], - "action": "SCMP_ACT_ALLOW", - "args": [], - "comment": "", - "includes": { - "caps": [ - "CAP_DAC_READ_SEARCH" - ] - }, - "excludes": {} - }, - { - "names": [ - "bpf", - "clone", - "fanotify_init", - "lookup_dcookie", - "mount", - "name_to_handle_at", - "perf_event_open", - "quotactl", - "setdomainname", - "sethostname", - "setns", - "umount", - "umount2", - "unshare" - ], - "action": "SCMP_ACT_ALLOW", - "args": [], - "comment": "", - "includes": { - "caps": [ - "CAP_SYS_ADMIN" - ] - }, - "excludes": {} - }, - { - "names": [ - "clone" - ], - "action": "SCMP_ACT_ALLOW", - "args": [ - { - "index": 0, - "value": 2080505856, - "valueTwo": 0, - "op": "SCMP_CMP_MASKED_EQ" - } - ], - "comment": "", - "includes": {}, - "excludes": { - "caps": [ - "CAP_SYS_ADMIN" - ], - "arches": [ - "s390", - "s390x" - ] - } - }, - { - "names": [ - "clone" - ], - "action": "SCMP_ACT_ALLOW", - "args": [ - { - "index": 1, - "value": 2080505856, - "valueTwo": 0, - "op": "SCMP_CMP_MASKED_EQ" - } - ], - "comment": "s390 parameter ordering for clone is different", - "includes": { - "arches": [ - "s390", - "s390x" - ] - }, - "excludes": { - "caps": [ - "CAP_SYS_ADMIN" - ] - } - }, - { - "names": [ - "reboot" - ], - "action": "SCMP_ACT_ALLOW", - "args": [], - "comment": "", - "includes": { - "caps": [ - "CAP_SYS_BOOT" - ] - }, - "excludes": {} - }, - { - "names": [ - "chroot" - ], - "action": "SCMP_ACT_ALLOW", - "args": [], - "comment": "", - "includes": { - "caps": [ - "CAP_SYS_CHROOT" - ] - }, - "excludes": {} - }, - { - "names": [ - "delete_module", - "init_module", - "finit_module", - "query_module" - ], - "action": "SCMP_ACT_ALLOW", - "args": [], - "comment": "", - "includes": { - "caps": [ - "CAP_SYS_MODULE" - ] - }, - "excludes": {} - }, - { - "names": [ - "acct" - ], - "action": "SCMP_ACT_ALLOW", - "args": [], - "comment": "", - "includes": { - "caps": [ - "CAP_SYS_PACCT" - ] - }, - "excludes": {} - }, - { - "names": [ - "kcmp", - "process_vm_readv", - "process_vm_writev", - "ptrace" - ], - "action": "SCMP_ACT_ALLOW", - "args": [], - "comment": "", - "includes": { - "caps": [ - "CAP_SYS_PTRACE" - ] - }, - "excludes": {} - }, - { - "names": [ - "iopl", - "ioperm" - ], - "action": "SCMP_ACT_ALLOW", - "args": [], - "comment": "", - "includes": { - "caps": [ - "CAP_SYS_RAWIO" - ] - }, - "excludes": {} - }, - { - "names": [ - "settimeofday", - "stime", - "clock_settime" - ], - "action": "SCMP_ACT_ALLOW", - "args": [], - "comment": "", - "includes": { - "caps": [ - "CAP_SYS_TIME" - ] - }, - "excludes": {} - }, - { - "names": [ - "vhangup" - ], - "action": "SCMP_ACT_ALLOW", - "args": [], - "comment": "", - "includes": { - "caps": [ - "CAP_SYS_TTY_CONFIG" - ] - }, - "excludes": {} - }, - { - "names": [ - "get_mempolicy", - "mbind", - "set_mempolicy" - ], - "action": "SCMP_ACT_ALLOW", - "args": [], - "comment": "", - "includes": { - "caps": [ - "CAP_SYS_NICE" - ] - }, - "excludes": {} - } - ] - } \ No newline at end of file diff --git a/deployment_files/global/v1.0demo/schemas/armada/Chart/v1.yaml b/deployment_files/global/v1.0demo/schemas/armada/Chart/v1.yaml deleted file mode 100644 index 86fede8e..00000000 --- a/deployment_files/global/v1.0demo/schemas/armada/Chart/v1.yaml +++ /dev/null @@ -1,12 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: armada/Chart/v1 - labels: - application: armada -data: - $schema: 'http://json-schema.org/schema#' - type: 'object' - additionalProperties: true -... diff --git a/deployment_files/global/v1.0demo/schemas/armada/ChartGroup/v1.yaml b/deployment_files/global/v1.0demo/schemas/armada/ChartGroup/v1.yaml deleted file mode 100644 index 76f21dfc..00000000 --- a/deployment_files/global/v1.0demo/schemas/armada/ChartGroup/v1.yaml +++ /dev/null @@ -1,12 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: armada/ChartGroup/v1 - labels: - application: armada -data: - $schema: 'http://json-schema.org/schema#' - type: 'object' - additionalProperties: true -... diff --git a/deployment_files/global/v1.0demo/schemas/armada/Manifest/v1.yaml b/deployment_files/global/v1.0demo/schemas/armada/Manifest/v1.yaml deleted file mode 100644 index cca2e100..00000000 --- a/deployment_files/global/v1.0demo/schemas/armada/Manifest/v1.yaml +++ /dev/null @@ -1,12 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: armada/Manifest/v1 - labels: - application: armada -data: - $schema: 'http://json-schema.org/schema#' - type: 'object' - additionalProperties: true -... diff --git a/deployment_files/global/v1.0demo/schemas/drydock/BaremetalNode/v1.yaml b/deployment_files/global/v1.0demo/schemas/drydock/BaremetalNode/v1.yaml deleted file mode 100644 index 52f06215..00000000 --- a/deployment_files/global/v1.0demo/schemas/drydock/BaremetalNode/v1.yaml +++ /dev/null @@ -1,164 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: drydock/BaremetalNode/v1 - labels: - application: drydock -data: - $schema: 'http://json-schema.org/schema#' - id: 'http://att.com/att-comdev/drydock/baremetalNode.yaml' - type: 'object' - properties: - addressing: - type: 'array' - items: - type: 'object' - properties: - address: - type: 'string' - network: - type: 'string' - oob: - type: 'object' - properties: - type: - type: 'string' - network: - type: 'string' - account: - type: 'string' - credetial: - type: 'string' - additionalProperties: true - storage: - type: 'object' - properties: - physical_devices: - type: 'object' - additionalProperties: - type: 'object' - properties: - labels: - type: 'object' - additionalProperties: - type: 'string' - volume_group: - type: 'string' - partitions: - type: 'array' - items: - type: 'object' - properties: - name: - type: 'string' - size: - type: 'string' - part_uuid: - type: 'string' - volume_group: - type: 'string' - labels: - type: 'object' - additionalProperties: - type: 'string' - bootable: - type: 'boolean' - volume_group: - type: 'string' - filesystem: - type: 'object' - properties: - mountpoint: - type: 'string' - fstype: - type: 'string' - mount_options: - type: 'string' - fs_uuid: - type: 'string' - fs_label: - type: 'string' - additionalProperties: false - additionalProperties: false - volume_groups: - type: 'object' - additionalProperties: - type: 'object' - properties: - vg_uuid: - type: 'string' - logical_volumes: - type: 'array' - items: - type: 'object' - properties: - name: - type: 'string' - lv_uuid: - type: 'string' - size: - type: 'string' - filesystem: - type: 'object' - properties: - mountpoint: - type: 'string' - fstype: - type: 'string' - mount_options: - type: 'string' - fs_uuid: - type: 'string' - fs_label: - type: 'string' - platform: - type: 'object' - properties: - image: - type: 'string' - kernel: - type: 'string' - kernel_params: - type: 'object' - additionalProperties: true - additionalProperties: false - metadata: - type: 'object' - properties: - tags: - type: 'array' - items: - type: 'string' - owner_data: - type: 'object' - additionalProperties: - type: 'string' - rack: - type: 'string' - boot_mac: - type: 'string' - additionalProperties: false - host_profile: - type: 'string' - hardware_profile: - type: 'string' - primary_network: - type: 'string' - interfaces: - type: 'object' - additionalProperties: - type: 'object' - properties: - device_link: - type: 'string' - slaves: - type: 'array' - items: - type: 'string' - networks: - type: 'array' - items: - type: 'string' - additionalProperties: false -... diff --git a/deployment_files/global/v1.0demo/schemas/drydock/BootAction/v1.yaml b/deployment_files/global/v1.0demo/schemas/drydock/BootAction/v1.yaml deleted file mode 100644 index d35e6683..00000000 --- a/deployment_files/global/v1.0demo/schemas/drydock/BootAction/v1.yaml +++ /dev/null @@ -1,94 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: drydock/BootAction/v1 - labels: - application: drydock -data: - $schema: 'http://json-schema.org/schema#' - id: 'http://att.com/att-comdev/drydock/bootaction.yaml' - type: 'object' - additionalProperties: false - properties: - signaling: - type: 'boolean' - assets: - type: 'array' - items: - type: 'object' - additionalProperties: false - properties: - path: - type: 'string' - pattern: '^/.+' - location: - type: 'string' - type: - type: 'string' - enum: - - 'unit' - - 'file' - - 'pkg_list' - data: - type: 'string' - location_pipeline: - type: 'array' - items: - type: 'string' - enum: - - 'template' - data_pipeline: - type: 'array' - items: - type: 'string' - enum: - - 'base64_encode' - - 'template' - - 'base64_decode' - - 'utf8_encode' - - 'utf8_decode' - permissions: - type: 'string' - pattern: '\d{3}' - required: - - 'type' - node_filter: - type: 'object' - additionalProperties: false - properties: - filter_set_type: - type: 'string' - enum: - - 'intersection' - - 'union' - filter_set: - type: 'array' - items: - type: 'object' - additionalProperties: false - properties: - filter_type: - type: 'string' - enum: - - 'intersection' - - 'union' - node_names: - type: 'array' - items: - type: 'string' - node_tags: - type: 'array' - items: - type: 'string' - node_labels: - type: 'object' - additionalProperties: true - rack_names: - type: 'array' - items: - type: 'string' - rack_labels: - type: 'object' - additionalProperties: true -... diff --git a/deployment_files/global/v1.0demo/schemas/drydock/HardwareProfile/v1.yaml b/deployment_files/global/v1.0demo/schemas/drydock/HardwareProfile/v1.yaml deleted file mode 100644 index e51e274f..00000000 --- a/deployment_files/global/v1.0demo/schemas/drydock/HardwareProfile/v1.yaml +++ /dev/null @@ -1,49 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: drydock/HardwareProfile/v1 - labels: - application: drydock -data: - $schema: 'http://json-schema.org/schema#' - type: 'object' - properties: - vendor: - type: 'string' - generation: - type: 'string' - hw_version: - type: 'string' - bios_version: - type: 'string' - boot_mode: - type: 'string' - enum: - - 'bios' - - 'uefi' - bootstrap_protocol: - type: 'string' - enum: - - 'pxe' - - 'usb' - - 'hdd' - pxe_interface: - type: 'number' - device_aliases: - type: 'object' - additionalProperties: true - cpu_sets: - type: 'object' - additionalProperties: - type: 'string' - hugepages: - type: 'object' - additionalProperties: - type: 'object' - propertes: - size: - type: 'string' - count: - type: 'number' - additionalProperties: false diff --git a/deployment_files/global/v1.0demo/schemas/drydock/HostProfile/v1.yaml b/deployment_files/global/v1.0demo/schemas/drydock/HostProfile/v1.yaml deleted file mode 100644 index e4eb48e2..00000000 --- a/deployment_files/global/v1.0demo/schemas/drydock/HostProfile/v1.yaml +++ /dev/null @@ -1,155 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: drydock/HostProfile/v1 - labels: - application: drydock -data: - $schema: 'http://json-schema.org/schema#' - id: 'http://att.com/att-comdev/drydock/hostProfile.yaml' - type: 'object' - properties: - oob: - type: 'object' - properties: - type: - type: 'string' - network: - type: 'string' - account: - type: 'string' - credetial: - type: 'string' - additionalProperties: true - storage: - type: 'object' - properties: - physical_devices: - type: 'object' - additionalProperties: - type: 'object' - properties: - labels: - type: 'object' - additionalProperties: - type: 'string' - volume_group: - type: 'string' - partitions: - type: 'array' - items: - type: 'object' - properties: - name: - type: 'string' - size: - type: 'string' - part_uuid: - type: 'string' - volume_group: - type: 'string' - labels: - type: 'object' - additionalProperties: - type: 'string' - bootable: - type: 'boolean' - volume_group: - type: 'string' - filesystem: - type: 'object' - properties: - mountpoint: - type: 'string' - fstype: - type: 'string' - mount_options: - type: 'string' - fs_uuid: - type: 'string' - fs_label: - type: 'string' - additionalProperties: false - additionalProperties: false - volume_groups: - type: 'object' - additionalProperties: - type: 'object' - properties: - vg_uuid: - type: 'string' - logical_volumes: - type: 'array' - items: - type: 'object' - properties: - name: - type: 'string' - lv_uuid: - type: 'string' - size: - type: 'string' - filesystem: - type: 'object' - properties: - mountpoint: - type: 'string' - fstype: - type: 'string' - mount_options: - type: 'string' - fs_uuid: - type: 'string' - fs_label: - type: 'string' - platform: - type: 'object' - properties: - image: - type: 'string' - kernel: - type: 'string' - kernel_params: - type: 'object' - additionalProperties: true - additionalProperties: false - metadata: - type: 'object' - properties: - tags: - type: 'array' - items: - type: 'string' - owner_data: - type: 'object' - additionalProperties: - type: 'string' - rack: - type: 'string' - boot_mac: - type: 'string' - additionalProperties: false - host_profile: - type: 'string' - hardware_profile: - type: 'string' - primary_network: - type: 'string' - interfaces: - type: 'object' - additionalProperties: - type: 'object' - properties: - device_link: - type: 'string' - slaves: - type: 'array' - items: - type: 'string' - networks: - type: 'array' - items: - type: 'string' - additionalProperties: false -... diff --git a/deployment_files/global/v1.0demo/schemas/drydock/Network/v1.yaml b/deployment_files/global/v1.0demo/schemas/drydock/Network/v1.yaml deleted file mode 100644 index 4eaaf11d..00000000 --- a/deployment_files/global/v1.0demo/schemas/drydock/Network/v1.yaml +++ /dev/null @@ -1,71 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: drydock/Network/v1 - labels: - application: drydock -data: - $schema: 'http://json-schema.org/schema#' - id: 'http://att.com/att-comdev/drydock/network.yaml' - type: 'object' - properties: - cidr: - type: 'string' - ranges: - type: 'array' - items: - type: 'object' - properties: - type: - type: 'string' - start: - type: 'string' - format: 'ipv4' - end: - type: 'string' - format: 'ipv4' - additionalProperties: false - dns: - type: 'object' - properties: - domain: - type: 'string' - servers: - type: 'string' - additionalProperties: false - dhcp_relay: - type: 'object' - properties: - self_ip: - type: 'string' - format: 'ipv4' - upstream_target: - type: 'string' - format: 'ipv4' - additionalProperties: false - mtu: - type: 'number' - vlan: - type: 'string' - routedomain: - type: 'string' - routes: - type: 'array' - items: - type: 'object' - properties: - subnet: - type: 'string' - gateway: - type: 'string' - format: 'ipv4' - metric: - type: 'number' - routedomain: - type: 'string' - additionalProperties: false - labels: - type: 'object' - additionalProperties: true - additionalProperties: false diff --git a/deployment_files/global/v1.0demo/schemas/drydock/NetworkLink/v1.yaml b/deployment_files/global/v1.0demo/schemas/drydock/NetworkLink/v1.yaml deleted file mode 100644 index e0f7e34d..00000000 --- a/deployment_files/global/v1.0demo/schemas/drydock/NetworkLink/v1.yaml +++ /dev/null @@ -1,48 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: drydock/NetworkLink/v1 - labels: - application: drydock -data: - $schema: 'http://json-schema.org/schema#' - id: 'http://att.com/att-comdev/drydock/networkLink.yaml' - type: 'object' - properties: - bonding: - type: 'object' - properties: - mode: - type: 'string' - hash: - type: 'string' - peer_rate: - type: 'string' - mon_rate: - type: 'number' - up_delay: - type: 'number' - down_delay: - type: 'number' - additionalProperties: false - mtu: - type: 'number' - linkspeed: - type: 'string' - trunking: - type: 'object' - properties: - mode: - type: 'string' - default_network: - type: 'string' - additionalProperties: false - allowed_networks: - type: 'array' - items: - type: 'string' - labels: - type: 'object' - additionalProperties: true - additionalProperties: false diff --git a/deployment_files/global/v1.0demo/schemas/drydock/Rack/v1.yaml b/deployment_files/global/v1.0demo/schemas/drydock/Rack/v1.yaml deleted file mode 100644 index 65fe5d13..00000000 --- a/deployment_files/global/v1.0demo/schemas/drydock/Rack/v1.yaml +++ /dev/null @@ -1,36 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: drydock/Rack/v1 - labels: - application: drydock -data: - $schema: 'http://json-schema.org/schema#' - id: 'http://att.com/att-comdev/drydock/rack.yaml' - type: 'object' - properties: - tor_switches: - type: 'object' - properties: - mgmt_ip: - type: 'string' - format: 'ipv4' - sdn_api_uri: - type: 'string' - format: 'uri' - location: - type: 'object' - properties: - clli: - type: 'string' - grid: - type: 'string' - local_networks: - type: 'array' - items: - type: 'string' - labels: - type: 'object' - additionalProperties: true - additionalProperties: false diff --git a/deployment_files/global/v1.0demo/schemas/drydock/Region/v1.yaml b/deployment_files/global/v1.0demo/schemas/drydock/Region/v1.yaml deleted file mode 100644 index 37e4da8c..00000000 --- a/deployment_files/global/v1.0demo/schemas/drydock/Region/v1.yaml +++ /dev/null @@ -1,31 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: drydock/Region/v1 - labels: - application: drydock -data: - $schema: 'http://json-schema.org/schema#' - id: 'http://att.com/att-comdev/drydock/region.yaml' - type: 'object' - properties: - tag_definitions: - type: 'array' - items: - type: 'object' - properties: - tag: - type: 'string' - definition_type: - type: 'string' - enum: - - 'lshw_xpath' - definition: - type: 'string' - additionalProperties: false - authorized_keys: - type: 'array' - items: - type: 'string' - additionalProperties: false diff --git a/deployment_files/global/v1.0demo/schemas/pegleg/AccountCatalogue/v1.yaml b/deployment_files/global/v1.0demo/schemas/pegleg/AccountCatalogue/v1.yaml deleted file mode 100644 index c9505999..00000000 --- a/deployment_files/global/v1.0demo/schemas/pegleg/AccountCatalogue/v1.yaml +++ /dev/null @@ -1,645 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: pegleg/AccountCatalogue/v1 -data: - $schema: 'http://json-schema.org/schema#' - type: object - properties: - ucp: - type: object - properties: - postgres: - type: object - properties: - admin: - type: object - properties: - username: - type: string - oslo_db: - type: object - properties: - admin: - type: object - properties: - username: - type: string - oslo_messaging: - type: object - properties: - admin: - type: object - properties: - username: - type: string - keystone: - type: object - properties: - admin: - type: object - properties: - region_name: - type: string - username: - type: string - project_name: - type: string - user_domain_name: - type: string - project_domain_name: - type: string - oslo_messaging: - type: object - properties: - username: - type: string - oslo_db: - type: object - properties: - username: - type: string - database: - type: string - promenade: - type: object - properties: - keystone: - type: object - properties: - region_name: - type: string - role: - type: string - project_name: - type: string - project_domain_name: - type: string - user_domain_name: - type: string - username: - type: string - drydock: - type: object - properties: - keystone: - type: object - properties: - region_name: - type: string - role: - type: string - project_name: - type: string - project_domain_name: - type: string - user_domain_name: - type: string - username: - type: string - postgres: - type: object - properties: - username: - type: string - database: - type: string - shipyard: - type: object - properties: - keystone: - type: object - properties: - region_name: - type: string - role: - type: string - project_name: - type: string - project_domain_name: - type: string - user_domain_name: - type: string - username: - type: string - postgres: - type: object - properties: - username: - type: string - database: - type: string - airflow: - type: object - properties: - postgres: - type: object - properties: - username: - type: string - database: - type: string - oslo_messaging: - type: object - properties: - username: - type: string - maas: - type: object - properties: - admin: - type: object - properties: - username: - type: string - email: - type: string - postgres: - type: object - properties: - username: - type: string - database: - type: string - barbican: - type: object - properties: - keystone: - type: object - properties: - region_name: - type: string - role: - type: string - project_name: - type: string - project_domain_name: - type: string - user_domain_name: - type: string - username: - type: string - oslo_db: - type: object - properties: - username: - type: string - database: - type: string - oslo_messaging: - type: object - properties: - username: - type: string - armada: - type: object - properties: - keystone: - type: object - properties: - project_domain_name: - type: string - project_name: - type: string - region_name: - type: string - role: - type: string - user_domain_name: - type: string - username: - type: string - deckhand: - type: object - properties: - keystone: - type: object - properties: - region_name: - type: string - role: - type: string - project_name: - type: string - project_domain_name: - type: string - user_domain_name: - type: string - username: - type: string - postgres: - type: object - properties: - username: - type: string - database: - type: string - ceph: - type: object - properties: - swift: - type: object - properties: - keystone: - type: object - properties: - role: - type: string - region_name: - type: string - username: - type: string - project_name: - type: string - user_domain_name: - type: string - project_domain_name: - type: string - osh: - type: object - properties: - keystone: - type: object - properties: - admin: - type: object - properties: - region_name: - type: string - username: - type: string - project_name: - type: string - user_domain_name: - type: string - project_domain_name: - type: string - oslo_messaging: - type: object - properties: - admin: - type: object - properties: - username: - type: string - keystone: - type: object - properties: - username: - type: string - oslo_db: - type: object - properties: - username: - type: string - database: - type: string - cinder: - type: object - properties: - cinder: - type: object - properties: - role: - type: string - region_name: - type: string - username: - type: string - project_name: - type: string - user_domain_name: - type: string - project_domain_name: - type: string - oslo_messaging: - type: object - properties: - admin: - type: object - properties: - username: - type: string - cinder: - type: object - properties: - username: - type: string - oslo_db: - type: object - properties: - username: - type: string - database: - type: string - glance: - type: object - properties: - glance: - type: object - properties: - role: - type: string - region_name: - type: string - username: - type: string - project_name: - type: string - user_domain_name: - type: string - project_domain_name: - type: string - oslo_messaging: - type: object - properties: - admin: - type: object - properties: - username: - type: string - glance: - type: object - properties: - username: - type: string - oslo_db: - type: object - properties: - username: - type: string - database: - type: string - ceph_object_store: - type: object - properties: - username: - type: string - heat: - type: object - properties: - heat: - type: object - properties: - role: - type: string - region_name: - type: string - username: - type: string - project_name: - type: string - user_domain_name: - type: string - project_domain_name: - type: string - heat_trustee: - type: object - properties: - role: - type: string - region_name: - type: string - username: - type: string - project_name: - type: string - user_domain_name: - type: string - project_domain_name: - type: string - heat_stack_user: - type: object - properties: - role: - type: string - region_name: - type: string - username: - type: string - project_name: - type: string - user_domain_name: - type: string - project_domain_name: - type: string - oslo_db: - type: object - properties: - username: - type: string - database: - type: string - oslo_messaging: - type: object - properties: - admin: - type: object - properties: - username: - type: string - heat: - type: object - properties: - username: - type: string - swift: - type: object - properties: - swift: - type: object - properties: - role: - type: string - region_name: - type: string - username: - type: string - project_name: - type: string - user_domain_name: - type: string - project_domain_name: - type: string - oslo_db: - type: object - properties: - admin: - type: object - properties: - username: - type: string - neutron: - type: object - properties: - neutron: - type: object - properties: - role: - type: string - region_name: - type: string - username: - type: string - project_name: - type: string - user_domain_name: - type: string - project_domain_name: - type: string - oslo_messaging: - type: object - properties: - admin: - type: object - properties: - username: - type: string - neutron: - type: object - properties: - username: - type: string - oslo_db: - type: object - properties: - username: - type: string - database: - type: string - nova: - type: object - properties: - nova: - type: object - properties: - role: - type: string - region_name: - type: string - username: - type: string - project_name: - type: string - user_domain_name: - type: string - project_domain_name: - type: string - placement: - type: object - properties: - role: - type: string - region_name: - type: string - username: - type: string - project_name: - type: string - user_domain_name: - type: string - project_domain_name: - type: string - oslo_messaging: - type: object - properties: - admin: - type: object - properties: - username: - type: string - nova: - type: object - properties: - username: - type: string - oslo_db: - type: object - properties: - username: - type: string - database: - type: string - oslo_db_api: - type: object - properties: - username: - type: string - database: - type: string - oslo_db_cell0: - type: object - properties: - username: - type: string - database: - type: string - horizon: - type: object - properties: - oslo_db: - type: object - properties: - username: - type: string - database: - type: string - osh_infra: - type: object - properties: - grafana: - type: object - properties: - admin: - type: object - properties: - username: - type: string - oslo_db: - type: object - properties: - username: - type: string - database: - type: string - oslo_db_session: - type: object - properties: - username: - type: string - database: - type: string - elasticsearch: - type: object - properties: - admin: - type: object - properties: - username: - type: string - oslo_db: - type: object - properties: - admin: - type: object - properties: - username: - type: string - prometheus_openstack_exporter: - type: object - properties: - user: - type: object - properties: - username: - type: string - nagios: - type: object - properties: - admin: - type: object - properties: - username: - type: string -... diff --git a/deployment_files/global/v1.0demo/schemas/pegleg/AppArmorProfile/v1.yaml b/deployment_files/global/v1.0demo/schemas/pegleg/AppArmorProfile/v1.yaml deleted file mode 100644 index 29fa070c..00000000 --- a/deployment_files/global/v1.0demo/schemas/pegleg/AppArmorProfile/v1.yaml +++ /dev/null @@ -1,17 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: pegleg/AppArmorProfile/v1 - labels: - application: pegleg -data: - $schema: 'http://json-schema.org/schema#' - type: 'object' - additionalProperties: false - properties: - savePath: - type: 'string' - content: - type: 'string' - required: ['savePath', 'content'] diff --git a/deployment_files/global/v1.0demo/schemas/pegleg/CommonAddresses/v1.yaml b/deployment_files/global/v1.0demo/schemas/pegleg/CommonAddresses/v1.yaml deleted file mode 100644 index 33981373..00000000 --- a/deployment_files/global/v1.0demo/schemas/pegleg/CommonAddresses/v1.yaml +++ /dev/null @@ -1,116 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: pegleg/CommonAddresses/v1 -data: - $schema: 'http://json-schema.org/schema#' - type: object - properties: - calico: - type: object - properties: - ip_autodetection_method: - type: string - etcd: - type: object - properties: - service_ip: - type: string - dns: - type: object - properties: - cluster_domain: - type: string - service_ip: - type: string - upstream_servers: - type: array - items: - type: string - upstream_servers_joined: - type: string - genesis: - type: object - properties: - hostname: - type: string - ip: - type: string - bootstrap: - type: object - properties: - ip: - type: string - kubernetes: - type: object - properties: - api_service_ip: - type: string - etcd_service_ip: - type: string - pod_cidr: - type: string - service_cidr: - type: string - apiserver_port: - type: number - haproxy_port: - type: number - service_node_port_range: - type: string - etcd: - type: object - properties: - container_port: - type: number - haproxy_port: - type: number - masters: - type: array - items: - type: object - properties: - hostname: - type: string - node_ports: - type: object - properties: - drydock_api: - type: number - maas_api: - type: number - maas_proxy: - type: number - shipyard_api: - type: number - airflow_web: - type: number - ntp: - type: object - properties: - servers_joined: - type: string - storage: - type: object - properties: - ceph: - type: object - properties: - public_cidr: - type: string - cluster_cidr: - type: string - openvswitch: - type: object - properties: - external_iface: - type: string - neutron: - type: object - properties: - tunnel_device: - type: string - external_iface: - type: string -... diff --git a/deployment_files/global/v1.0demo/schemas/pegleg/CommonSoftwareConfig/v1.yaml b/deployment_files/global/v1.0demo/schemas/pegleg/CommonSoftwareConfig/v1.yaml deleted file mode 100644 index c02965cf..00000000 --- a/deployment_files/global/v1.0demo/schemas/pegleg/CommonSoftwareConfig/v1.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: pegleg/CommonSoftwareConfig/v1 -data: - $schema: 'http://json-schema.org/schema#' - type: object - properties: - osh: - type: object - properties: - region_name: - type: string -... diff --git a/deployment_files/global/v1.0demo/schemas/pegleg/EndpointCatalogue/v1.yaml b/deployment_files/global/v1.0demo/schemas/pegleg/EndpointCatalogue/v1.yaml deleted file mode 100644 index 776e4270..00000000 --- a/deployment_files/global/v1.0demo/schemas/pegleg/EndpointCatalogue/v1.yaml +++ /dev/null @@ -1,143 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: pegleg/EndpointCatalogue/v1 -data: - $schema: 'http://json-schema.org/schema#' - type: 'object' - # Namespace the list of endpoints - additionalProperties: - type: 'object' - additionalProperties: - type: 'object' - properties: - namespace: - oneOf: - - type: string - - type: "null" - name: - type: string - auth: - type: object - hosts: - type: object - properties: - data: - type: string - default: - type: string - discovery: - type: string - public: - type: string - internal: - type: string - additionalProperties: - type: string - host_fqdn_override: - oneOf: - - type: object - properties: - default: - oneOf: - - type: string - - type: "null" - - type: object - properties: - host: - type: string - tls: - type: object - properties: - crt: - type: string - ca: - type: string - key: - type: string - additionalProperties: - type: string - public: - oneOf: - - type: string - - type: "null" - - type: object - properties: - host: - type: string - tls: - type: object - properties: - crt: - type: string - ca: - type: string - key: - type: string - additionalProperties: - type: string - internal: - oneOf: - - type: string - - type: "null" - - type: object - properties: - host: - type: string - tls: - type: object - properties: - crt: - type: string - ca: - type: string - key: - type: string - additionalProperties: - type: string - additionalProperties: - type: string - - type: "null" - path: - oneOf: - - type: object - properties: - default: - oneOf: - - type: string - - type: "null" - public: - type: string - internal: - type: string - additionalProperties: - type: string - - type: string - scheme: - oneOf: - - type: object - properties: - default: - type: string - public: - type: string - internal: - type: string - additionalProperties: - type: string - - type: string - port: - type: object - additionalProperties: - type: object - properties: - default: - type: number - public: - type: number - internal: - type: number - additionalProperties: - type: number -... diff --git a/deployment_files/global/v1.0demo/schemas/pegleg/SeccompProfile/v1.yaml b/deployment_files/global/v1.0demo/schemas/pegleg/SeccompProfile/v1.yaml deleted file mode 100644 index a2bd8c9a..00000000 --- a/deployment_files/global/v1.0demo/schemas/pegleg/SeccompProfile/v1.yaml +++ /dev/null @@ -1,19 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: pegleg/SeccompProfile/v1 - labels: - application: pegleg -data: - $schema: 'http://json-schema.org/schema#' - type: 'object' - additionalProperties: false - properties: - seccompDirPath: - type: 'string' - savePath: - type: 'string' - content: - type: 'string' - required: ['seccompDirPath', 'savePath', 'content'] diff --git a/deployment_files/global/v1.0demo/schemas/pegleg/SoftwareVersions/v1.yaml b/deployment_files/global/v1.0demo/schemas/pegleg/SoftwareVersions/v1.yaml deleted file mode 100644 index f0930530..00000000 --- a/deployment_files/global/v1.0demo/schemas/pegleg/SoftwareVersions/v1.yaml +++ /dev/null @@ -1,1066 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: pegleg/SoftwareVersions/v1 -data: - $schema: 'http://json-schema.org/schema#' - type: object - properties: - charts: - type: object - properties: - kubernetes: - type: object - properties: - calico: - type: object - properties: - etcd: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - etcd-htk: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - calico: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - apiserver: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - apiserver-htk: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - controller-manager: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - controller-manager-htk: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - coredns: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - coredns-htk: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - haroxy: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - haroxy-htk: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - etcd: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - etcd-htk: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - ingress: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - ingress-htk: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - proxy: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - proxy-htk: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - scheduler: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - scheduler-htk: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - osh_infra: - type: object - properties: - elasticsearch: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - fluent_logging: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - kibana: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - prometheus: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - prometheus_node_exporter: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - prometheus_kube_state_metrics: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - prometheus_alertmanager: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - grafana: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - prometheus_openstack_exporter: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - nagios: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - osh: - type: object - properties: - barbican: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - cinder: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - glance: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - heat: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - horizon: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - ingress: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - keystone: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - libvirt: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - mariadb: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - memcached: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - neutron: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - nova: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - openvswitch: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - rabbitmq: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - ucp: - type: object - properties: - armada: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - barbican: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - ceph-mon: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - ceph-osd: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - ceph-client: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - deckhand: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - drydock: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - ingress: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - postgresql: - type: object - - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - promenade: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - keystone: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - maas: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - mariadb: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - memcached: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - rabbitmq: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - rabbitmq-etcd: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - shipyard: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - tiller: - type: object - properties: - type: - type: string - location: - type: string - subpath: - type: string - reference: - type: string - files: - type: object - properties: - kubelet: - type: string - images: - type: object - properties: - ucp: - type: object - properties: - armada: - type: object - properties: - api: - type: string - dep_check: - type: string - ks_endpoints: - type: string - ks_service: - type: string - ks_user: - type: string - helm: - type: string - tiller: - type: string - promenade: - type: object - properties: - dep_check: - type: string - promenade: - type: string - ks_user: - type: string - ks_service: - type: string - ks_endpoints: - type: string - deckhand: - type: object - properties: - deckhand: - type: string - dep_check: - type: string - db_init: - type: string - db_sync: - type: string - ks_endpoints: - type: string - ks_service: - type: string - ks_user: - type: string - barbican: - type: object - properties: - bootstrap: - type: string - dep_check: - type: string - scripted_test: - type: string - db_init: - type: string - barbican_db_sync: - type: string - db_drop: - type: string - ks_endpoints: - type: string - ks_service: - type: string - ks_user: - type: string - barbican_api: - type: string - drydock: - type: object - properties: - drydock: - type: string - dep_check: - type: string - ks_endpoints: - type: string - ks_service: - type: string - ks_user: - type: string - drydock_db_init: - type: string - drydock_db_sync: - type: string - shipyard: - type: object - properties: - airflow: - type: string - shipyard: - type: string - dep_check: - type: string - shipyard_db_init: - type: string - shipyard_db_sync: - type: string - airflow_db_init: - type: string - airflow_db_sync: - type: string - ks_user: - type: string - ks_service: - type: string - ks_endpoints: - type: string - maas: - type: object - properties: - db_init: - type: string - db_sync: - type: string - maas_rack: - type: string - maas_region: - type: string - bootstrap: - type: string - export_api_key: - type: string - maas_cache: - type: string - dep_check: - type: string - keystone: - type: object - properties: - keystone_bootstrap: - type: string - test: - type: string - db_init: - type: string - keystone_db_sync: - type: string - db_drop: - type: string - keystone_fernet_setup: - type: string - keystone_fernet_rotate: - type: string - keystone_credential_setup: - type: string - keystone_credential_rotate: - type: string - keystone_api: - type: string - dep_check: - type: string - tiller: - type: object - properties: - tiller: - type: string - mariadb: - type: object - properties: - mariadb: - type: string - dep_check: - type: string - postgresql: - type: object - properties: - postgresql: - type: string - dep_check: - type: string - memcached: - type: object - properties: - memcached: - type: string - dep_check: - type: string - rabbitmq: - type: object - properties: - rabbitmq: - type: string - dep_check: - type: string - ceph: - type: object - properties: - ceph-mon: - type: object - properties: - fluentbit: - type: string - ceph_bootstrap: - type: string - dep_check: - type: string - ceph_mon: - type: string - ceph_config_helper: - type: string - ceph_mon_check: - type: string - image_repo_sync: - type: string - ceph-osd: - type: object - properties: - fluentbit: - type: string - ceph_bootstrap: - type: string - dep_check: - type: string - ceph_osd: - type: string - image_repo_sync: - type: string - ceph-client: - type: object - properties: - ks_endpoints: - type: string - ks_service: - type: string - ks_user: - type: string - ceph_bootstrap: - type: string - dep_check: - type: string - ceph_mds: - type: string - ceph_mgr: - type: string - ceph_rgw: - type: string - ceph_config_helper: - type: string - ceph_rbd_pool: - type: string - ceph_rbd_provisioner: - type: string - ceph_cephfs_provisioner: - type: string - image_repo_sync: - type: string - kubernetes: - type: object - properties: - apiserver: - type: object - properties: - anchor: - type: string - apiserver: - type: string - dep_check: - type: string - controller-manager: - type: object - properties: - anchor: - type: string - controller_manager: - type: string - dep_check: - type: string - coredns: - type: object - properties: - coredns: - type: string - haproxy: - type: object - properties: - haproxy: - type: string - anchor: - type: string - etcd: - type: object - properties: - etcd: - type: string - etcdctl: - type: string - kubectl: - type: string - pause: - type: string - scheduler: - type: object - properties: - anchor: - type: string - scheduler: - type: string - proxy: - type: object - properties: - proxy: - type: string - calico: - type: object - properties: - etcd: - type: object - properties: - etcd: - type: string - etcdctl: - type: string - calico: - type: object - properties: - cni: - type: string - ctl: - type: string - node: - type: string - policy_controller: - type: string - packages: - type: object - properties: - repositories: - type: object - additionalProperties: - type: object - properties: - name: - type: string - url: - type: string - distributions: - type: array - items: - type: string - components: - type: array - items: - type: string - gpgkey: - type: string - named: - type: object - properties: - docker: - type: string - socat: - type: string - unnamed: - type: array - items: - type: string -... diff --git a/deployment_files/global/v1.0demo/schemas/promenade/Docker/v1.yaml b/deployment_files/global/v1.0demo/schemas/promenade/Docker/v1.yaml deleted file mode 100644 index f2dc517f..00000000 --- a/deployment_files/global/v1.0demo/schemas/promenade/Docker/v1.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -schema: deckhand/DataSchema/v1 -metadata: - schema: metadata/Control/v1 - name: promenade/Docker/v1 - labels: - application: promenade -data: - $schema: http://json-schema.org/schema# - type: object - properties: - config: - type: object - required: - - config - additionalProperties: false diff --git a/deployment_files/global/v1.0demo/schemas/promenade/Genesis/v1.yaml b/deployment_files/global/v1.0demo/schemas/promenade/Genesis/v1.yaml deleted file mode 100644 index 936ff6a6..00000000 --- a/deployment_files/global/v1.0demo/schemas/promenade/Genesis/v1.yaml +++ /dev/null @@ -1,144 +0,0 @@ ---- -schema: deckhand/DataSchema/v1 -metadata: - schema: metadata/Control/v1 - name: promenade/Genesis/v1 - labels: - application: promenade -data: - $schema: http://json-schema.org/schema# - definitions: - abs_path: - type: string - pattern: '^/.+$' - hostname: - type: string - pattern: '^[a-z][a-z0-9-]+$' - file: - properties: - path: - $ref: '#/definitions/abs_path' - content: - type: string - mode: - type: integer - minimum: 0 - tar_url: - $ref: '#/definitions/url' - tar_path: - $ref: '#/definitions/rel_path' - - required: - - mode - - path - oneOf: - - type: object - required: - - content - - type: object - allOf: - - type: object - required: - - tar_url - - tar_path - additionalProperties: false - image: - type: string - # XXX add regex - ip_address: - type: string - pattern: '^(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))$' - kubernetes_label: - type: string - # XXX add regex - rel_path: - type: string - # XXX add regex - - type: object - properties: - armada: - type: object - properties: - target_manifest: - type: string - additionalProperties: false - - apiserver: - type: object - properties: - command_prefix: - type: array - items: - type: string - additionalProperties: false - - files: - type: array - items: - $ref: '#/definitions/file' - - hostname: - $ref: '#/definitions/hostname' - - domain: - type: string - - ip: - $ref: '#/definitions/ip_address' - - labels: - properties: - static: - type: array - items: - $ref: '#/definitions/kubernetes_label' - dynamic: - type: array - items: - $ref: '#/definitions/kubernetes_label' - additionalProperties: false - - images: - type: object - properties: - armada: - $ref: '#/definitions/image' - helm: - type: object - properties: - tiller: - $ref: '#/definitions/image' - required: - - tiller - additionalProperties: false - kubernetes: - type: object - properties: - apiserver: - $ref: '#/definitions/image' - controller-manager: - $ref: '#/definitions/image' - etcd: - $ref: '#/definitions/image' - scheduler: - $ref: '#/definitions/image' - required: - - apiserver - - controller-manager - - etcd - - scheduler - additionalProperties: false - required: - - armada - - helm - - kubernetes - additionalProperties: false - - required: - - hostname - - ip - - images - - labels - additionalProperties: false -... diff --git a/deployment_files/global/v1.0demo/schemas/promenade/HostSystem/v1.yaml b/deployment_files/global/v1.0demo/schemas/promenade/HostSystem/v1.yaml deleted file mode 100644 index 6312aa5f..00000000 --- a/deployment_files/global/v1.0demo/schemas/promenade/HostSystem/v1.yaml +++ /dev/null @@ -1,137 +0,0 @@ ---- -schema: deckhand/DataSchema/v1 -metadata: - schema: metadata/Control/v1 - name: promenade/HostSystem/v1 - labels: - application: promenade -data: - $schema: http://json-schema.org/schema# - definitions: - abs_path: - type: string - pattern: '^/.+$' - apt_source_line: - type: string - # XXX add regex - file: - properties: - path: - $ref: '#/definitions/abs_path' - content: - type: string - mode: - type: integer - minimum: 0 - tar_url: - $ref: '#/definitions/url' - tar_path: - $ref: '#/definitions/rel_path' - - required: - - mode - - path - oneOf: - - type: object - required: - - content - - type: object - allOf: - - type: object - required: - - tar_url - - tar_path - additionalProperties: false - - image: - type: string - # XXX add regex - package: - type: string - # XXX add regex - public_key: - type: string - # XXX add regex - rel_path: - type: string - # XXX add regex - url: - type: string - # XXX add regex - - type: object - - properties: - files: - type: array - items: - type: object - items: - $ref: '#/definitions/file' - images: - type: object - properties: - haproxy: - $ref: '#/definitions/image' - coredns: - $ref: '#/definitions/image' - helm: - type: object - properties: - helm: - $ref: '#/definitions/image' - required: - - helm - additionalProperties: false - kubernetes: - type: object - properties: - kubectl: - $ref: '#/definitions/image' - required: - - kubectl - additionalProperties: false - required: - - haproxy - - coredns - - helm - - kubernetes - additionalProperties: false - - packages: - type: object - properties: - additional: - type: array - items: - $ref: '#/definitions/package' - keys: - type: array - items: - $ref: '#/definitions/public_key' - - required: - type: object - properties: - docker: - $ref: '#/definitions/package' - socat: - $ref: '#/definitions/package' - required: - - docker - - socat - additionalProperties: false - - repositories: - type: array - items: - $ref: '#/definitions/apt_source_line' - - required: - - required - additionalProperties: false - - required: - - images - - packages - additionalProperties: false diff --git a/deployment_files/global/v1.0demo/schemas/promenade/Kubelet/v1.yaml b/deployment_files/global/v1.0demo/schemas/promenade/Kubelet/v1.yaml deleted file mode 100644 index eb3d6939..00000000 --- a/deployment_files/global/v1.0demo/schemas/promenade/Kubelet/v1.yaml +++ /dev/null @@ -1,31 +0,0 @@ ---- -schema: deckhand/DataSchema/v1 -metadata: - schema: metadata/Control/v1 - name: promenade/Kubelet/v1 - labels: - application: promenade -data: - $schema: http://json-schema.org/schema# - type: object - definitions: - image: - type: string - # XXX add regex - - properties: - images: - type: object - properties: - pause: - $ref: '#/definitions/image' - required: - - pause - additionalProperties: false - arguments: - type: array - items: - type: string - required: - - images - additionalProperties: false diff --git a/deployment_files/global/v1.0demo/schemas/promenade/KubernetesNetwork/v1.yaml b/deployment_files/global/v1.0demo/schemas/promenade/KubernetesNetwork/v1.yaml deleted file mode 100644 index be60070f..00000000 --- a/deployment_files/global/v1.0demo/schemas/promenade/KubernetesNetwork/v1.yaml +++ /dev/null @@ -1,117 +0,0 @@ ---- -schema: deckhand/DataSchema/v1 -metadata: - schema: metadata/Control/v1 - name: promenade/KubernetesNetwork/v1 - labels: - application: promenade -data: - $schema: http://json-schema.org/schema# - definitions: - cidr: - type: string - pattern: '^(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\/([0-9]|[1-2][0-9]|3[0-2])$' - domain_name: - type: string - pattern: '^([a-z][a-z0-9-]+\.)+[a-z]+\.?$' - hostname: - type: string - pattern: '^([a-z][a-z0-9-]+)(\.+[a-z]+\.)?$' - hostname_or_ip_address: - type: string - ip_address: - type: string - pattern: '^(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))$' - url: - type: string - # XXX add regex - - type: object - properties: - dns: - type: object - properties: - bootstrap_validation_checks: - type: array - items: - $ref: '#/definitions/domain_name' - cluster_domain: - $ref: '#/definitions/domain_name' - service_ip: - $ref: '#/definitions/ip_address' - upstream_servers: - type: array - items: - $ref: '#/definitions/ip_address' - required: - - cluster_domain - - service_ip - additionalProperties: false - - kubernetes: - type: object - properties: - pod_cidr: - $ref: '#/definitions/cidr' - service_ip: - $ref: '#/definitions/ip_address' - service_cidr: - $ref: '#/definitions/cidr' - apiserver_port: - type: number - minimum: 0 - haproxy_port: - type: number - minimum: 0 - required: - - pod_cidr - - service_cidr - - service_ip - - apiserver_port - - haproxy_port - additionalProperties: false - etcd: - type: object - properties: - service_ip: - $ref: '#/definitions/ip_address' - container_port: - type: number - minimum: 0 - haproxy_port: - type: number - minimum: 0 - required: - - service_ip - - container_port - - haproxy_port - additionalProperties: false - hosts_entries: - type: array - items: - type: object - properties: - ip: - $ref: '#/definitions/ip_address' - names: - type: array - items: - $ref: '#/definitions/hostname' - - proxy: - type: object - properties: - additional_no_proxy: - type: array - items: - $ref: '#/definitions/hostname_or_ip_address' - url: - $ref: '#/definitions/url' - required: - - url - additionalFields: false - - required: - - dns - - kubernetes - additionalProperties: false diff --git a/deployment_files/global/v1.0demo/schemas/promenade/KubernetesNode/v1.yaml b/deployment_files/global/v1.0demo/schemas/promenade/KubernetesNode/v1.yaml deleted file mode 100644 index 1b7598e2..00000000 --- a/deployment_files/global/v1.0demo/schemas/promenade/KubernetesNode/v1.yaml +++ /dev/null @@ -1,47 +0,0 @@ ---- -schema: deckhand/DataSchema/v1 -metadata: - schema: metadata/Control/v1 - name: promenade/KubernetesNode/v1 - labels: - application: promenade -data: - $schema: http://json-schema.org/schema# - definitions: - hostname: - type: string - pattern: '^[a-z][a-z0-9-]+$' - ip_address: - type: string - pattern: '^(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))$' - kubernetes_label: - type: string - # XXX add regex - - type: object - properties: - hostname: - $ref: '#/definitions/hostname' - - ip: - $ref: '#/definitions/ip_address' - - join_ip: - $ref: '#/definitions/ip_address' - - labels: - properties: - static: - type: array - items: - $ref: '#/definitions/kubernetes_label' - dynamic: - type: array - items: - $ref: '#/definitions/kubernetes_label' - additionalProperties: false - - required: - - ip - - join_ip - additionalProperties: false diff --git a/deployment_files/global/v1.0demo/schemas/promenade/PKICatalog/PKICatalog.yaml b/deployment_files/global/v1.0demo/schemas/promenade/PKICatalog/PKICatalog.yaml deleted file mode 100644 index ae64c54c..00000000 --- a/deployment_files/global/v1.0demo/schemas/promenade/PKICatalog/PKICatalog.yaml +++ /dev/null @@ -1,43 +0,0 @@ ---- -schema: deckhand/DataSchema/v1 -metadata: - schema: metadata/Control/v1 - name: promenade/PKICatalog/v1 - labels: - application: promenade -data: - $schema: http://json-schema.org/schema# - certificate_authorities: - type: array - items: - type: object - properties: - description: - type: string - certificates: - type: array - items: - type: object - properties: - document_name: - type: string - description: - type: string - common_name: - type: string - hosts: - type: array - items: string - groups: - type: array - items: string - keypairs: - type: array - items: - type: object - properties: - name: - type: string - description: - type: string -... diff --git a/deployment_files/global/v1.0demo/schemas/shipyard/DeploymentConfiguration/v1.yaml b/deployment_files/global/v1.0demo/schemas/shipyard/DeploymentConfiguration/v1.yaml deleted file mode 100644 index 6deab8b6..00000000 --- a/deployment_files/global/v1.0demo/schemas/shipyard/DeploymentConfiguration/v1.yaml +++ /dev/null @@ -1,81 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: shipyard/DeploymentConfiguration/v1 - labels: - application: shipyard -data: - $schema: 'http://json-schema.org/schema#' - id: 'https://git.airshipit.org/cgit/airship-shipyard/tree/src/bin/shipyard_airflow/shipyard_airflow/schemas/deploymentConfiguration.yaml' - type: 'object' - properties: - physical_provisioner: - type: 'object' - properties: - deployment_strategy: - type: 'string' - deploy_interval: - type: 'integer' - deploy_timeout: - type: 'integer' - destroy_interval: - type: 'integer' - destroy_timeout: - type: 'integer' - join_wait: - type: 'integer' - prepare_node_interval: - type: 'integer' - prepare_node_timeout: - type: 'integer' - prepare_site_interval: - type: 'integer' - prepare_site_timeout: - type: 'integer' - verify_interval: - type: 'integer' - verify_timeout: - type: 'integer' - additionalProperties: false - kubernetes: - type: 'object' - properties: - node_status_interval: - type: 'integer' - node_status_timeout: - type: 'integer' - additionalProperties: false - kubernetes_provisioner: - type: 'object' - properties: - drain_timeout: - type: 'integer' - drain_grace_period: - type: 'integer' - clear_labels_timeout: - type: 'integer' - remove_etcd_timeout: - type: 'integer' - etcd_ready_timeout: - type: 'integer' - additionalProperties: false - armada: - type: 'object' - properties: - get_releases_timeout: - type: 'integer' - get_status_timeout: - type: 'integer' - manifest: - type: 'string' - post_apply_timeout: - type: 'integer' - validate_design_timeout: - type: 'integer' - additionalProperties: false - required: - - manifest - additionalProperties: false - required: - - armada diff --git a/deployment_files/global/v1.0demo/schemas/shipyard/DeploymentStrategy/v1.yaml b/deployment_files/global/v1.0demo/schemas/shipyard/DeploymentStrategy/v1.yaml deleted file mode 100644 index 927512b5..00000000 --- a/deployment_files/global/v1.0demo/schemas/shipyard/DeploymentStrategy/v1.yaml +++ /dev/null @@ -1,74 +0,0 @@ ---- -schema: 'deckhand/DataSchema/v1' -metadata: - schema: metadata/Control/v1 - name: shipyard/DeploymentStrategy/v1 - labels: - application: shipyard -data: - $schema: 'http://json-schema.org/schema#' - id: 'https://git.airshipit.org/cgit/airship-shipyard/tree/src/bin/shipyard_airflow/shipyard_airflow/schemas/deploymentStrategy.yaml' - type: 'object' - required: - - groups - properties: - groups: - type: 'array' - minItems: 0 - items: - type: 'object' - required: - - name - - critical - - depends_on - - selectors - properties: - name: - type: 'string' - minLength: 1 - critical: - type: 'boolean' - depends_on: - type: 'array' - minItems: 0 - items: - type: 'string' - selectors: - type: 'array' - minItems: 0 - items: - type: 'object' - minProperties: 1 - properties: - node_names: - type: 'array' - items: - type: 'string' - node_labels: - type: 'array' - items: - type: 'string' - node_tags: - type: 'array' - items: - type: 'string' - rack_names: - type: 'array' - items: - type: 'string' - additionalProperties: false - success_criteria: - type: 'object' - minProperties: 1 - properties: - percent_successful_nodes: - type: 'integer' - minimum: 0 - maximum: 100 - minimum_successful_nodes: - type: 'integer' - minimum: 0 - maximum_failed_nodes: - type: 'integer' - minimum: 0 - additionalProperties: false diff --git a/deployment_files/global/v1.0demo/software/charts/kubernetes/container-networking/calico.yaml b/deployment_files/global/v1.0demo/software/charts/kubernetes/container-networking/calico.yaml deleted file mode 100644 index 2119d27b..00000000 --- a/deployment_files/global/v1.0demo/software/charts/kubernetes/container-networking/calico.yaml +++ /dev/null @@ -1,170 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-calico - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.calico.calico - dest: - path: .source - - # Image versions - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.calico.calico - dest: - path: .values.images - - # IP addresses - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.api_service_ip - dest: - path: .values.conf.controllers.K8S_API - pattern: KUBERNETES_IP - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .calico.etcd.service_ip - dest: - path: .values.endpoints.etcd.host_fqdn_override.default - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.pod_cidr - dest: - path: .values.networking.podSubnet - - # Other site-specific configuration - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .calico.ip_autodetection_method - dest: - path: .values.conf.node.IP_AUTODETECTION_METHOD - - # Certificates - - - src: - schema: deckhand/CertificateAuthority/v1 - name: calico-etcd - path: . - dest: - path: .values.endpoints.etcd.auth.client.tls.ca - - - src: - schema: deckhand/Certificate/v1 - name: calico-node - path: . - dest: - path: .values.endpoints.etcd.auth.client.tls.crt - - - src: - schema: deckhand/CertificateKey/v1 - name: calico-node - path: . - dest: - path: .values.endpoints.etcd.auth.client.tls.key -data: - chart_name: calico - release: kubernetes-calico - namespace: kube-system - protected: - continue_processing: false - wait: - timeout: 600 - labels: - release_group: airship-kubernetes-calico - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-kubernetes-calico - values: - conf: - cni_network_config: - name: k8s-pod-network - cniVersion: 0.3.0 - plugins: - - type: calico - etcd_endpoints: __ETCD_ENDPOINTS__ - etcd_ca_cert_file: /etc/calico/pki/ca - etcd_cert_file: /etc/calico/pki/crt - etcd_key_file: /etc/calico/pki/key - log_level: debug - ipam: - type: calico-ipam - policy: - type: k8s - kubernetes: - kubeconfig: __KUBECONFIG_FILEPATH__ - - type: portmap - snat: true - capabilities: - portMappings: true - - controllers: - K8S_API: "https://KUBERNETES_IP:443" - - node: - CALICO_STARTUP_LOGLEVEL: INFO - CLUSTER_TYPE: "k8s,bgp" - ETCD_CA_CERT_FILE: /etc/calico/pki/ca - ETCD_CERT_FILE: /etc/calico/pki/crt - ETCD_KEY_FILE: /etc/calico/pki/key - IP_AUTODETECTION_METHOD: interface=ens3 - WAIT_FOR_STORAGE: "true" - - endpoints: - etcd: - hosts: - default: calico-etcd - scheme: - default: https - - networking: - mtu: 1500 - manifests: - daemonset_calico_etcd: false - job_image_repo_sync: false - service_calico_etcd: false - dependencies: - - calico-htk ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: calico-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.calico.calico-htk - dest: - path: .source -data: - chart_name: calico-htk - release: calico-htk - namespace: calico-htk - values: {} - dependencies: [] diff --git a/deployment_files/global/v1.0demo/software/charts/kubernetes/container-networking/chart-group.yaml b/deployment_files/global/v1.0demo/software/charts/kubernetes/container-networking/chart-group.yaml deleted file mode 100644 index 4d1cfbda..00000000 --- a/deployment_files/global/v1.0demo/software/charts/kubernetes/container-networking/chart-group.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-container-networking - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Container networking via Calico - sequenced: true - chart_group: - - kubernetes-calico-etcd - - kubernetes-calico diff --git a/deployment_files/global/v1.0demo/software/charts/kubernetes/container-networking/etcd.yaml b/deployment_files/global/v1.0demo/software/charts/kubernetes/container-networking/etcd.yaml deleted file mode 100644 index 8076106a..00000000 --- a/deployment_files/global/v1.0demo/software/charts/kubernetes/container-networking/etcd.yaml +++ /dev/null @@ -1,142 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-calico-etcd-global - layeringDefinition: - abstract: true - layer: global - labels: - name: kubernetes-calico-etcd-global - storagePolicy: cleartext - substitutions: - - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.calico.etcd - dest: - path: .source - - # Image versions - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.calico.etcd - dest: - path: .values.images.tags - - # IP addresses - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .calico.etcd.service_ip - dest: - path: .values.service.ip - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .calico.etcd.service_ip - dest: - path: .values.anchor.etcdctl_endpoint - - # CAs - - - src: - schema: deckhand/CertificateAuthority/v1 - name: calico-etcd - path: . - dest: - path: .values.secrets.tls.client.ca - - - src: - schema: deckhand/CertificateAuthority/v1 - name: calico-etcd-peer - path: . - dest: - path: .values.secrets.tls.peer.ca - - # Anchor client cert - - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-anchor - path: . - dest: - path: .values.secrets.anchor.tls.cert - - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-anchor - path: . - dest: - path: .values.secrets.anchor.tls.key - -data: - chart_name: etcd - release: kubernetes-calico-etcd - namespace: kube-system - protected: - continue_processing: false - wait: - timeout: 600 - labels: - release_group: airship-kubernetes-calico-etcd - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-kubernetes-calico-etcd - values: - labels: - anchor: - node_selector_key: calico-etcd - node_selector_value: enabled - etcd: - host_data_path: /var/lib/etcd/calico - host_etc_path: /etc/etcd/calico - bootstrapping: - enabled: true - host_directory: /var/lib/anchor - filename: calico-etcd-bootstrap - service: - name: calico-etcd - network: - service_client: - name: service_client - port: 6666 - target_port: 6666 - service_peer: - name: service_peer - port: 6667 - target_port: 6667 - dependencies: - - kubernetes-calico-etcd-htk ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-calico-etcd-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.calico.etcd-htk - dest: - path: .source -data: - chart_name: kubernetes-calico-etcd-htk - release: kubernetes-calico-etcd-htk - namespace: kubernetes-calico-etcd-htk - values: {} - dependencies: [] -... diff --git a/deployment_files/global/v1.0demo/software/charts/kubernetes/core/apiserver.yaml b/deployment_files/global/v1.0demo/software/charts/kubernetes/core/apiserver.yaml deleted file mode 100644 index 89b3fd12..00000000 --- a/deployment_files/global/v1.0demo/software/charts/kubernetes/core/apiserver.yaml +++ /dev/null @@ -1,169 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-apiserver - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.apiserver - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.apiserver - dest: - path: .values.images.tags - - # IP addresses - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.api_service_ip - dest: - path: .values.network.kubernetes_service_ip - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.pod_cidr - dest: - path: .values.network.pod_cidr - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.service_cidr - dest: - path: .values.network.service_cidr - - # CA - - - src: - schema: deckhand/CertificateAuthority/v1 - name: kubernetes - path: . - dest: - path: .values.secrets.tls.ca - - # Certificates - - - src: - schema: deckhand/Certificate/v1 - name: apiserver - path: . - dest: - path: .values.secrets.tls.cert - - - src: - schema: deckhand/CertificateKey/v1 - name: apiserver - path: . - dest: - path: .values.secrets.tls.key - - - src: - schema: deckhand/CertificateAuthority/v1 - name: kubernetes-etcd - path: . - dest: - path: .values.secrets.etcd.tls.ca - - - src: - schema: deckhand/Certificate/v1 - name: apiserver-etcd - path: . - dest: - path: .values.secrets.etcd.tls.cert - - - src: - schema: deckhand/CertificateKey/v1 - name: apiserver-etcd - path: . - dest: - path: .values.secrets.etcd.tls.key - - - src: - schema: deckhand/PublicKey/v1 - name: service-account - path: . - dest: - path: .values.secrets.service_account.public_key - - # Command prefix - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.service_cidr - dest: - path: .values.command_prefix[1] - pattern: SERVICE_CIDR - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.service_node_port_range - dest: - path: .values.command_prefix[2] - pattern: SERVICE_NODE_PORT_RANGE - -data: - chart_name: apiserver - release: kubernetes-apiserver - namespace: kube-system - protected: - continue_processing: false - wait: - timeout: 600 - labels: - release_group: airship-kubernetes-apiserver - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-kubernetes-apiserver - values: - - apiserver: - etcd: - endpoints: https://127.0.0.1:2378 - command_prefix: - - /apiserver - - --service-cluster-ip-range=SERVICE_CIDR - - --service-node-port-range=SERVICE_NODE_PORT_RANGE - - --authorization-mode=Node,RBAC - - --admission-control=NamespaceLifecycle,LimitRanger,ServiceAccount,PersistentVolumeLabel,DefaultStorageClass,ResourceQuota,DefaultTolerationSeconds - - --endpoint-reconciler-type=lease - dependencies: - - kubernetes-apiserver-htk ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-apiserver-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.apiserver-htk - dest: - path: .source -data: - chart_name: kubernetes-apiserver-htk - release: kubernetes-apiserver-htk - namespace: kubernetes-apiserver-htk - values: {} - dependencies: [] -... diff --git a/deployment_files/global/v1.0demo/software/charts/kubernetes/core/chart-group.yaml b/deployment_files/global/v1.0demo/software/charts/kubernetes/core/chart-group.yaml deleted file mode 100644 index 6e8560d5..00000000 --- a/deployment_files/global/v1.0demo/software/charts/kubernetes/core/chart-group.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-core - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Kubernetes components - chart_group: - - kubernetes-apiserver - - kubernetes-controller-manager - - kubernetes-scheduler diff --git a/deployment_files/global/v1.0demo/software/charts/kubernetes/core/controller-manager.yaml b/deployment_files/global/v1.0demo/software/charts/kubernetes/core/controller-manager.yaml deleted file mode 100644 index fcbca52b..00000000 --- a/deployment_files/global/v1.0demo/software/charts/kubernetes/core/controller-manager.yaml +++ /dev/null @@ -1,119 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-controller-manager - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.controller-manager - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.controller-manager - dest: - path: .values.images.tags - - # IP addresses - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.pod_cidr - dest: - path: .values.network.pod_cidr - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.service_cidr - dest: - path: .values.network.service_cidr - - # CA - - - src: - schema: deckhand/CertificateAuthority/v1 - name: kubernetes - path: . - dest: - path: .values.secrets.tls.ca - - # Certificates - - - src: - schema: deckhand/Certificate/v1 - name: controller-manager - path: . - dest: - path: .values.secrets.tls.cert - - - src: - schema: deckhand/CertificateKey/v1 - name: controller-manager - path: . - dest: - path: .values.secrets.tls.key - - # Private key for Kubernetes service account token signing - - - src: - schema: deckhand/PrivateKey/v1 - name: service-account - path: . - dest: - path: .values.secrets.service_account.private_key - -data: - chart_name: controller-manager - release: kubernetes-controller-manager - namespace: kube-system - protected: - continue_processing: false - wait: - timeout: 600 - labels: - release_group: airship-kubernetes-controller-manager - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-kubernetes-controller-manager - values: - network: - kubernetes_netloc: 127.0.0.1:6553 - dependencies: - - kubernetes-controller-manager-htk ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-controller-manager-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.controller-manager-htk - dest: - path: .source -data: - chart_name: kubernetes-controller-manager-htk - release: kubernetes-controller-manager-htk - namespace: kubernetes-controller-manager-htk - values: {} - dependencies: [] -... diff --git a/deployment_files/global/v1.0demo/software/charts/kubernetes/core/scheduler.yaml b/deployment_files/global/v1.0demo/software/charts/kubernetes/core/scheduler.yaml deleted file mode 100644 index 49c3e745..00000000 --- a/deployment_files/global/v1.0demo/software/charts/kubernetes/core/scheduler.yaml +++ /dev/null @@ -1,96 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-scheduler - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.scheduler - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.scheduler - dest: - path: .values.images.tags - - # CA - - - src: - schema: deckhand/CertificateAuthority/v1 - name: kubernetes - path: . - dest: - path: .values.secrets.tls.ca - - # Certificates - - - src: - schema: deckhand/Certificate/v1 - name: scheduler - path: . - dest: - path: .values.secrets.tls.cert - - - src: - schema: deckhand/CertificateKey/v1 - name: scheduler - path: . - dest: - path: .values.secrets.tls.key - -data: - chart_name: scheduler - release: kubernetes-scheduler - namespace: kube-system - protected: - continue_processing: false - wait: - timeout: 600 - labels: - release_group: airship-kubernetes-scheduler - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-kubernetes-scheduler - values: - network: - kubernetes_netloc: 127.0.0.1:6553 - dependencies: - - kubernetes-scheduler-htk ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-scheduler-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.scheduler-htk - dest: - path: .source -data: - chart_name: kubernetes-scheduler-htk - release: kubernetes-scheduler-htk - namespace: kubernetes-scheduler-htk - values: {} - dependencies: [] -... diff --git a/deployment_files/global/v1.0demo/software/charts/kubernetes/dns/chart-group.yaml b/deployment_files/global/v1.0demo/software/charts/kubernetes/dns/chart-group.yaml deleted file mode 100644 index 1c8abf03..00000000 --- a/deployment_files/global/v1.0demo/software/charts/kubernetes/dns/chart-group.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-dns - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Cluster DNS - chart_group: - - coredns diff --git a/deployment_files/global/v1.0demo/software/charts/kubernetes/dns/coredns.yaml b/deployment_files/global/v1.0demo/software/charts/kubernetes/dns/coredns.yaml deleted file mode 100644 index a520aa6f..00000000 --- a/deployment_files/global/v1.0demo/software/charts/kubernetes/dns/coredns.yaml +++ /dev/null @@ -1,120 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: coredns - layeringDefinition: - abstract: false - layer: global - labels: - name: coredns - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.coredns - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.coredns - dest: - path: .values.images - - # Zones - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .dns.cluster_domain - dest: - path: .values.conf.coredns.corefile - pattern: 'CLUSTER_DOMAIN' - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.service_cidr - dest: - path: .values.conf.coredns.corefile - pattern: 'SERVICE_CIDR' - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.pod_cidr - dest: - path: .values.conf.coredns.corefile - pattern: 'POD_CIDR' - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .dns.upstream_servers[0] - dest: - path: .values.conf.coredns.corefile - pattern: 'UPSTREAM1' -data: - chart_name: coredns - release: coredns - namespace: kube-system - wait: - timeout: 600 - labels: - release_group: airship-coredns - test: - enabled: true - options: - cleanup: true - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-coredns - values: - conf: - coredns: - # TODO(alanmeadows) this needs to be adjusted to use substition - corefile: | - .:53 { - errors - health - autopath @kubernetes - kubernetes CLUSTER_DOMAIN SERVICE_CIDR POD_CIDR { - pods insecure - fallthrough in-addr.arpa ip6.arpa - upstream UPSTREAM1 - } - prometheus :9153 - proxy . UPSTREAM1 - cache 30 - } - dependencies: - - coredns-htk ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: coredns-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.coredns-htk - dest: - path: .source -data: - chart_name: coredns-htk - release: coredns-htk - namespace: coredns-htk - values: {} - dependencies: [] -... diff --git a/deployment_files/global/v1.0demo/software/charts/kubernetes/etcd/chart-group.yaml b/deployment_files/global/v1.0demo/software/charts/kubernetes/etcd/chart-group.yaml deleted file mode 100644 index 5a951d13..00000000 --- a/deployment_files/global/v1.0demo/software/charts/kubernetes/etcd/chart-group.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-etcd - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Kubernetes etcd - chart_group: - - kubernetes-etcd diff --git a/deployment_files/global/v1.0demo/software/charts/kubernetes/etcd/etcd.yaml b/deployment_files/global/v1.0demo/software/charts/kubernetes/etcd/etcd.yaml deleted file mode 100644 index df54a40d..00000000 --- a/deployment_files/global/v1.0demo/software/charts/kubernetes/etcd/etcd.yaml +++ /dev/null @@ -1,136 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-etcd-global - layeringDefinition: - abstract: true - layer: global - labels: - name: kubernetes-etcd-global - storagePolicy: cleartext - substitutions: - - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.etcd - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.etcd - dest: - path: .values.images.tags - - # IP addresses - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.etcd_service_ip - dest: - path: .values.service.ip - - # CAs - - - src: - schema: deckhand/CertificateAuthority/v1 - name: kubernetes-etcd - path: . - dest: - path: .values.secrets.tls.client.ca - - - src: - schema: deckhand/CertificateAuthority/v1 - name: kubernetes-etcd-peer - path: . - dest: - path: .values.secrets.tls.peer.ca - - - - src: - schema: deckhand/Certificate/v1 - name: kubernetes-etcd-anchor - path: . - dest: - path: .values.secrets.anchor.tls.cert - - - src: - schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-anchor - path: . - dest: - path: .values.secrets.anchor.tls.key - -data: - chart_name: etcd - release: kubernetes-etcd - namespace: kube-system - protected: - continue_processing: false - wait: - timeout: 600 - labels: - release_group: airship-kubernetes-etcd - test: - enabled: true - options: - cleanup: true - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-kubernetes-etcd - values: - anchor: - etcdctl_endpoint: kubernetes-etcd.kube-system.svc.cluster.local - labels: - anchor: - node_selector_key: kubernetes-etcd - node_selector_value: enabled - etcd: - host_data_path: /var/lib/etcd/kubernetes - host_etc_path: /etc/etcd/kubernetes - service: - name: kubernetes-etcd - network: - service_client: - name: service_client - port: 2379 - target_port: 2379 - service_peer: - name: service_peer - port: 2380 - target_port: 2380 - dependencies: - - kubernetes-etcd-htk ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-etcd-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.etcd-htk - dest: - path: .source -data: - chart_name: kubernetes-etcd-htk - release: kubernetes-etcd-htk - namespace: kubernetes-etcd-htk - values: {} - dependencies: [] -... diff --git a/deployment_files/global/v1.0demo/software/charts/kubernetes/haproxy/chart-group.yaml b/deployment_files/global/v1.0demo/software/charts/kubernetes/haproxy/chart-group.yaml deleted file mode 100644 index 63a24f5f..00000000 --- a/deployment_files/global/v1.0demo/software/charts/kubernetes/haproxy/chart-group.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-haproxy - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: HAProxy for Kubernetes - chart_group: - - haproxy diff --git a/deployment_files/global/v1.0demo/software/charts/kubernetes/haproxy/haproxy.yaml b/deployment_files/global/v1.0demo/software/charts/kubernetes/haproxy/haproxy.yaml deleted file mode 100644 index d6b2ac46..00000000 --- a/deployment_files/global/v1.0demo/software/charts/kubernetes/haproxy/haproxy.yaml +++ /dev/null @@ -1,101 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: haproxy - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.haproxy - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.haproxy - dest: - path: .values.images -data: - chart_name: haproxy - release: haproxy - namespace: kube-system - protected: - continue_processing: false - wait: - timeout: 600 - labels: - release_group: airship-haproxy - test: - enabled: true - options: - cleanup: true - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-haproxy - values: - conf: - anchor: - - # TODO(alanmeadows) this should be substituted - kubernetes_url: https://10.96.0.1:443 - services: - default: - kubernetes: - server_opts: "check" - conf_parts: - frontend: - - mode tcp - - option tcpka - - bind *:6553 - backend: - - mode tcp - - option tcpka - kube-system: - kubernetes-etcd: - server_opts: "check" - conf_parts: - frontend: - - mode tcp - - option tcpka - - bind *:2378 - backend: - - mode tcp - - option tcpka - dependencies: - - haproxy-htk ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: haproxy-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.haproxy-htk - dest: - path: .source -data: - chart_name: haproxy-htk - release: haproxy-htk - namespace: haproxy-htk - values: {} - dependencies: [] -... diff --git a/deployment_files/global/v1.0demo/software/charts/kubernetes/ingress/chart-group.yaml b/deployment_files/global/v1.0demo/software/charts/kubernetes/ingress/chart-group.yaml deleted file mode 100644 index 11197f69..00000000 --- a/deployment_files/global/v1.0demo/software/charts/kubernetes/ingress/chart-group.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: ingress-kube-system - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Ingress for the site - chart_group: - - ingress-kube-system diff --git a/deployment_files/global/v1.0demo/software/charts/kubernetes/ingress/ingress.yaml b/deployment_files/global/v1.0demo/software/charts/kubernetes/ingress/ingress.yaml deleted file mode 100644 index 63c38425..00000000 --- a/deployment_files/global/v1.0demo/software/charts/kubernetes/ingress/ingress.yaml +++ /dev/null @@ -1,86 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ingress-kube-system - layeringDefinition: - abstract: false - layer: global - labels: - name: ingress-kube-system - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.ingress - dest: - path: .source - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh.ingress - dest: - path: .values.images.tags -data: - chart_name: ingress-kube-system - release: ingress-kube-system - namespace: kube-system - wait: - timeout: 300 - labels: - release_group: airship-ingress-kube-system - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-ingress-kube-system - values: - labels: - server: - node_selector_key: kube-ingress - node_selector_value: enabled - error_server: - node_selector_key: kube-ingress - node_selector_value: enabled - deployment: - mode: cluster - type: DaemonSet - network: - host_namespace: true - ingress: - annotations: - nginx.ingress.kubernetes.io/proxy-read-timeout: "603" - pod: - replicas: - error_page: 1 - dependencies: - - ingress-kube-system-htk ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ingress-kube-system-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.ingress-htk - dest: - path: .source -data: - chart_name: ingress-kube-system-htk - release: ingress-kube-system-htk - namespace: ingress-kube-system-htk - values: {} - dependencies: [] diff --git a/deployment_files/global/v1.0demo/software/charts/kubernetes/proxy/chart-group.yaml b/deployment_files/global/v1.0demo/software/charts/kubernetes/proxy/chart-group.yaml deleted file mode 100644 index a083dd3d..00000000 --- a/deployment_files/global/v1.0demo/software/charts/kubernetes/proxy/chart-group.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-proxy - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Kubernetes proxy - sequenced: true - chart_group: - - kubernetes-proxy diff --git a/deployment_files/global/v1.0demo/software/charts/kubernetes/proxy/kubernetes-proxy.yaml b/deployment_files/global/v1.0demo/software/charts/kubernetes/proxy/kubernetes-proxy.yaml deleted file mode 100644 index 523e55ad..00000000 --- a/deployment_files/global/v1.0demo/software/charts/kubernetes/proxy/kubernetes-proxy.yaml +++ /dev/null @@ -1,68 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-proxy - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.proxy - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.proxy - dest: - path: .values.images.tags -data: - chart_name: proxy - release: kubernetes-proxy - namespace: kube-system - wait: - timeout: 600 - labels: - release_group: airship-kubernetes-proxy - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-kubernetes-proxy - values: - network: - kubernetes_netloc: 127.0.0.1:6553 - dependencies: - - kubernetes-proxy-htk ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-proxy-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.proxy-htk - dest: - path: .source -data: - chart_name: kubernetes-proxy-htk - release: kubernetes-proxy-htk - namespace: kubernetes-proxy-htk - values: {} - dependencies: [] -... diff --git a/deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/chart-group-infra.yaml b/deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/chart-group-infra.yaml deleted file mode 100644 index 63b43587..00000000 --- a/deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/chart-group-infra.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-component-infrastructure - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: "OpenStack Component Infrastructure" - sequenced: False - chart_group: - - openstack-mariadb - - rabbitmq - - memcached diff --git a/deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/chart-group-shared.yaml b/deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/chart-group-shared.yaml deleted file mode 100644 index d8889a41..00000000 --- a/deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/chart-group-shared.yaml +++ /dev/null @@ -1,17 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-component-shared - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: "OpenStack Shared and Common components" - sequenced: False - chart_group: - - keystone - - glance - - heat - - horizon diff --git a/deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/glance.yaml b/deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/glance.yaml deleted file mode 100644 index 98121d90..00000000 --- a/deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/glance.yaml +++ /dev/null @@ -1,99 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: glance - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.openstack.glance - dest: - path: .source - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh.glance - dest: - path: .values.images.tags -data: - chart_name: glance - release: glance - namespace: openstack - wait: - timeout: 1800 - labels: - release_group: airship-glance - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - application: glance - component: db-init - - type: job - labels: - application: glance - component: db-sync - - type: job - labels: - application: glance - component: ks-user - - type: job - labels: - application: glance - component: ks-service - - type: job - labels: - application: glance - component: ks-endpoints - - type: job - labels: - application: glance - component: storage-init - values: - labels: - api: - node_selector_key: openstack-control-plane - node_selector_value: enabled - job: - node_selector_key: openstack-control-plane - node_selector_value: enabled - registry: - node_selector_key: openstack-control-plane - node_selector_value: enabled - storage: pvc - dependencies: - - openstack-glance-helm-toolkit ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-glance-helm-toolkit - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.openstack.glance-htk - dest: - path: .source -data: - chart_name: openstack-glance-helm-toolkit - release: openstack-glance-helm-toolkit - namespace: helm-toolkit - values: {} - dependencies: [] diff --git a/deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/heat.yaml b/deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/heat.yaml deleted file mode 100644 index 8ba03fe4..00000000 --- a/deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/heat.yaml +++ /dev/null @@ -1,108 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: heat - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.openstack.heat - dest: - path: .source - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh.heat - dest: - path: .values.images.tags -data: - chart_name: heat - release: heat - namespace: openstack - wait: - timeout: 1800 - labels: - release_group: airship-heat - test: - enabled: true - options: - cleanup: false - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - application: heat - component: db-init - - type: job - labels: - application: heat - component: db-sync - - type: job - labels: - application: heat - component: ks-user - - type: job - labels: - application: heat - component: ks-service - - type: job - labels: - application: heat - component: ks-endpoints - - type: cronjob - labels: - application: heat - component: engine-cleaner - values: - labels: - api: - node_selector_key: openstack-control-plane - node_selector_value: enabled - cfn: - node_selector_key: openstack-control-plane - node_selector_value: enabled - cloudwatch: - node_selector_key: openstack-control-plane - node_selector_value: enabled - engine: - node_selector_key: openstack-control-plane - node_selector_value: enabled - job: - node_selector_key: openstack-control-plane - node_selector_value: enabled - dependencies: - - openstack-heat-helm-toolkit ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-heat-helm-toolkit - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.openstack.heat-htk - dest: - path: .source -data: - chart_name: openstack-heat-helm-toolkit - release: openstack-heat-helm-toolkit - namespace: helm-toolkit - values: {} - dependencies: [] diff --git a/deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/horizon.yaml b/deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/horizon.yaml deleted file mode 100644 index 09325942..00000000 --- a/deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/horizon.yaml +++ /dev/null @@ -1,79 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: horizon - labels: - component: horizon - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.openstack.horizon - dest: - path: .source - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh.horizon - dest: - path: .values.images.tags -data: - chart_name: horizon - release: horizon - namespace: openstack - wait: - timeout: 1800 - labels: - release_group: airship-horizon - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - application: horizon - component: db-init - - type: job - labels: - application: horizon - component: db-sync - post: - create: [] - values: - labels: - node_selector_key: openstack-control-plane - node_selector_value: enabled - dependencies: - - openstack-horizon-helm-toolkit ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-horizon-helm-toolkit - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.openstack.horizon-htk - dest: - path: .source -data: - chart_name: openstack-horizon-helm-toolkit - release: openstack-horizon-helm-toolkit - namespace: helm-toolkit - values: {} - dependencies: [] diff --git a/deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/keystone.yaml b/deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/keystone.yaml deleted file mode 100644 index 1c11d7f9..00000000 --- a/deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/keystone.yaml +++ /dev/null @@ -1,104 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: keystone - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.openstack.keystone - dest: - path: .source - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh.keystone - dest: - path: .values.images.tags -data: - chart_name: keystone - release: openstack-keystone - namespace: openstack - wait: - timeout: 1800 - labels: - release_group: airship-openstack-keystone - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - application: keystone - component: bootstrap - - type: job - labels: - application: keystone - component: credential-setup - - type: job - labels: - application: keystone - component: db-init - - type: job - labels: - application: keystone - component: db-sync - - type: job - labels: - application: keystone - component: fernet-setup - - type: job - labels: - application: keystone - component: domain-manage - - type: cronjob - labels: - application: keystone - component: credential-rotate - - type: cronjob - labels: - application: keystone - component: fernet-rotate - values: - labels: - api: - node_selector_key: openstack-control-plane - node_selector_value: enabled - job: - node_selector_key: openstack-control-plane - node_selector_value: enabled - dependencies: - - openstack-keystone-helm-toolkit ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-keystone-helm-toolkit - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.openstack.keystone-htk - dest: - path: .source - -data: - chart_name: openstack-keystone-helm-toolkit - release: openstack-keystone-helm-toolkit - namespace: helm-toolkit - values: {} - dependencies: [] diff --git a/deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/mariadb.yaml b/deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/mariadb.yaml deleted file mode 100644 index 16247563..00000000 --- a/deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/mariadb.yaml +++ /dev/null @@ -1,72 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-mariadb - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.openstack.mariadb - dest: - path: .source - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh.mariadb - dest: - path: .values.images.tags -data: - chart_name: mariadb - release: openstack-mariadb - namespace: openstack - wait: - timeout: 1800 - labels: - release_group: airship-openstack-mariadb - install: - no_hooks: false - upgrade: - no_hooks: false - values: - volume: - enabled: false - labels: - server: - node_selector_key: openstack-control-plane - node_selector_value: enabled - prometheus_mysql_exporter: - node_selector_key: openstack-control-plane - node_selector_value: enabled - dependencies: - - openstack-mariadb-helm-toolkit ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-mariadb-helm-toolkit - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.openstack.mariadb-htk - dest: - path: .source - -data: - chart_name: openstack-mariadb-helm-toolkit - release: openstack-mariadb-helm-toolkit - namespace: helm-toolkit - values: {} - dependencies: [] diff --git a/deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/memcached.yaml b/deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/memcached.yaml deleted file mode 100644 index 0fef4f46..00000000 --- a/deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/memcached.yaml +++ /dev/null @@ -1,67 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: memcached - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.openstack.memcached - dest: - path: .source - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh.memcached - dest: - path: .values.images.tags -data: - chart_name: memcached - release: openstack-memcached - namespace: openstack - wait: - timeout: 1800 - labels: - release_group: airship-openstack-memcached - install: - no_hooks: false - upgrade: - no_hooks: false - values: - labels: - server: - node_selector_key: openstack-control-plane - node_selector_value: enabled - dependencies: - - openstack-memcached-helm-toolkit ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-memcached-helm-toolkit - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.openstack.memcached-htk - dest: - path: .source - -data: - chart_name: openstack-memcached-helm-toolkit - release: openstack-memcached-helm-toolkit - namespace: helm-toolkit - values: {} - dependencies: [] diff --git a/deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/rabbitmq.yaml b/deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/rabbitmq.yaml deleted file mode 100644 index b4b5de21..00000000 --- a/deployment_files/global/v1.0demo/software/charts/osh/component-infrastructure/rabbitmq.yaml +++ /dev/null @@ -1,69 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: rabbitmq - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.openstack.rabbitmq - dest: - path: .source - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh.rabbitmq - dest: - path: .values.images.tags -data: - chart_name: rabbitmq - release: rabbitmq - namespace: openstack - wait: - timeout: 1800 - labels: - release_group: airship-rabbitmq - install: - no_hooks: false - upgrade: - no_hooks: false - values: - labels: - server: - node_selector_key: openstack-control-plane - node_selector_value: enabled - pod: - replicas: - server: 1 - dependencies: - - openstack-rabbitmq-helm-toolkit ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-rabbitmq-helm-toolkit - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.openstack.rabbitmq-htk - dest: - path: .source -data: - chart_name: openstack-rabbitmq-helm-toolkit - release: openstack-rabbitmq-helm-toolkit - namespace: helm-toolkit - values: {} - dependencies: [] diff --git a/deployment_files/global/v1.0demo/software/charts/osh/compute-kit/chart-group.yaml b/deployment_files/global/v1.0demo/software/charts/osh/compute-kit/chart-group.yaml deleted file mode 100644 index 52d836b1..00000000 --- a/deployment_files/global/v1.0demo/software/charts/osh/compute-kit/chart-group.yaml +++ /dev/null @@ -1,17 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-compute-kit - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: "Deploy nova and neutron, and backend services" - sequenced: False - chart_group: - - libvirt - - openvswitch - - nova - - neutron diff --git a/deployment_files/global/v1.0demo/software/charts/osh/compute-kit/libvirt.yaml b/deployment_files/global/v1.0demo/software/charts/osh/compute-kit/libvirt.yaml deleted file mode 100644 index b77eddc7..00000000 --- a/deployment_files/global/v1.0demo/software/charts/osh/compute-kit/libvirt.yaml +++ /dev/null @@ -1,66 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: libvirt - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.openstack.libvirt - dest: - path: .source - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh.libvirt - dest: - path: .values.images.tags -data: - chart_name: libvirt - release: openstack-libvirt - namespace: openstack - install: - no_hooks: false - upgrade: - no_hooks: false - values: - labels: - agent: - libvirt: - node_selector_key: openstack-compute-node - node_selector_value: enabled - conf: - ceph: - enabled: false - dependencies: - - openstack-libvirt-helm-toolkit ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-libvirt-helm-toolkit - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.openstack.libvirt-htk - dest: - path: .source -data: - chart_name: openstack-libvirt-helm-toolkit - release: openstack-libvirt-helm-toolkit - namespace: helm-toolkit - values: {} - dependencies: [] diff --git a/deployment_files/global/v1.0demo/software/charts/osh/compute-kit/neutron.yaml b/deployment_files/global/v1.0demo/software/charts/osh/compute-kit/neutron.yaml deleted file mode 100644 index fb5348cb..00000000 --- a/deployment_files/global/v1.0demo/software/charts/osh/compute-kit/neutron.yaml +++ /dev/null @@ -1,130 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: neutron - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.openstack.neutron - dest: - path: .source - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh.neutron - dest: - path: .values.images.tags -data: - chart_name: neutron - release: neutron - namespace: openstack - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - application: neutron - component: db-init - - type: job - labels: - application: neutron - component: db-sync - - type: job - labels: - application: neutron - component: ks-user - - type: job - labels: - application: neutron - component: ks-service - - type: job - labels: - application: neutron - component: ks-endpoints - wait: - timeout: 1800 - values: - labels: - agent: - dhcp: - node_selector_key: openstack-control-plane - node_selector_value: enabled - l3: - node_selector_key: openstack-control-plane - node_selector_value: enabled - metadata: - node_selector_key: openstack-control-plane - node_selector_value: enabled - job: - node_selector_key: openstack-control-plane - node_selector_value: enabled - lb: - node_selector_key: linuxbridge - node_selector_value: enabled - ovs: - node_selector_key: openvswitch - node_selector_value: enabled - server: - node_selector_key: openstack-control-plane - node_selector_value: enabled - test: - node_selector_key: openstack-control-plane - node_selector_value: enabled - network: - interface: - tunnel: docker0 - conf: - neutron: - DEFAULT: - l3_ha: False - max_l3_agents_per_router: 1 - l3_ha_network_type: vxlan - dhcp_agents_per_network: 1 - plugins: - ml2_conf: - ml2_type_flat: - flat_networks: public - openvswitch_agent: - agent: - tunnel_types: vxlan - ovs: - bridge_mappings: public:br-ex - linuxbridge_agent: - linux_bridge: - bridge_mappings: public:br-ex - dependencies: - - openstack-neutron-helm-toolkit ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-neutron-helm-toolkit - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.openstack.neutron-htk - dest: - path: .source -data: - chart_name: openstack-neutron-helm-toolkit - release: openstack-neutron-helm-toolkit - namespace: helm-toolkit - values: {} - dependencies: [] diff --git a/deployment_files/global/v1.0demo/software/charts/osh/compute-kit/nova.yaml b/deployment_files/global/v1.0demo/software/charts/osh/compute-kit/nova.yaml deleted file mode 100644 index 19fcc193..00000000 --- a/deployment_files/global/v1.0demo/software/charts/osh/compute-kit/nova.yaml +++ /dev/null @@ -1,144 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: nova - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.openstack.nova - dest: - path: .source - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh.nova - dest: - path: .values.images.tags -data: - chart_name: nova - release: nova - namespace: openstack - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - application: nova - component: db-init - - type: job - labels: - application: nova - component: db-sync - - type: job - labels: - application: nova - component: ks-user - - type: job - labels: - application: nova - component: ks-service - - type: job - labels: - application: nova - component: ks-endpoints - - type: job - labels: - application: placement - component: ks-user - - type: job - labels: - application: placement - component: ks-service - - type: job - labels: - application: placement - component: ks-endpoints - - type: job - labels: - application: nova - component: cell-setup - - type: cronjob - labels: - application: nova - component: cell-setup - values: - labels: - agent: - compute: - node_selector_key: openstack-compute-node - node_selector_value: enabled - compute_ironic: - node_selector_key: openstack-compute-node - node_selector_value: enabled - api_metadata: - node_selector_key: openstack-control-plane - node_selector_value: enabled - conductor: - node_selector_key: openstack-control-plane - node_selector_value: enabled - consoleauth: - node_selector_key: openstack-control-plane - node_selector_value: enabled - job: - node_selector_key: openstack-control-plane - node_selector_value: enabled - novncproxy: - node_selector_key: openstack-control-plane - node_selector_value: enabled - osapi: - node_selector_key: openstack-control-plane - node_selector_value: enabled - placement: - node_selector_key: openstack-control-plane - node_selector_value: enabled - scheduler: - node_selector_key: openstack-control-plane - node_selector_value: enabled - spiceproxy: - node_selector_key: openstack-control-plane - node_selector_value: enabled - test: - node_selector_key: openstack-control-plane - node_selector_value: enabled - conf: - ceph: - enabled: false - nova: - libvirt: - virt_type: qemu - dependencies: - - openstack-nova-helm-toolkit ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-nova-helm-toolkit - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.openstack.nova-htk - dest: - path: .source -data: - chart_name: openstack-nova-helm-toolkit - release: openstack-nova-helm-toolkit - namespace: helm-toolkit - values: {} - dependencies: [] diff --git a/deployment_files/global/v1.0demo/software/charts/osh/compute-kit/openvswitch.yaml b/deployment_files/global/v1.0demo/software/charts/osh/compute-kit/openvswitch.yaml deleted file mode 100644 index 8034ff2f..00000000 --- a/deployment_files/global/v1.0demo/software/charts/osh/compute-kit/openvswitch.yaml +++ /dev/null @@ -1,67 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: openvswitch - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.openstack.openvswitch - dest: - path: .source - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.osh.openvswitch - dest: - path: .values.images.tags -data: - chart_name: openvswitch - release: openvswitch - namespace: openstack - wait: - timeout: 1800 - labels: - release_group: airship-openvswitch - install: - no_hooks: false - upgrade: - no_hooks: false - values: - labels: - ovs: - node_selector_key: openvswitch - node_selector_value: enabled - dependencies: - - openstack-openvswitch-helm-toolkit ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-openvswitch-helm-toolkit - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.openstack.openvswitch-htk - dest: - path: .source - -data: - chart_name: openstack-openvswitch-helm-toolkit - release: openstack-openvswitch-helm-toolkit - namespace: helm-toolkit - values: {} - dependencies: [] diff --git a/deployment_files/global/v1.0demo/software/charts/osh/ingress/chart-group.yaml b/deployment_files/global/v1.0demo/software/charts/osh/ingress/chart-group.yaml deleted file mode 100644 index 777e87f9..00000000 --- a/deployment_files/global/v1.0demo/software/charts/osh/ingress/chart-group.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-ingress-controller - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: "OpenStack Ingress Controller" - sequenced: False - chart_group: - - openstack-ingress-controller diff --git a/deployment_files/global/v1.0demo/software/charts/osh/ingress/ingress.yaml b/deployment_files/global/v1.0demo/software/charts/osh/ingress/ingress.yaml deleted file mode 100644 index 264e5dc8..00000000 --- a/deployment_files/global/v1.0demo/software/charts/osh/ingress/ingress.yaml +++ /dev/null @@ -1,62 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-ingress-controller - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.openstack.ingress - dest: - path: .source -data: - chart_name: openstack-ingress-controller - release: openstack-ingress-controller - namespace: openstack - wait: - timeout: 300 - labels: - release_group: airship-openstack-ingress-controller - install: - no_hooks: false - upgrade: - no_hooks: false - values: - labels: - server: - node_selector_key: openstack-control-plane - node_selector_value: enabled - error_server: - node_selector_key: openstack-control-plane - node_selector_value: enabled - dependencies: - - openstack-ingress-helm-toolkit ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: openstack-ingress-helm-toolkit - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.openstack.ingress-htk - dest: - path: .source -data: - chart_name: openstack-ingress-helm-toolkit - release: openstack-ingress-helm-toolkit - namespace: helm-toolkit - values: {} - dependencies: [] diff --git a/deployment_files/global/v1.0demo/software/charts/ucp/armada/armada.yaml b/deployment_files/global/v1.0demo/software/charts/ucp/armada/armada.yaml deleted file mode 100644 index dce9d5a7..00000000 --- a/deployment_files/global/v1.0demo/software/charts/ucp/armada/armada.yaml +++ /dev/null @@ -1,123 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-armada - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.armada - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.armada - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.identity - dest: - path: .values.endpoints.identity - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.armada - dest: - path: .values.endpoints.armada - - # Credentials - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.keystone.admin - dest: - path: .values.endpoints.identity.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.armada.keystone - dest: - path: .values.endpoints.identity.auth.user - - # Secrets - - dest: - path: .values.endpoints.identity.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_keystone_admin_password - path: . - - dest: - path: .values.endpoints.identity.auth.user.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_armada_keystone_password - path: . -data: - chart_name: armada - release: ucp-armada - namespace: ucp - wait: - timeout: 100 - labels: - release_group: airship-ucp-armada - test: - enabled: true - options: - cleanup: true - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-ucp-armada - values: - replicas: - api: 1 - armada: - DEFAULT: - debug: true - manifests: - deployment_tiller: false - service_tiller: false - dependencies: - - armada-htk -... ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: armada-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.armada-htk - dest: - path: .source -data: - chart_name: armada-htk - release: armada-htk - namespace: armada-htk - values: {} - dependencies: [] -... diff --git a/deployment_files/global/v1.0demo/software/charts/ucp/armada/chart-group.yaml b/deployment_files/global/v1.0demo/software/charts/ucp/armada/chart-group.yaml deleted file mode 100644 index 01e6d06f..00000000 --- a/deployment_files/global/v1.0demo/software/charts/ucp/armada/chart-group.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-armada - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Armada - sequenced: true - chart_group: - - ucp-tiller - - ucp-armada diff --git a/deployment_files/global/v1.0demo/software/charts/ucp/armada/tiller.yaml b/deployment_files/global/v1.0demo/software/charts/ucp/armada/tiller.yaml deleted file mode 100644 index df5e83d9..00000000 --- a/deployment_files/global/v1.0demo/software/charts/ucp/armada/tiller.yaml +++ /dev/null @@ -1,70 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-tiller - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.tiller - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.tiller - dest: - path: .values.images.tags - -data: - chart_name: tiller - release: ucp-tiller - namespace: kube-system - wait: - timeout: 100 - labels: - release_group: airship-ucp-tiller - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-ucp-tiller - values: {} - dependencies: - - tiller-htk -... ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: tiller-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.tiller-htk - dest: - path: .source -data: - chart_name: tiller-htk - release: tiller-htk - namespace: tiller-htk - values: {} - dependencies: [] -... diff --git a/deployment_files/global/v1.0demo/software/charts/ucp/core/chart-group.yaml b/deployment_files/global/v1.0demo/software/charts/ucp/core/chart-group.yaml deleted file mode 100644 index 1eb2c733..00000000 --- a/deployment_files/global/v1.0demo/software/charts/ucp/core/chart-group.yaml +++ /dev/null @@ -1,17 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-core - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Common Airship Components - chart_group: - - ucp-ingress - - ucp-mariadb - - ucp-rabbitmq - - ucp-postgresql -... diff --git a/deployment_files/global/v1.0demo/software/charts/ucp/core/ingress.yaml b/deployment_files/global/v1.0demo/software/charts/ucp/core/ingress.yaml deleted file mode 100644 index 2e43c59b..00000000 --- a/deployment_files/global/v1.0demo/software/charts/ucp/core/ingress.yaml +++ /dev/null @@ -1,76 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-ingress - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - labels: - name: ucp-ingress - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.ingress - dest: - path: .source -data: - chart_name: ingress - release: ingress - namespace: ucp - wait: - timeout: 600 - labels: - release_group: airship-ingress - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-ingress - values: - labels: - server: - node_selector_key: ucp-control-plane - node_selector_value: enabled - error_server: - node_selector_key: ucp-control-plane - node_selector_value: enabled - pod: - replicas: - ingress: 1 - error_page: 1 - network: - ingress: - annotations: - nginx.ingress.kubernetes.io/proxy-read-timeout: "600" - dependencies: - - ucp-ingress-htk ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-ingress-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.ingress-htk - dest: - path: .source -data: - chart_name: ucp-ingress-htk - release: ucp-ingress-htk - namespace: ucp-ingress-htk - values: {} - dependencies: [] diff --git a/deployment_files/global/v1.0demo/software/charts/ucp/core/mariadb.yaml b/deployment_files/global/v1.0demo/software/charts/ucp/core/mariadb.yaml deleted file mode 100644 index 82be2846..00000000 --- a/deployment_files/global/v1.0demo/software/charts/ucp/core/mariadb.yaml +++ /dev/null @@ -1,109 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-mariadb - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.mariadb - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.mariadb - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.oslo_db - dest: - path: .values.endpoints.oslo_db - # Accounts - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.oslo_db.admin - dest: - path: .values.endpoints.oslo_db.auth.admin - - # Secrets - - dest: - path: .values.endpoints.oslo_db.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_oslo_db_admin_password - path: . - -data: - chart_name: ucp-mariadb - release: ucp-mariadb - namespace: ucp - wait: - timeout: 600 - labels: - release_group: airship-ucp-mariadb - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-ucp-mariadb - values: - labels: - server: - node_selector_key: ucp-control-plane - node_selector_value: enabled - prometheus_mysql_exporter: - node_selector_key: ucp-control-plane - node_selector_value: enabled - ingress: - node_selector_key: ucp-control-plane - node_selector_value: enabled - error_server: - node_selector_key: ucp-control-plane - node_selector_value: enabled - pod: - replicas: - server: 1 - dependencies: - - mariadb-htk -... ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: mariadb-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.mariadb-htk - dest: - path: .source -data: - chart_name: mariadb-htk - release: mariadb-htk - namespace: mariadb-htk - values: {} - dependencies: [] -... diff --git a/deployment_files/global/v1.0demo/software/charts/ucp/core/postgresql.yaml b/deployment_files/global/v1.0demo/software/charts/ucp/core/postgresql.yaml deleted file mode 100644 index 15d9052a..00000000 --- a/deployment_files/global/v1.0demo/software/charts/ucp/core/postgresql.yaml +++ /dev/null @@ -1,101 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-postgresql - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.postgresql - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.postgresql - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.postgresql - dest: - path: .values.endpoints.postgresql - # Credentials - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.postgres.admin - dest: - path: .values.endpoints.postgresql.auth.admin - - # Secrets - - dest: - path: .values.endpoints.postgresql.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_postgres_admin_password - path: . -data: - chart_name: ucp-postgresql - release: ucp-postgresql - namespace: ucp - wait: - timeout: 600 - labels: - release_group: airship-ucp-postgresql - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-ucp-postgresql - create: [] - post: - create: [] - values: - development: - enabled: false - labels: - server: - node_selector_key: ucp-control-plane - node_selector_value: enabled - dependencies: - - postgres-htk -... ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: postgres-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.postgresql-htk - dest: - path: .source -data: - chart_name: postgres-htk - release: postgres-htk - namespace: postgres-htk - values: {} - dependencies: [] -... diff --git a/deployment_files/global/v1.0demo/software/charts/ucp/core/rabbitmq.yaml b/deployment_files/global/v1.0demo/software/charts/ucp/core/rabbitmq.yaml deleted file mode 100644 index 9917667e..00000000 --- a/deployment_files/global/v1.0demo/software/charts/ucp/core/rabbitmq.yaml +++ /dev/null @@ -1,114 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-rabbitmq - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.rabbitmq - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.rabbitmq - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.oslo_messaging - dest: - path: .values.endpoints.oslo_messaging - - # Credentials - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.oslo_messaging.admin - dest: - path: .values.endpoints.oslo_messaging.auth.user - - # Secrets - - - src: - schema: deckhand/Passphrase/v1 - name: ucp_rabbitmq_erlang_cookie - path: . - dest: - path: .values.endpoints.oslo_messaging.auth.erlang_cookie - - src: - schema: deckhand/Passphrase/v1 - name: ucp_oslo_messaging_password - path: . - dest: - path: .values.endpoints.oslo_messaging.auth.user.password -data: - chart_name: ucp-rabbitmq - release: ucp-rabbitmq - namespace: ucp - wait: - timeout: 600 - labels: - release_group: airship-ucp-rabbitmq - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-ucp-rabbitmq - - type: pod - labels: - release_group: airship-ucp-rabbitmq - component: test - values: - pod: - replicas: - server: 1 - labels: - server: - node_selector_key: ucp-control-plane - node_selector_value: enabled - prometheus_rabbitmq_exporter: - node_selector_key: ucp-control-plane - node_selector_value: enabled - dependencies: - - ucp-rabbitmq-htk -... ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-rabbitmq-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.rabbitmq-htk - dest: - path: .source -data: - chart_name: ucp-rabbitmq-htk - release: ucp-rabbitmq-htk - namespace: ucp-rabbitmq-htk - values: {} - dependencies: [] -... diff --git a/deployment_files/global/v1.0demo/software/charts/ucp/deckhand/barbican.yaml b/deployment_files/global/v1.0demo/software/charts/ucp/deckhand/barbican.yaml deleted file mode 100644 index 7d71df27..00000000 --- a/deployment_files/global/v1.0demo/software/charts/ucp/deckhand/barbican.yaml +++ /dev/null @@ -1,188 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-barbican - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.barbican - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.barbican - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.identity - dest: - path: .values.endpoints.identity - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.key_manager - dest: - path: .values.endpoints.key_manager - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.oslo_db - dest: - path: .values.endpoints.oslo_db - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.oslo_cache - dest: - path: .values.endpoints.oslo_cache - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.oslo_messaging - dest: - path: .values.endpoints.oslo_messaging - - # Credentials - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.barbican.keystone - dest: - path: .values.endpoints.identity.auth.barbican - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.keystone.admin - dest: - path: .values.endpoints.identity.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.barbican.oslo_db - dest: - path: .values.endpoints.oslo_db.auth.barbican - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.barbican.oslo_db.database - dest: - path: .values.endpoints.oslo_db.path - pattern: DB_NAME - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.barbican.oslo_messaging - dest: - path: .values.endpoints.oslo_messaging.auth - - # Secrets - - dest: - path: .values.endpoints.identity.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_keystone_admin_password - path: . - - dest: - path: .values.endpoints.oslo_db.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_oslo_db_admin_password - path: . - - dest: - path: .values.endpoints.identity.auth.barbican.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_barbican_keystone_password - path: . - - dest: - path: .values.endpoints.oslo_db.auth.barbican.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_barbican_oslo_db_password - path: . - - dest: - path: .values.endpoints.oslo_messaging.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_oslo_messaging_password - path: . - - dest: - path: .values.endpoints.oslo_messaging.auth.barbican.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_oslo_messaging_password - path: . -data: - chart_name: ucp-barbican - release: ucp-barbican - namespace: ucp - wait: - timeout: 600 - labels: - release_group: airship-ucp-barbican - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-ucp-barbican - create: [] - post: - create: [] - values: - labels: - api: - node_selector_key: ucp-control-plane - node_selector_value: enabled - job: - node_selector_key: ucp-control-plane - node_selector_value: enabled - test: - node_selector_key: ucp-control-plane - node_selector_value: enabled - pod: - replicas: - api: 1 - dependencies: - - ucp-barbican-htk -... ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-barbican-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.barbican-htk - dest: - path: .source -data: - chart_name: ucp-barbican-htk - release: ucp-barbican-htk - namespace: ucp-barbican-htk - values: {} - dependencies: [] -... diff --git a/deployment_files/global/v1.0demo/software/charts/ucp/deckhand/chart-group.yaml b/deployment_files/global/v1.0demo/software/charts/ucp/deckhand/chart-group.yaml deleted file mode 100644 index 0b7bee7a..00000000 --- a/deployment_files/global/v1.0demo/software/charts/ucp/deckhand/chart-group.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-deckhand - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Deckhand - chart_group: - # NOTE(mb874d): Find and add the dogtag chart - # - ucp-dogtag - - ucp-barbican - - ucp-deckhand diff --git a/deployment_files/global/v1.0demo/software/charts/ucp/deckhand/deckhand.yaml b/deployment_files/global/v1.0demo/software/charts/ucp/deckhand/deckhand.yaml deleted file mode 100644 index a1e7e551..00000000 --- a/deployment_files/global/v1.0demo/software/charts/ucp/deckhand/deckhand.yaml +++ /dev/null @@ -1,178 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-deckhand - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.deckhand - dest: - path: .source - - # Images - - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.deckhand - dest: - path: .values.images.tags - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.identity - dest: - path: .values.endpoints.identity - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.postgresql - dest: - path: .values.endpoints.postgresql - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.deckhand - dest: - path: .values.endpoints.deckhand - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.key_manager - dest: - path: .values.endpoints.key_manager - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.oslo_cache - dest: - path: .values.endpoints.oslo_cache - # Credentials - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.postgres.admin - dest: - path: .values.endpoints.postgresql.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.deckhand.postgres - dest: - path: .values.endpoints.postgresql.auth.user - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.deckhand.postgres.database - dest: - path: .values.endpoints.postgresql.path - pattern: DB_NAME - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.deckhand.keystone - dest: - path: .values.endpoints.identity.auth.user - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.keystone.admin - dest: - path: .values.endpoints.identity.auth.admin - - # Secrets - - dest: - path: .values.endpoints.identity.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_keystone_admin_password - path: . - - dest: - path: .values.endpoints.postgresql.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_postgres_admin_password - path: . - - dest: - path: .values.endpoints.identity.auth.user.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_deckhand_keystone_password - path: . - - dest: - path: .values.endpoints.postgresql.auth.user.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_deckhand_postgres_password - path: . -data: - chart_name: ucp-deckhand - release: ucp-deckhand - namespace: ucp - wait: - timeout: 600 - labels: - release_group: airship-ucp-deckhand - test: - enabled: true - options: - cleanup: true - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-ucp-deckhand - create: [] - post: - create: [] - values: - pod: - replicas: - api: 1 - conf: - deckhand: - DEFAULT: - debug: true - use_stderr: true - use_syslog: true - keystone_authtoken: - memcache_security_strategy: None - dependencies: - - deckhand-htk -... ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: deckhand-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.deckhand-htk - dest: - path: .source -data: - chart_name: deckhand-htk - release: deckhand-htk - namespace: deckhand-htk - values: {} - dependencies: [] -... diff --git a/deployment_files/global/v1.0demo/software/charts/ucp/divingbell/chart-group.yaml b/deployment_files/global/v1.0demo/software/charts/ucp/divingbell/chart-group.yaml deleted file mode 100644 index e67a6e20..00000000 --- a/deployment_files/global/v1.0demo/software/charts/ucp/divingbell/chart-group.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-divingbell - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Divingbell - chart_group: - - ucp-divingbell diff --git a/deployment_files/global/v1.0demo/software/charts/ucp/divingbell/divingbell.yaml b/deployment_files/global/v1.0demo/software/charts/ucp/divingbell/divingbell.yaml deleted file mode 100644 index c7a3117e..00000000 --- a/deployment_files/global/v1.0demo/software/charts/ucp/divingbell/divingbell.yaml +++ /dev/null @@ -1,93 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-divingbell - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.divingbell - dest: - path: .source -data: - chart_name: divingbell - release: divingbell - namespace: ucp - wait: - timeout: 300 - labels: - release_group: airship-divingbell - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-divingbell - values: - conf: - sysctl: - net.nf_conntrack_max: '1048576' - kernel.panic: '60' - net.ipv4.conf.default.arp_accept: '1' - net.core.netdev_max_backlog: '261144' - net.ipv4.tcp_keepalive_intvl: '3' - net.ipv4.tcp_keepalive_time: '30' - net.ipv4.tcp_keepalive_probes: '8' - net.ipv4.conf.all.arp_accept: '1' - net.ipv4.tcp_retries2: '5' - net.ipv4.neigh.default.gc_thresh1: '4096' - net.ipv4.neigh.default.gc_thresh2: '8192' - net.ipv4.neigh.default.gc_thresh3: '16384' - net.bridge.bridge-nf-call-iptables: '1' - net.bridge.bridge-nf-call-arptables: '1' - net.bridge.bridge-nf-call-ip6tables: '1' - net.ipv4.conf.default.rp_filter: '0' - net.netfilter.nf_conntrack_acct: '1' - overrides: - divingbell_mounts: - labels: - - label: - key: hosttype - values: - - "nd-global" - - "nv-global" - conf: - mounts: - mnt1: - mnt_tgt: /run/hugepages/kvm - device: hugetlbfs-kvm - type: hugetlbfs - options: 'mode=775' - dependencies: - - ucp-divingbell-htk ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-divingbell-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.divingbell-htk - dest: - path: .source -data: - chart_name: ucp-divingbell-htk - release: ucp-divingbell-htk - namespace: ucp-divingbell-htk - values: {} - dependencies: [] diff --git a/deployment_files/global/v1.0demo/software/charts/ucp/drydock/chart-group.yaml b/deployment_files/global/v1.0demo/software/charts/ucp/drydock/chart-group.yaml deleted file mode 100644 index 498e5e31..00000000 --- a/deployment_files/global/v1.0demo/software/charts/ucp/drydock/chart-group.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-drydock - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Drydock - chart_group: - - ucp-maas - - ucp-drydock diff --git a/deployment_files/global/v1.0demo/software/charts/ucp/drydock/drydock.yaml b/deployment_files/global/v1.0demo/software/charts/ucp/drydock/drydock.yaml deleted file mode 100644 index 091a2ca3..00000000 --- a/deployment_files/global/v1.0demo/software/charts/ucp/drydock/drydock.yaml +++ /dev/null @@ -1,180 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-drydock - labels: - name: ucp-drydock - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.drydock - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.drydock - dest: - path: .values.images.tags - - # Endpoints - - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.identity - dest: - path: .values.endpoints.identity - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.postgresql - dest: - path: .values.endpoints.postgresql - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.physicalprovisioner - dest: - path: .values.endpoints.physicalprovisioner - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.maas_region - dest: - path: .values.endpoints.maas_region - - # Credentials - - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.postgres.admin - dest: - path: .values.endpoints.postgresql.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.drydock.postgres - dest: - path: .values.endpoints.postgresql.auth.user - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.drydock.postgres.database - dest: - path: .values.endpoints.postgresql.path - pattern: DB_NAME - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.keystone.admin - dest: - path: .values.endpoints.identity.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.drydock.keystone - dest: - path: .values.endpoints.identity.auth.drydock - - # Secrets - - dest: - path: .values.endpoints.identity.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_keystone_admin_password - path: . - - dest: - path: .values.endpoints.postgresql.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_postgres_admin_password - path: . - - dest: - path: .values.endpoints.identity.auth.drydock.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_drydock_keystone_password - path: . - - dest: - path: .values.endpoints.postgresql.auth.user.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_drydock_postgres_password - path: . - -data: - chart_name: drydock - release: drydock - namespace: ucp - wait: - timeout: 600 - labels: - release_group: airship-drydock - test: - enabled: true - options: - cleanup: true - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-drydock - values: - replicas: - drydock: 1 - labels: - node_selector_key: ucp-control-plane - node_selector_value: enabled - network: - drydock: - node_port: - enabled: true - conf: - drydock: - plugins: - ingester: drydock_provisioner.ingester.plugins.deckhand.DeckhandIngester - oob_driver: - - 'drydock_provisioner.drivers.oob.pyghmi_driver.driver.PyghmiDriver' - - 'drydock_provisioner.drivers.oob.manual_driver.driver.ManualDriver' - dependencies: - - drydock-htk -... ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: drydock-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.drydock-htk - dest: - path: .source -data: - chart_name: drydock-htk - release: drydock-htk - namespace: drydock-htk - values: {} - dependencies: [] -... diff --git a/deployment_files/global/v1.0demo/software/charts/ucp/drydock/maas.yaml b/deployment_files/global/v1.0demo/software/charts/ucp/drydock/maas.yaml deleted file mode 100644 index c2c93d7b..00000000 --- a/deployment_files/global/v1.0demo/software/charts/ucp/drydock/maas.yaml +++ /dev/null @@ -1,196 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-maas - layeringDefinition: - abstract: false - layer: global - labels: - name: ucp-maas - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.maas - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.maas - dest: - path: .values.images.tags - - # MaaS Config - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .dns.upstream_servers_joined - dest: - path: .values.conf.maas.dns.dns_servers - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .ntp.servers_joined - dest: - path: .values.conf.maas.ntp.ntp_servers - - src: - schema: deckhand/Passphrase/v1 - name: maas-region-key - path: . - dest: - path: .values.secrets.maas_region.value - - # Endpoint substitutions - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.postgresql - dest: - path: .values.endpoints.maas_db - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.maas_region - dest: - path: .values.endpoints.maas_region - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.physicalprovisioner - dest: - path: .values.endpoints.physicalprovisioner - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.maas_ingress - dest: - path: .values.endpoints.maas_ingress - - # Account and credential substitutions - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.postgres.admin - dest: - path: .values.endpoints.maas_db.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.maas.postgres - dest: - path: .values.endpoints.maas_db.auth.user - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.maas.postgres.database - dest: - path: .values.endpoints.maas_db.path - pattern: DB_NAME - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.maas.admin - dest: - path: .values.endpoints.maas_region.auth.admin - - # Secrets - - dest: - path: .values.endpoints.maas_region_ui.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_maas_admin_password - path: . - - dest: - path: .values.endpoints.maas_db.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_postgres_admin_password - path: . - - dest: - path: .values.endpoints.maas_db.auth.user.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_maas_postgres_password - path: . -data: - chart_name: maas - release: maas - namespace: ucp - wait: - timeout: 1800 - labels: - release_group: airship-maas - test: - enabled: true - options: - cleanup: true - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-maas - values: - pod: - replicas: - rack: 1 - region: 1 - labels: - rack: - node_selector_key: ucp-control-plane - node_selector_value: enabled - region: - node_selector_key: ucp-control-plane - node_selector_value: enabled - network: - proxy: - node_port: - enabled: false - conf: - cache: - enabled: false - maas: - credentials: - secret: - namespace: ucp - proxy: - proxy_enabled: 'true' - ntp: - use_external_only: 'false' - dns: - require_dnssec: 'no' - dependencies: - - maas-htk -... ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: maas-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.maas-htk - dest: - path: .source -data: - chart_name: maas-htk - release: maas-htk - namespace: maas-htk - values: {} - dependencies: [] -... diff --git a/deployment_files/global/v1.0demo/software/charts/ucp/keystone/chart-group.yaml b/deployment_files/global/v1.0demo/software/charts/ucp/keystone/chart-group.yaml deleted file mode 100644 index 5b2ae477..00000000 --- a/deployment_files/global/v1.0demo/software/charts/ucp/keystone/chart-group.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-keystone - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Airship Keystone components - chart_group: - - ucp-keystone-memcached - - ucp-keystone diff --git a/deployment_files/global/v1.0demo/software/charts/ucp/keystone/keystone.yaml b/deployment_files/global/v1.0demo/software/charts/ucp/keystone/keystone.yaml deleted file mode 100644 index 39ac788b..00000000 --- a/deployment_files/global/v1.0demo/software/charts/ucp/keystone/keystone.yaml +++ /dev/null @@ -1,168 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-keystone - labels: - component: keystone - configuration: ldap-backed - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.keystone - dest: - path: .source - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.keystone - dest: - path: .values.images.tags - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.identity - dest: - path: .values.endpoints.identity - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.oslo_db - dest: - path: .values.endpoints.oslo_db - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.oslo_messaging - dest: - path: .values.endpoints.oslo_messaging - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.oslo_cache - dest: - path: .values.endpoints.oslo_cache - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.keystone.admin - dest: - path: .values.endpoints.identity.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.keystone.oslo_messaging - dest: - path: .values.endpoints.oslo_messaging.auth - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.keystone.oslo_db - dest: - path: .values.endpoints.oslo_db.auth.keystone - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.keystone.oslo_db.database - dest: - path: .values.endpoints.oslo_db.path - pattern: DB_NAME - # Secrets - - dest: - path: .values.endpoints.identity.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_keystone_admin_password - path: . - - dest: - path: .values.endpoints.oslo_messaging.auth.keystone.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_oslo_messaging_password - path: . - - dest: - path: .values.endpoints.oslo_messaging.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_oslo_messaging_password - path: . - - dest: - path: .values.endpoints.oslo_db.auth.keystone.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_keystone_oslo_db_password - path: . - - dest: - path: .values.endpoints.oslo_db.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_oslo_db_admin_password - path: . -data: - chart_name: ucp-keystone - release: ucp-keystone - namespace: ucp - wait: - timeout: 600 - labels: - release_group: airship-ucp-keystone - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-ucp-keystone - - type: pod - labels: - release_group: airship-ucp-keystone - component: test - post: - create: [] - values: - pods: - replicas: - api: 1 - labels: - api: - node_selector_key: ucp-control-plane - node_selector_value: enabled - job: - node_selector_key: ucp-control-plane - node_selector_value: enabled - dependencies: - - ucp-keystone-htk -... ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-keystone-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.keystone-htk - dest: - path: .source -data: - chart_name: ucp-keystone-htk - release: ucp-keystone-htk - namespace: ucp-keystone-htk - values: {} - dependencies: [] -... diff --git a/deployment_files/global/v1.0demo/software/charts/ucp/keystone/memcached.yaml b/deployment_files/global/v1.0demo/software/charts/ucp/keystone/memcached.yaml deleted file mode 100644 index f5b4f415..00000000 --- a/deployment_files/global/v1.0demo/software/charts/ucp/keystone/memcached.yaml +++ /dev/null @@ -1,80 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-keystone-memcached - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.memcached - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.memcached - dest: - path: .values.images.tags - - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.oslo_cache - dest: - path: .values.endpoints.oslo_cache -data: - chart_name: ucp-keystone-memcached - release: ucp-keystone-memcached - namespace: ucp - wait: - timeout: 600 - labels: - release_group: airship-ucp-keystone-memcached - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-ucp-keystone-memcached - values: - labels: - server: - node_selector_key: ucp-control-plane - node_selector_value: enabled - dependencies: - - ucp-memcached-htk -... ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-memcached-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.memcached-htk - dest: - path: .source -data: - chart_name: ucp-memcached-htk - release: ucp-memcached-htk - namespace: ucp-memcached-htk - values: {} - dependencies: [] -... diff --git a/deployment_files/global/v1.0demo/software/charts/ucp/promenade/chart-group.yaml b/deployment_files/global/v1.0demo/software/charts/ucp/promenade/chart-group.yaml deleted file mode 100644 index dcea4468..00000000 --- a/deployment_files/global/v1.0demo/software/charts/ucp/promenade/chart-group.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-promenade - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Promenade - chart_group: - - ucp-promenade diff --git a/deployment_files/global/v1.0demo/software/charts/ucp/promenade/promenade.yaml b/deployment_files/global/v1.0demo/software/charts/ucp/promenade/promenade.yaml deleted file mode 100644 index e692bbdf..00000000 --- a/deployment_files/global/v1.0demo/software/charts/ucp/promenade/promenade.yaml +++ /dev/null @@ -1,130 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-promenade - layeringDefinition: - abstract: false - layer: global - labels: - name: ucp-promenade - storagePolicy: cleartext - substitutions: - - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.promenade - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.promenade - dest: - path: .values.images.tags - - # Endpoints - - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.identity - dest: - path: .values.endpoints.identity - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.kubernetesprovisioner - dest: - path: .values.endpoints.kubernetesprovisioner - - # Credentials - - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.keystone.admin - dest: - path: .values.endpoints.identity.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.promenade.keystone - dest: - path: .values.endpoints.identity.auth.user - - # Secrets - - dest: - path: .values.endpoints.identity.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_keystone_admin_password - path: . - - dest: - path: .values.endpoints.identity.auth.user.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_promenade_keystone_password - path: . - -data: - chart_name: promenade - release: ucp-promenade - namespace: ucp - wait: - timeout: 600 - labels: - release_group: airship-ucp-promenade - test: - enabled: true - options: - cleanup: true - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-ucp-promenade - values: - conf: - paste: - filter:authtoken: - paste.filter_factory: keystonemiddleware.auth_token:filter_factory - admin_tenant_name: service - admin_user: promenade - delay_auth_decision: true - identity_uri: http://keystone-api.ucp.svc.cluster.local/ - service_token_roles_required: true - dependencies: - - promenade-htk -... ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: promenade-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.promenade-htk - dest: - path: .source -data: - chart_name: promenade-htk - release: promenade-htk - namespace: promenade-htk - values: {} - dependencies: [] -... diff --git a/deployment_files/global/v1.0demo/software/charts/ucp/services-chart-group.yaml b/deployment_files/global/v1.0demo/software/charts/ucp/services-chart-group.yaml deleted file mode 100644 index f927c24b..00000000 --- a/deployment_files/global/v1.0demo/software/charts/ucp/services-chart-group.yaml +++ /dev/null @@ -1,21 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-services - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Airship Services - sequenced: true - chart_group: - - ucp-tiller - - ucp-maas - - ucp-armada - - ucp-barbican - - ucp-deckhand - - ucp-promenade - - ucp-shipyard - - ucp-drydock diff --git a/deployment_files/global/v1.0demo/software/charts/ucp/shipyard/chart-group.yaml b/deployment_files/global/v1.0demo/software/charts/ucp/shipyard/chart-group.yaml deleted file mode 100644 index 4dffc6e0..00000000 --- a/deployment_files/global/v1.0demo/software/charts/ucp/shipyard/chart-group.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-shipyard - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Shipyard - chart_group: - - ucp-shipyard diff --git a/deployment_files/global/v1.0demo/software/charts/ucp/shipyard/shipyard.yaml b/deployment_files/global/v1.0demo/software/charts/ucp/shipyard/shipyard.yaml deleted file mode 100644 index 4983da16..00000000 --- a/deployment_files/global/v1.0demo/software/charts/ucp/shipyard/shipyard.yaml +++ /dev/null @@ -1,306 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-shipyard - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.shipyard - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ucp.shipyard - dest: - path: .values.images.tags - - # Node ports - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .node_ports.shipyard_api - dest: - path: .values.network.shipyard.node_port - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .node_ports.airflow_web - dest: - path: .values.network.airflow.web.node_port - - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.identity - dest: - path: .values.endpoints.identity - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.postgresql - dest: - path: .values.endpoints.postgresql_shipyard_db - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.postgresql - dest: - path: .values.endpoints.postgresql_airflow_db - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.shipyard - dest: - path: .values.endpoints.shipyard - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.airflow_web - dest: - path: .values.endpoints.airflow_web - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.airflow_flower - dest: - path: .values.endpoints.airflow_flower - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.airflow_oslo_messaging - dest: - path: .values.endpoints.oslo_messaging - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.oslo_cache - dest: - path: .values.endpoints.oslo_cache - - # Database path - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.shipyard.postgres.database - dest: - path: .values.endpoints.postgresql_shipyard_db.path - pattern: 'DB_NAME' - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.airflow.postgres.database - dest: - path: .values.endpoints.postgresql_airflow_db.path - pattern: 'DB_NAME' - # Credentials - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.postgres.admin - dest: - path: .values.endpoints.postgresql_shipyard_db.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.postgres.admin - dest: - path: .values.endpoints.postgresql_airflow_db.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.keystone.admin - dest: - path: .values.endpoints.identity.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.shipyard.postgres - dest: - path: .values.endpoints.postgresql_shipyard_db.auth.user - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.airflow.postgres - dest: - path: .values.endpoints.postgresql_airflow_db.auth.user - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.airflow.oslo_messaging.user - dest: - path: .values.endpoints.oslo_messaging.auth.user - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.airflow.oslo_messaging.admin - dest: - path: .values.endpoints.oslo_messaging.auth.admin - - # Secrets - - dest: - path: .values.endpoints.identity.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_keystone_admin_password - path: . - - dest: - path: .values.endpoints.postgresql_shipyard_db.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_postgres_admin_password - path: . - - dest: - path: .values.endpoints.postgresql_airflow_db.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_postgres_admin_password - path: . - - dest: - path: .values.endpoints.postgresql_airflow_celery_db.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_postgres_admin_password - path: . - - dest: - path: .values.endpoints.identity.auth.shipyard.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_shipyard_keystone_password - path: . - - dest: - path: .values.endpoints.postgresql_shipyard_db.auth.user.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_shipyard_postgres_password - path: . - - dest: - path: .values.endpoints.postgresql_airflow_db.auth.user.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_airflow_postgres_password - path: . - - dest: - path: .values.endpoints.postgresql_airflow_celery_db.auth.user.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_airflow_postgres_password - path: . - - src: - schema: deckhand/Passphrase/v1 - name: ucp_airflow_oslo_messaging_password - path: . - dest: - path: .values.endpoints.oslo_messaging.auth.user.password - - src: - schema: deckhand/Passphrase/v1 - name: ucp_oslo_messaging_password - path: . - dest: - path: .values.endpoints.oslo_messaging.auth.admin.password - -data: - chart_name: shipyard - release: ucp-shipyard - namespace: ucp - wait: - timeout: 600 - labels: - release_group: airship-ucp-shipyard - test: - enabled: true - options: - cleanup: true - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-ucp-shipyard - values: - endpoints: - postgresql_airflow_db: - name: postgresql - hosts: - default: postgresql - path: /DB_NAME - scheme: postgresql+psycopg2 - port: - postgresql: - default: 5432 - host_fqdn_override: - default: null - postgresql_shipyard_db: - name: postgresql - hosts: - default: postgresql - path: /DB_NAME - scheme: postgresql+psycopg2 - port: - postgresql: - default: 5432 - host_fqdn_override: - default: null - prod_environment: true - pod: - replicas: - shipyard: - api: 1 - airflow: - web: 1 - worker: 1 - flower: 1 - scheduler: 1 - labels: - job: - node_selector_key: ucp-control-plane - node_selector_value: enabled - network: - shipyard: - enable_node_port: true - airflow: - web: - enable_node_port: true - conf: - shipyard: - keystone_authtoken: - memcache_security_strategy: None - dependencies: - - shipyard-htk -... ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: shipyard-htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.shipyard-htk - dest: - path: .source -data: - chart_name: shipyard-htk - release: shipyard-htk - namespace: shipyard-htk - values: {} - dependencies: [] -... diff --git a/deployment_files/global/v1.0demo/software/charts/ucp/storage_provisioner/chart-group.yaml b/deployment_files/global/v1.0demo/software/charts/ucp/storage_provisioner/chart-group.yaml deleted file mode 100644 index 310eb716..00000000 --- a/deployment_files/global/v1.0demo/software/charts/ucp/storage_provisioner/chart-group.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-storage-provisioner - labels: - name: ucp-storage-provisioner - group: ucp - service: k8_storage_provisioning - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Kubernetes Storage Provisioner - sequenced: true - chart_group: - - nfs_provisioner diff --git a/deployment_files/global/v1.0demo/software/charts/ucp/storage_provisioner/nfs-prov.yaml b/deployment_files/global/v1.0demo/software/charts/ucp/storage_provisioner/nfs-prov.yaml deleted file mode 100644 index 691f6d54..00000000 --- a/deployment_files/global/v1.0demo/software/charts/ucp/storage_provisioner/nfs-prov.yaml +++ /dev/null @@ -1,85 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: nfs_provisioner - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.nfs_provisioner - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.storage.nfs_provisioner - dest: - path: .values.images.tags -data: - chart_name: nfs-provisioner - release: nfs-provisioner - namespace: kube-system - protected: - continue_processing: false - wait: - timeout: 900 - labels: - release_group: airship-nfs-provisioner - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-nfs-provisioner - values: - labels: - nfs: - node_selector_key: ucp-control-plane - node_selector_value: enabled - job: - node_selector_key: ucp-control-plane - node_selector_value: enabled - storage: - hostPath: - path: /var/lib/airship/nfs - persistentVolumeClaim: - size: '30Gi' - storageclass: - name: general - dependencies: - - nfs_htk -... ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: nfs_htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.nfs_htk - dest: - path: .source -data: - chart_name: nfs_htk - release: nfs_htk - namespace: nfs_htk - values: {} - dependencies: [] -... diff --git a/deployment_files/global/v1.0demo/software/config/Docker.yaml b/deployment_files/global/v1.0demo/software/config/Docker.yaml deleted file mode 100644 index 0158da83..00000000 --- a/deployment_files/global/v1.0demo/software/config/Docker.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -schema: promenade/Docker/v1 -metadata: - schema: metadata/Document/v1 - name: docker-global - labels: - promenade: enabled - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - config: - live-restore: true - max-concurrent-downloads: 10 - storage-driver: overlay2 diff --git a/deployment_files/global/v1.0demo/software/config/Kubelet.yaml b/deployment_files/global/v1.0demo/software/config/Kubelet.yaml deleted file mode 100644 index 8c644c18..00000000 --- a/deployment_files/global/v1.0demo/software/config/Kubelet.yaml +++ /dev/null @@ -1,35 +0,0 @@ ---- -schema: promenade/Kubelet/v1 -metadata: - schema: metadata/Document/v1 - name: kubelet - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.pause - dest: - path: .images.pause - - src: - schema: pegleg/SeccompProfile/v1 - name: seccomp-default - path: .seccompDirPath - dest: - path: .arguments[7] - pattern: SECCOMP_PROFILE_ROOT -data: - arguments: - - --cni-bin-dir=/opt/cni/bin - - --cni-conf-dir=/etc/cni/net.d - - --eviction-max-pod-grace-period=-1 - - --eviction-hard="nodefs.available<1Gi,imagefs.available<1Gi" - - --eviction-minimum-reclaim="nodefs.available=1Gi,imagefs.available=1Gi" - - --network-plugin=cni - - --node-status-update-frequency=5s - - --seccomp-profile-root=SECCOMP_PROFILE_ROOT - - --serialize-image-pulls=false - - --v=5 diff --git a/deployment_files/global/v1.0demo/software/config/endpoints.yaml b/deployment_files/global/v1.0demo/software/config/endpoints.yaml deleted file mode 100644 index b8a11df8..00000000 --- a/deployment_files/global/v1.0demo/software/config/endpoints.yaml +++ /dev/null @@ -1,268 +0,0 @@ ---- -schema: pegleg/EndpointCatalogue/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_endpoints - labels: - name: ucp_endpoints - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - ucp: - identity: - namespace: ucp - name: keystone - hosts: - default: keystone - internal: keystone-api - host_fqdn_override: - default: null - path: - default: /v3 - scheme: - default: http - port: - api: - default: 80 - internal: 5000 - armada: - name: armada - hosts: - default: armada-api - public: armada - port: - api: - default: 8000 - path: - default: /api/v1.0 - scheme: - default: http - host_fqdn_override: - default: null - deckhand: - name: deckhand - hosts: - default: deckhand-int - public: deckhand-api - port: - api: - default: 9000 - path: - default: /api/v1.0 - scheme: - default: http - host_fqdn_override: - default: null - postgresql: - name: postgresql - hosts: - default: postgresql - path: /DB_NAME - scheme: postgresql+psycopg2 - port: - postgresql: - default: 5432 - host_fqdn_override: - default: null - oslo_db: - hosts: - default: mariadb - discovery: mariadb-discovery - host_fqdn_override: - default: null - path: /DB_NAME - scheme: mysql+pymysql - port: - mysql: - default: 3306 - wsrep: - default: 4567 - key_manager: - name: barbican - hosts: - default: barbican-api - public: barbican - host_fqdn_override: - default: null - path: - default: /v1 - scheme: - default: http - port: - api: - default: 9311 - public: 80 - airflow_oslo_messaging: - namespace: null - hosts: - default: rabbitmq - host_fqdn_override: - default: null - path: /airflow - scheme: amqp - port: - amqp: - default: 5672 - http: - default: 15672 - oslo_messaging: - namespace: null - hosts: - default: rabbitmq - host_fqdn_override: - default: null - path: /keystone - scheme: rabbit - port: - amqp: - default: 5672 - oslo_cache: - hosts: - default: memcached - host_fqdn_override: - default: null - port: - memcache: - default: 11211 - physicalprovisioner: - name: drydock - hosts: - default: drydock-api - port: - api: - default: 9000 - nodeport: 31900 - public: 80 - path: - default: /api/v1.0 - scheme: - default: http - host_fqdn_override: - default: null - maas_region: - name: maas-region - hosts: - default: maas-region - public: maas-region - scheme: - default: "http" - port: - region_ui: - default: 80 - public: 80 - host_fqdn_override: - default: null - maas_ingress: - hosts: - default: maas-ingress - error_pages: maas-ingress-error - host_fqdn_override: - public: null - port: - http: - default: 80 - https: - default: 443 - ingress_default_server: - default: 8383 - error_pages: - default: 8080 - podport: 8080 - healthz: - podport: 10259 - status: - podport: 18089 - kubernetesprovisioner: - name: promenade - hosts: - default: promenade-api - port: - api: - default: 80 - path: - default: /api/v1.0 - scheme: - default: http - host_fqdn_override: - default: null - shipyard: - name: shipyard - hosts: - default: shipyard-int - public: shipyard-api - port: - api: - default: 9000 - public: 80 - path: - default: /api/v1.0 - scheme: - default: http - host_fqdn_override: - default: null - airflow_web: - name: airflow-web - hosts: - default: airflow-web-int - public: airflow-web - port: - airflow_web: - default: 8080 - path: - default: / - scheme: - default: http - host_fqdn_override: - default: null - airflow_flower: - name: airflow-flower - hosts: - default: airflow-flower - port: - airflow_flower: - default: 5555 - path: - default: / - scheme: - default: http - host_fqdn_override: - default: null - ceph: - object_store: - name: swift - namespace: ceph - hosts: - default: ceph-rgw - host_fqdn_override: - default: null - path: - default: /swift/v1 - scheme: - default: http - port: - api: - default: 8088 - ceph_mon: - namespace: ceph - hosts: - default: ceph-mon - discovery: ceph-mon-discovery - host_fqdn_override: - default: null - port: - mon: - default: 6789 - ceph_mgr: - namespace: ceph - hosts: - default: ceph-mgr - host_fqdn_override: - default: null - port: - mgr: - default: 7000 - scheme: - default: http -... diff --git a/deployment_files/global/v1.0demo/software/config/service_accounts.yaml b/deployment_files/global/v1.0demo/software/config/service_accounts.yaml deleted file mode 100644 index 46eb4e2d..00000000 --- a/deployment_files/global/v1.0demo/software/config/service_accounts.yaml +++ /dev/null @@ -1,127 +0,0 @@ ---- -schema: pegleg/AccountCatalogue/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_service_accounts - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - ucp: - postgres: - admin: - username: postgres - oslo_db: - admin: - username: root - oslo_messaging: - admin: - username: rabbitmq - keystone: - admin: - region_name: RegionOne - username: admin - project_name: admin - user_domain_name: default - project_domain_name: default - oslo_messaging: - admin: - username: rabbitmq - keystone: - username: keystone - oslo_db: - username: keystone - database: keystone - promenade: - keystone: - region_name: RegionOne - role: admin - project_name: service - project_domain_name: default - user_domain_name: default - username: promenade - drydock: - keystone: - region_name: RegionOne - role: admin - project_name: service - project_domain_name: default - user_domain_name: default - username: drydock - postgres: - username: drydock - database: drydock - shipyard: - keystone: - region_name: RegionOne - role: admin - project_name: service - project_domain_name: default - user_domain_name: default - username: shipyard - postgres: - username: shipyard - database: shipyard - airflow: - postgres: - username: airflow - database: airflow - oslo_messaging: - admin: - username: rabbitmq - user: - username: airflow - maas: - admin: - username: admin - email: none@none - postgres: - username: maas - database: maasdb - barbican: - keystone: - region_name: RegionOne - role: admin - project_name: service - project_domain_name: default - user_domain_name: default - username: barbican - oslo_db: - username: barbican - database: barbican - oslo_messaging: - admin: - username: rabbitmq - keystone: - username: keystone - armada: - keystone: - project_domain_name: default - user_domain_name: default - project_name: service - region_name: RegionOne - role: admin - user_domain_name: default - username: armada - deckhand: - keystone: - region_name: RegionOne - role: admin - project_name: service - project_domain_name: default - user_domain_name: default - username: deckhand - postgres: - username: deckhand - database: deckhand - ceph: - swift: - keystone: - role: admin - region_name: RegionOne - username: swift - project_name: service - user_domain_name: default - project_domain_name: default -... diff --git a/deployment_files/global/v1.0demo/software/config/versions.yaml b/deployment_files/global/v1.0demo/software/config/versions.yaml deleted file mode 100644 index d25eb245..00000000 --- a/deployment_files/global/v1.0demo/software/config/versions.yaml +++ /dev/null @@ -1,719 +0,0 @@ ---- -schema: pegleg/SoftwareVersions/v1 -metadata: - schema: metadata/Document/v1 - name: software-versions - labels: - name: software-versions - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - charts: - kubernetes: - apiserver: - location: https://opendev.org/airship/promenade - reference: cfb8aa498c294c2adbc369ba5aaee19b49550d22 - subpath: charts/apiserver - type: git - apiserver-htk: - location: https://opendev.org/openstack/openstack-helm-infra - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - subpath: helm-toolkit - type: git - calico: - calico: - location: https://opendev.org/openstack/openstack-helm-infra - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - subpath: calico - type: git - calico-htk: - location: https://opendev.org/openstack/openstack-helm-infra - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - subpath: helm-toolkit - type: git - etcd: - location: https://opendev.org/airship/promenade - reference: 425d8bdff8b5fb9aadd22bfbf6de727986e7abe0 - subpath: charts/etcd - type: git - etcd-htk: - location: https://opendev.org/openstack/openstack-helm-infra - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - subpath: helm-toolkit - type: git - controller-manager: - location: https://opendev.org/airship/promenade - reference: 425d8bdff8b5fb9aadd22bfbf6de727986e7abe0 - subpath: charts/controller_manager - type: git - controller-manager-htk: - location: https://opendev.org/openstack/openstack-helm-infra - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - subpath: helm-toolkit - type: git - coredns: - location: https://opendev.org/airship/promenade - reference: 425d8bdff8b5fb9aadd22bfbf6de727986e7abe0 - subpath: charts/coredns - type: git - coredns-htk: - location: https://opendev.org/openstack/openstack-helm-infra - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - subpath: helm-toolkit - type: git - etcd: - location: https://opendev.org/airship/promenade - reference: 425d8bdff8b5fb9aadd22bfbf6de727986e7abe0 - subpath: charts/etcd - type: git - etcd-htk: - location: https://opendev.org/openstack/openstack-helm-infra - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - subpath: helm-toolkit - type: git - haproxy: - location: https://opendev.org/airship/promenade - reference: 425d8bdff8b5fb9aadd22bfbf6de727986e7abe0 - subpath: charts/haproxy - type: git - haproxy-htk: - location: https://opendev.org/openstack/openstack-helm-infra - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - subpath: helm-toolkit - type: git - ingress: - location: https://opendev.org/openstack/openstack-helm-infra - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - subpath: ingress - type: git - ingress-htk: - location: https://opendev.org/openstack/openstack-helm-infra - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - subpath: helm-toolkit - type: git - proxy: - location: https://opendev.org/airship/promenade - reference: 425d8bdff8b5fb9aadd22bfbf6de727986e7abe0 - subpath: charts/proxy - type: git - proxy-htk: - location: https://opendev.org/openstack/openstack-helm-infra - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - subpath: helm-toolkit - type: git - scheduler: - location: https://opendev.org/airship/promenade - reference: 425d8bdff8b5fb9aadd22bfbf6de727986e7abe0 - subpath: charts/scheduler - type: git - scheduler-htk: - location: https://opendev.org/openstack/openstack-helm-infra - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - subpath: helm-toolkit - type: git - ucp: - nfs_provisioner: - type: git - location: https://opendev.org/openstack/openstack-helm-infra - subpath: nfs-provisioner - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - nfs_htk: - type: git - location: https://opendev.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - armada: - location: https://opendev.org/airship/armada - reference: 709eb9ec9b78b76fd18b817ae6c7a32221e9d0c4 - subpath: charts/armada - type: git - armada-htk: - location: https://opendev.org/openstack/openstack-helm-infra - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - subpath: helm-toolkit - type: git - barbican: - location: https://opendev.org/openstack/openstack-helm - reference: 9d72fe1a501bc609a875eebf7b6274e18600ed70 - subpath: barbican - type: git - barbican-htk: - location: https://opendev.org/openstack/openstack-helm-infra - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - subpath: helm-toolkit - type: git - #TODO Update to split ceph charts - ceph: - type: git - location: https://opendev.org/openstack/openstack-helm - subpath: ceph - reference: f902cd14fac7de4c4c9f7d019191268a6b4e9601 - ceph-htk: - type: git - location: https://opendev.org/openstack/openstack-helm - subpath: helm-toolkit - reference: f902cd14fac7de4c4c9f7d019191268a6b4e9601 - deckhand: - location: https://opendev.org/airship/deckhand - reference: 464d2c0ea5ebb50bee615a0e0f2624c3aa40d9bd - subpath: charts/deckhand - type: git - deckhand-htk: - location: https://opendev.org/openstack/openstack-helm-infra - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - subpath: helm-toolkit - type: git - divingbell: - location: https://opendev.org/airship/divingbell - reference: 87dbc54044fd679f56123ffb1db9fefd35a77801 - subpath: divingbell - type: git - divingbell-htk: - location: https://opendev.org/openstack/openstack-helm-infra - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - subpath: helm-toolkit - type: git - drydock: - location: https://opendev.org/airship/drydock - reference: e2bb7cb0f9dd4f65cf2bcd6db50b6c6fc2c7f1de - subpath: charts/drydock - type: git - drydock-htk: - location: https://opendev.org/openstack/openstack-helm-infra - reference: 09366598b57a9ecd19fd34f5f844685bb6f2aabd - subpath: helm-toolkit - type: git - ingress: - location: https://opendev.org/openstack/openstack-helm-infra - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - subpath: ingress - type: git - ingress-htk: - location: https://opendev.org/openstack/openstack-helm-infra - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - subpath: helm-toolkit - type: git - keystone: - location: https://opendev.org/openstack/openstack-helm - reference: 9d72fe1a501bc609a875eebf7b6274e18600ed70 - subpath: keystone - type: git - keystone-htk: - location: https://opendev.org/openstack/openstack-helm-infra - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - subpath: helm-toolkit - type: git - maas: - location: https://opendev.org/airship/maas - reference: 922db8aee15f978b9e58a9a2a1c0052febc41aa8 - subpath: charts/maas - type: git - maas-htk: - location: https://opendev.org/openstack/openstack-helm-infra - reference: 09366598b57a9ecd19fd34f5f844685bb6f2aabd - subpath: helm-toolkit - type: git - mariadb: - location: https://opendev.org/openstack/openstack-helm-infra - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - subpath: mariadb - type: git - mariadb-htk: - location: https://opendev.org/openstack/openstack-helm-infra - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - subpath: helm-toolkit - type: git - memcached: - location: https://opendev.org/openstack/openstack-helm-infra - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - subpath: memcached - type: git - memcached-htk: - location: https://opendev.org/openstack/openstack-helm-infra - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - subpath: helm-toolkit - type: git - postgresql: - location: https://opendev.org/openstack/openstack-helm-infra - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - subpath: postgresql - type: git - postgresql-htk: - location: https://opendev.org/openstack/openstack-helm-infra - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - subpath: helm-toolkit - type: git - promenade: - location: https://opendev.org/airship/promenade - reference: cfb8aa498c294c2adbc369ba5aaee19b49550d22 - subpath: charts/promenade - type: git - promenade-htk: - location: https://opendev.org/openstack/openstack-helm-infra - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - subpath: helm-toolkit - type: git - rabbitmq: - location: https://opendev.org/openstack/openstack-helm-infra - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - subpath: rabbitmq - type: git - rabbitmq-htk: - location: https://opendev.org/openstack/openstack-helm-infra - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - subpath: helm-toolkit - type: git - shipyard: - location: https://opendev.org/airship/shipyard - reference: 4dd6b484d11e86ad51da733841b9ef137421d461 - subpath: charts/shipyard - type: git - shipyard-htk: - location: https://opendev.org/openstack/openstack-helm-infra - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - subpath: helm-toolkit - type: git - tiller: - location: https://opendev.org/airship/armada - reference: 709eb9ec9b78b76fd18b817ae6c7a32221e9d0c4 - subpath: charts/tiller - type: git - tiller-htk: - location: https://opendev.org/openstack/openstack-helm-infra - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - subpath: helm-toolkit - type: git - openstack: - glance: - type: git - location: https://opendev.org/openstack/openstack-helm - subpath: glance - reference: 92b04a735d6a26e6cffc5c83a4a7dccfdebba2b7 - glance-htk: - type: git - location: https://opendev.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - heat: - type: git - location: https://opendev.org/openstack/openstack-helm - subpath: heat - reference: 92b04a735d6a26e6cffc5c83a4a7dccfdebba2b7 - heat-htk: - type: git - location: https://opendev.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - horizon: - type: git - location: https://opendev.org/openstack/openstack-helm - subpath: horizon - reference: 92b04a735d6a26e6cffc5c83a4a7dccfdebba2b7 - horizon-htk: - type: git - location: https://opendev.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - ingress: - type: git - location: https://opendev.org/openstack/openstack-helm-infra - subpath: ingress - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - ingress-htk: - type: git - location: https://opendev.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - keystone: - type: git - location: https://opendev.org/openstack/openstack-helm - subpath: keystone - reference: 92b04a735d6a26e6cffc5c83a4a7dccfdebba2b7 - keystone-htk: - type: git - location: https://opendev.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - libvirt: - type: git - location: https://opendev.org/openstack/openstack-helm - subpath: libvirt - reference: 92b04a735d6a26e6cffc5c83a4a7dccfdebba2b7 - libvirt-htk: - type: git - location: https://opendev.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - mariadb: - type: git - location: https://opendev.org/openstack/openstack-helm - subpath: mariadb - reference: 92b04a735d6a26e6cffc5c83a4a7dccfdebba2b7 - mariadb-htk: - type: git - location: https://opendev.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - memcached: - type: git - location: https://opendev.org/openstack/openstack-helm-infra - subpath: memcached - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - memcached-htk: - type: git - location: https://opendev.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - neutron: - type: git - location: https://opendev.org/openstack/openstack-helm - subpath: neutron - reference: 92b04a735d6a26e6cffc5c83a4a7dccfdebba2b7 - neutron-htk: - type: git - location: https://opendev.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - nova: - type: git - location: https://opendev.org/openstack/openstack-helm - subpath: nova - reference: 112e15b1655285194593a7afca4352ce046c7a47 - nova-htk: - type: git - location: https://opendev.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - openvswitch: - type: git - location: https://opendev.org/openstack/openstack-helm - subpath: openvswitch - reference: 92b04a735d6a26e6cffc5c83a4a7dccfdebba2b7 - openvswitch-htk: - type: git - location: https://opendev.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - rabbitmq: - type: git - location: https://opendev.org/openstack/openstack-helm-infra - subpath: rabbitmq - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - rabbitmq-htk: - type: git - location: https://opendev.org/openstack/openstack-helm-infra - subpath: helm-toolkit - reference: cd4ec0b4b22f44673f66f42240a11131a6950ed9 - - files: - kubelet: https://dl.k8s.io/v1.10.2/kubernetes-node-linux-amd64.tar.gz - - images_refs: - images: - dep_check: &dep_check quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - heat: &heat docker.io/openstackhelm/heat:ocata - neutron: &neutron docker.io/openstackhelm/neutron:ocata - horizon: &horizon docker.io/openstackhelm/horizon:ocata - cinder: &cinder docker.io/openstackhelm/cinder:ocata - keystone: &keystone docker.io/openstackhelm/keystone:ocata - nova: &nova docker.io/openstackhelm/nova:ocata - glance: &glance docker.io/openstackhelm/glance:ocata - rabbitmq: &rabbitmq docker.io/rabbitmq:3.7-management - rally_test: &rally_test docker.io/kolla/ubuntu-source-rally:ocata - memcached: &memcached docker.io/memcached:1.5.5 - mariadb_db: &mariadb_db docker.io/mariadb:10.2.13 - nova_novncproxy: &nova_novncproxy docker.io/kolla/ubuntu-source-nova-novncproxy:3.0.3 - nova_spiceproxy: &nova_spiceproxy docker.io/kolla/ubuntu-source-nova-spicehtml5proxy:3.0.3 - ceph_daemon: &ceph_daemon docker.io/ceph/daemon:tag-build-master-luminous-ubuntu-16.04 - openvswitch: &openvswitch docker.io/openstackhelm/openvswitch:v2.8.1 - os_barbican: &os_barbican docker.io/openstackhelm/barbican:ocata - libvirt: &libvirt docker.io/openstackhelm/libvirt:ubuntu-xenial-1.3.1 - ingress_controller: &ingress_controller quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.20.0 - ingress_error_pages: &ingress_error_pages gcr.io/google-containers/defaultbackend:1.0 - # should probably be moved to https://quay.io/repository/airshipit/ - storage_init: &storage_init docker.io/port/ceph-config-helper:v1.10.2 - keystone: &ref_keystone - ks_endpoints: *heat - ks_service: *heat - ks_user: *heat - - images: - ucp: - armada: - api: quay.io/airshipit/armada:b5432ea39423a14ab41f218cb23301aeb3b1500d-ubuntu_xenial - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - ks_endpoints: docker.io/openstackhelm/heat:ocata - ks_service: docker.io/openstackhelm/heat:ocata - ks_user: docker.io/openstackhelm/heat:ocata - helm: lachlanevenson/k8s-helm:v2.14.1 - tiller: gcr.io/kubernetes-helm/tiller:v2.14.1 - deckhand: - db_init: docker.io/postgres:9.5 - db_sync: quay.io/airshipit/deckhand:464d2c0ea5ebb50bee615a0e0f2624c3aa40d9bd - deckhand: quay.io/airshipit/deckhand:464d2c0ea5ebb50bee615a0e0f2624c3aa40d9bd - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - ks_endpoints: docker.io/openstackhelm/heat:ocata - ks_service: docker.io/openstackhelm/heat:ocata - ks_user: docker.io/openstackhelm/heat:ocata - divingbell: - divingbell: docker.io/ubuntu:16.04 - drydock: - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - drydock: quay.io/airshipit/drydock:e2bb7cb0f9dd4f65cf2bcd6db50b6c6fc2c7f1de - drydock_db_init: docker.io/postgres:9.5 - drydock_db_sync: quay.io/airshipit/drydock:e2bb7cb0f9dd4f65cf2bcd6db50b6c6fc2c7f1de - ks_endpoints: docker.io/openstackhelm/heat:ocata - ks_service: docker.io/openstackhelm/heat:ocata - ks_user: docker.io/openstackhelm/heat:ocata - maas: - bootstrap: quay.io/airshipit/maas-region-controller:922db8aee15f978b9e58a9a2a1c0052febc41aa8 - db_init: docker.io/postgres:9.5 - db_sync: quay.io/airshipit/maas-region-controller:922db8aee15f978b9e58a9a2a1c0052febc41aa8 - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - export_api_key: quay.io/airshipit/maas-region-controller:922db8aee15f978b9e58a9a2a1c0052febc41aa8 - maas_cache: quay.io/airshipit/sstream-cache:922db8aee15f978b9e58a9a2a1c0052febc41aa8 - maas_rack: quay.io/airshipit/maas-rack-controller:922db8aee15f978b9e58a9a2a1c0052febc41aa8 - maas_region: quay.io/airshipit/maas-region-controller:922db8aee15f978b9e58a9a2a1c0052febc41aa8 - promenade: - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - image_repo_sync: docker.io/docker:17.07.0 - ks_endpoints: docker.io/openstackhelm/heat:ocata - ks_service: docker.io/openstackhelm/heat:ocata - ks_user: docker.io/openstackhelm/heat:ocata - promenade: quay.io/airshipit/promenade:cfb8aa498c294c2adbc369ba5aaee19b49550d22 - shipyard: - airflow: quay.io/airshipit/airflow:4dd6b484d11e86ad51da733841b9ef137421d461 - airflow_db_init: docker.io/postgres:9.5 - airflow_db_sync: quay.io/airshipit/airflow:4dd6b484d11e86ad51da733841b9ef137421d461 - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - image_repo_sync: docker.io/docker:17.07.0 - ks_endpoints: docker.io/openstackhelm/heat:ocata - ks_service: docker.io/openstackhelm/heat:ocata - ks_user: docker.io/openstackhelm/heat:ocata - shipyard: quay.io/airshipit/shipyard:4dd6b484d11e86ad51da733841b9ef137421d461 - shipyard_db_init: docker.io/postgres:9.5 - shipyard_db_sync: quay.io/airshipit/shipyard:4dd6b484d11e86ad51da733841b9ef137421d461 - tiller: - tiller: gcr.io/kubernetes-helm/tiller:v2.14.1 - barbican: - bootstrap: docker.io/openstackhelm/heat:ocata - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - scripted_test: docker.io/openstackhelm/heat:ocata - db_init: docker.io/openstackhelm/heat:ocata - barbican_db_sync: docker.io/openstackhelm/barbican:ocata - db_drop: docker.io/openstackhelm/heat:ocata - ks_endpoints: docker.io/openstackhelm/heat:ocata - ks_service: docker.io/openstackhelm/heat:ocata - ks_user: docker.io/openstackhelm/heat:ocata - barbican_api: docker.io/openstackhelm/barbican:ocata - keystone: - keystone_bootstrap: docker.io/openstackhelm/heat:ocata - test: docker.io/kolla/ubuntu-source-rally:ocata - db_init: docker.io/openstackhelm/heat:ocata - keystone_db_sync: docker.io/openstackhelm/keystone:ocata - db_drop: docker.io/openstackhelm/heat:ocata - keystone_fernet_setup: docker.io/openstackhelm/keystone:ocata - keystone_fernet_rotate: docker.io/openstackhelm/keystone:ocata - keystone_credential_setup: docker.io/openstackhelm/keystone:ocata - keystone_credential_rotate: docker.io/openstackhelm/keystone:ocata - keystone_api: docker.io/openstackhelm/keystone:ocata - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - mariadb: - mariadb: docker.io/openstackhelm/mariadb:10.2.18 - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - postgresql: - postgresql: docker.io/postgres:9.5 - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - memcached: - memcached: docker.io/memcached:1.5.5 - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - rabbitmq: - rabbitmq: docker.io/rabbitmq:3.7.4 - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - #TODO Update to split ceph charts - ceph: - ceph: - ks_endpoints: docker.io/openstackhelm/heat:ocata - ks_service: docker.io/openstackhelm/heat:ocata - ks_user: docker.io/openstackhelm/heat:ocata - ceph_bootstrap: docker.io/ceph/daemon:tag-build-master-luminous-ubuntu-16.04 - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - ceph_daemon: docker.io/ceph/daemon:tag-build-master-luminous-ubuntu-16.04 - ceph_config_helper: docker.io/port/ceph-config-helper:v1.7.5 - ceph_rbd_provisioner: quay.io/external_storage/rbd-provisioner:v0.1.1 - ceph_cephfs_provisioner: quay.io/external_storage/cephfs-provisioner:v0.1.1 - storage: - nfs_provisioner: - nfs_provisioner: quay.io/kubernetes_incubator/nfs-provisioner:v1.0.8 - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - image_repo_sync: docker.io/docker:17.07.0 - kubernetes: - apiserver: - anchor: gcr.io/google_containers/hyperkube-amd64:v1.10.2 - apiserver: gcr.io/google_containers/hyperkube-amd64:v1.10.2 - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.0 - controller-manager: - anchor: gcr.io/google_containers/hyperkube-amd64:v1.10.2 - controller_manager: gcr.io/google_containers/hyperkube-amd64:v1.10.2 - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.0 - coredns: - coredns: coredns/coredns:1.0.5 - haproxy: - haproxy: haproxy:1.8.3 - anchor: gcr.io/google_containers/hyperkube-amd64:v1.10.2 - etcd: - etcd: quay.io/coreos/etcd:v3.2.14 - etcdctl: quay.io/coreos/etcd:v3.2.14 - kubectl: gcr.io/google_containers/hyperkube-amd64:v1.10.2 - pause: gcr.io/google_containers/pause-amd64:3.1 - scheduler: - anchor: gcr.io/google_containers/hyperkube-amd64:v1.10.2 - scheduler: gcr.io/google_containers/hyperkube-amd64:v1.10.2 - proxy: - proxy: gcr.io/google_containers/hyperkube-amd64:v1.10.2 - calico: - etcd: - etcd: quay.io/coreos/etcd:v3.2.14 - etcdctl: quay.io/coreos/etcd:v3.2.14 - calico: - cni: quay.io/calico/cni:v3.2.1 - ctl: quay.io/calico/ctl:release-v3.2-amd64 - kube_controllers: quay.io/calico/kube-controllers:v3.2.1 - node: quay.io/calico/node:v3.2.1 - settings: quay.io/calico/ctl:release-v3.2-amd64 - osh: - memcached: - dep_check: *dep_check - memcached: *memcached - barbican: - bootstrap: *heat - dep_check: *dep_check - scripted_test: *heat - db_init: *heat - barbican_db_sync: *os_barbican - db_drop: *heat - <<: *ref_keystone - barbican_api: *os_barbican - rabbit_init: *rabbitmq - glance: - test: *rally_test - glance_storage_init: *storage_init - db_init: *heat - glance_db_sync: *glance - db_drop: *heat - <<: *ref_keystone - glance_api: *glance - glance_registry: *glance - # Bootstrap image requires curl - bootstrap: *heat - dep_check: *dep_check - rabbit_init: *rabbitmq - heat: - test: *rally_test - bootstrap: *heat - db_init: *heat - heat_db_sync: *heat - db_drop: *heat - <<: *ref_keystone - heat_api: *heat - heat_cfn: *heat - heat_cloudwatch: *heat - heat_engine: *heat - heat_engine_cleaner: *heat - dep_check: *dep_check - rabbit_init: *rabbitmq - horizon: - db_init: *heat - horizon_db_sync: *horizon - db_drop: *heat - horizon: *horizon - dep_check: *dep_check - ingress: - entrypoint: *dep_check - ingress: *ingress_controller - error_pages: *ingress_error_pages - dep_check: *dep_check - keystone: - bootstrap: *heat - test: *rally_test - db_init: *heat - keystone_db_sync: *keystone - db_drop: *heat - <<: *ref_keystone - keystone_fernet_setup: *keystone - keystone_fernet_rotate: *keystone - keystone_credential_setup: *keystone - keystone_credential_rotate: *keystone - keystone_api: *keystone - keystone_domain_manage: *keystone - dep_check: *dep_check - rabbit_init: *rabbitmq - libvirt: - libvirt: *libvirt - dep_check: *dep_check - mariadb: - mariadb: *mariadb_db - # NOTE: nginx-ingress-controller > 0.9.0 is not compatible with MariaDB. - ingress: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.9.0 - error_pages: *ingress_error_pages - prometheus_create_mysql_user: *mariadb_db - prometheus_mysql_exporter: docker.io/prom/mysqld-exporter:v0.10.0 - prometheus_mysql_exporter_helm_tests: *heat - dep_check: *dep_check - image_repo_sync: docker.io/docker:17.07.0 - neutron: - bootstrap: *heat - test: *rally_test - db_init: *heat - neutron_db_sync: *neutron - db_drop: *heat - <<: *ref_keystone - neutron_server: *neutron - neutron_dhcp: *neutron - neutron_metadata: *neutron - neutron_l3: *neutron - neutron_openvswitch_agent: *neutron - neutron_linuxbridge_agent: *neutron - dep_check: *dep_check - rabbit_init: *rabbitmq - nova: - bootstrap: *heat - db_drop: *heat - db_init: *heat - dep_check: *dep_check - <<: *ref_keystone - nova_api: *nova - nova_cell_setup: *nova - nova_cell_setup_init: *heat - nova_compute: *nova - nova_compute_ssh: *nova - nova_conductor: *nova - nova_consoleauth: *nova - nova_db_sync: *nova - nova_novncproxy: *nova - nova_novncproxy_assets: *nova_novncproxy - nova_placement: *nova - nova_scheduler: *nova - nova_spiceproxy: *nova - nova_spiceproxy_assets: *nova_spiceproxy - test: *rally_test - rabbit_init: *rabbitmq - openvswitch: - openvswitch_db_server: *openvswitch - openvswitch_vswitchd: *openvswitch - dep_check: *dep_check - rabbitmq: - prometheus_rabbitmq_exporter: docker.io/kbudde/rabbitmq-exporter:v0.21.0 - prometheus_rabbitmq_exporter_helm_tests: *heat - rabbitmq: docker.io/rabbitmq:3.7.4 - dep_check: *dep_check - packages: - named: - docker: docker.io - socat: socat=1.7.3.1-1 - unnamed: - # nfs-common for the nfs provisioner - dev only. - - nfs-common - - ceph-common diff --git a/deployment_files/global/v1.0demo/software/manifests/bootstrap.yaml b/deployment_files/global/v1.0demo/software/manifests/bootstrap.yaml deleted file mode 100644 index 8563fed7..00000000 --- a/deployment_files/global/v1.0demo/software/manifests/bootstrap.yaml +++ /dev/null @@ -1,23 +0,0 @@ ---- -schema: armada/Manifest/v1 -metadata: - schema: metadata/Document/v1 - name: cluster-bootstrap - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - release_prefix: airship - chart_groups: - - kubernetes-proxy - - kubernetes-container-networking - - kubernetes-dns - - kubernetes-etcd - - kubernetes-core - - ingress-kube-system - - ucp-storage-provisioner - - ucp-core - - ucp-keystone - - ucp-divingbell - - ucp-services diff --git a/deployment_files/global/v1.0demo/software/manifests/full-site.yaml b/deployment_files/global/v1.0demo/software/manifests/full-site.yaml deleted file mode 100644 index 3f4a1e9c..00000000 --- a/deployment_files/global/v1.0demo/software/manifests/full-site.yaml +++ /dev/null @@ -1,27 +0,0 @@ ---- -schema: armada/Manifest/v1 -metadata: - schema: metadata/Document/v1 - name: full-site - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - release_prefix: airship - chart_groups: - - kubernetes-proxy - - kubernetes-container-networking - - kubernetes-dns - - kubernetes-etcd - - kubernetes-core - - ingress-kube-system - - ucp-storage-provisioner - - ucp-core - - ucp-keystone - - ucp-divingbell - - ucp-services - - openstack-ingress-controller - - openstack-component-infrastructure - - openstack-component-shared - - openstack-compute-kit diff --git a/deployment_files/site/demo/deployment/deploymentConfiguration.yaml b/deployment_files/site/demo/deployment/deploymentConfiguration.yaml deleted file mode 100644 index bf0b3b1c..00000000 --- a/deployment_files/site/demo/deployment/deploymentConfiguration.yaml +++ /dev/null @@ -1,30 +0,0 @@ ---- -schema: shipyard/DeploymentConfiguration/v1 -metadata: - schema: metadata/Document/v1 - name: deployment-configuration - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - physical_provisioner: - deploy_interval: 30 - deploy_timeout: 3600 - destroy_interval: 30 - destroy_timeout: 900 - join_wait: 120 - prepare_node_interval: 30 - prepare_node_timeout: 1000 - prepare_site_interval: 10 - prepare_site_timeout: 300 - verify_interval: 10 - verify_timeout: 60 - kubernetes_provisioner: - drain_timeout: 3600 - drain_grace_period: 1800 - clear_labels_timeout: 1800 - remove_etcd_timeout: 1800 - etcd_ready_timeout: 600 - armada: - manifest: 'full-site' diff --git a/deployment_files/site/demo/deployment/dev-configurables.yaml b/deployment_files/site/demo/deployment/dev-configurables.yaml deleted file mode 100644 index ad6da40f..00000000 --- a/deployment_files/site/demo/deployment/dev-configurables.yaml +++ /dev/null @@ -1,10 +0,0 @@ ---- -schema: dev/Configurables/v1 -metadata: - schema: metadata/Document/v1 - name: dev-configurables - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -# Data section provided by deploy_ucp.sh script diff --git a/deployment_files/site/demo/networks/common-addresses.yaml b/deployment_files/site/demo/networks/common-addresses.yaml deleted file mode 100644 index 9792c420..00000000 --- a/deployment_files/site/demo/networks/common-addresses.yaml +++ /dev/null @@ -1,105 +0,0 @@ ---- -schema: pegleg/CommonAddresses/v1 -metadata: - schema: metadata/Document/v1 - name: common-addresses - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .interface - dest: - path: .calico.ip_autodetection_method - pattern: REPLACEME - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostname - dest: - path: .genesis.hostname - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostip - dest: - path: .genesis.ip - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostip - dest: - path: .bootstrap.ip - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostcidr - dest: - path: .storage.ceph.public_cidr - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostcidr - dest: - path: .storage.ceph.cluster_cidr - - -data: - calico: - ip_autodetection_method: 'interface=REPLACEME' - etcd: - service_ip: 10.96.232.136 - - dns: - cluster_domain: cluster.local - node_domain: gate.local - service_ip: 10.96.0.10 - upstream_servers: - - 8.8.8.8 - - 8.8.4.4 - upstream_servers_joined: 8.8.8.8,8.8.4.4 - - genesis: - hostname: REPLACEME - ip: REPLACEME - - bootstrap: - ip: REPLACEME - - kubernetes: - api_service_ip: 10.96.0.1 - etcd_service_ip: 10.96.0.2 - pod_cidr: 10.97.0.0/16 - service_cidr: 10.96.0.0/16 - apiserver_port: 6443 - haproxy_port: 6553 - service_node_port_range: 30000-32767 - - etcd: - container_port: 2379 - haproxy_port: 2378 - - proxy: - http: - https: - no_proxy: - - node_ports: - drydock_api: 30000 - maas_api: 30001 - maas_proxy: 31800 - shipyard_api: 30003 - airflow_web: 30004 - - ntp: - servers_joined: ntp.ubuntu.com - - storage: - ceph: - public_cidr: REPLACEME - cluster_cidr: REPLACEME -... diff --git a/deployment_files/site/demo/pki/pki-catalog.yaml b/deployment_files/site/demo/pki/pki-catalog.yaml deleted file mode 100644 index 2ef1cc84..00000000 --- a/deployment_files/site/demo/pki/pki-catalog.yaml +++ /dev/null @@ -1,181 +0,0 @@ ---- -schema: promenade/PKICatalog/v1 -metadata: - schema: metadata/Document/v1 - name: cluster-certificates - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext - substitutions: - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostname - dest: - path: .certificate_authorities.kubernetes.certificates[1].hosts[0] - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostip - dest: - path: .certificate_authorities.kubernetes.certificates[1].hosts[1] - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostname - dest: - path: .certificate_authorities.kubernetes.certificates[1].common_name - pattern: HOSTNAME - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostname - dest: - path: .certificate_authorities.kubernetes.certificates[1].common_name - pattern: HOSTNAME - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostname - dest: - path: .certificate_authorities.kubernetes-etcd.certificates[2].hosts[0] - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostip - dest: - path: .certificate_authorities.kubernetes-etcd.certificates[2].hosts[1] - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostname - dest: - path: .certificate_authorities.kubernetes-etcd-peer.certificates[0].hosts[0] - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostip - dest: - path: .certificate_authorities.kubernetes-etcd-peer.certificates[0].hosts[1] - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostname - dest: - path: .certificate_authorities.calico-etcd.certificates[1].hosts[0] - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostip - dest: - path: .certificate_authorities.calico-etcd.certificates[1].hosts[1] - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostname - dest: - path: .certificate_authorities.calico-etcd-peer.certificates[1].hosts[0] - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostip - dest: - path: .certificate_authorities.calico-etcd-peer.certificates[1].hosts[1] -data: - certificate_authorities: - kubernetes: - description: CA for Kubernetes components - certificates: - - document_name: apiserver - description: Service certificate for Kubernetes apiserver - common_name: apiserver - hosts: - - localhost - - 127.0.0.1 - - 10.96.0.1 - kubernetes_service_names: - - kubernetes.default.svc.cluster.local - - document_name: kubelet-genesis - common_name: system:node:HOSTNAME - hosts: - - REPLACEME_HOST_NAME - - REPLACEME_HOST_IP - groups: - - system:nodes - - document_name: scheduler - description: Service certificate for Kubernetes scheduler - common_name: system:kube-scheduler - - document_name: controller-manager - description: certificate for controller-manager - common_name: system:kube-controller-manager - - document_name: admin - common_name: admin - groups: - - system:masters - - document_name: armada - common_name: armada - groups: - - system:masters - kubernetes-etcd: - description: Certificates for Kubernetes's etcd servers - certificates: - - document_name: apiserver-etcd - description: etcd client certificate for use by Kubernetes apiserver - common_name: apiserver - - document_name: kubernetes-etcd-anchor - description: anchor - common_name: anchor - - document_name: kubernetes-etcd-genesis - common_name: kubernetes-etcd-genesis - hosts: - - REPLACEME_HOST_NAME - - REPLACEME_HOST_IP - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - kubernetes-etcd-peer: - certificates: - - document_name: kubernetes-etcd-genesis-peer - common_name: kubernetes-etcd-genesis-peer - hosts: - - REPLACEME_HOST_NAME - - REPLACEME_HOST_IP - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - calico-etcd: - description: Certificates for Calico etcd client traffic - certificates: - - document_name: calico-etcd-anchor - description: anchor - common_name: anchor - - document_name: calico-etcd-genesis - common_name: calico-etcd-genesis - hosts: - - REPLACEME_HOST_NAME - - REPLACEME_HOST_IP - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-node - common_name: calcico-node - calico-etcd-peer: - description: Certificates for Calico etcd clients - certificates: - - document_name: calico-etcd-genesis-peer - common_name: calico-etcd-genesis-peer - hosts: - - REPLACEME_HOST_NAME - - REPLACEME_HOST_IP - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-node-peer - common_name: calcico-node-peer - keypairs: - - name: service-account - description: Service account signing key for use by Kubernetes controller-manager. -... diff --git a/deployment_files/site/demo/secrets/passphrases/ceph_swift_keystone_password.yaml b/deployment_files/site/demo/secrets/passphrases/ceph_swift_keystone_password.yaml deleted file mode 100644 index 4f45cbe0..00000000 --- a/deployment_files/site/demo/secrets/passphrases/ceph_swift_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ceph_swift_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password1 -... diff --git a/deployment_files/site/demo/secrets/passphrases/ipmi_admin_password.yaml b/deployment_files/site/demo/secrets/passphrases/ipmi_admin_password.yaml deleted file mode 100644 index 7f2e7941..00000000 --- a/deployment_files/site/demo/secrets/passphrases/ipmi_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ipmi_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: calvin -... diff --git a/deployment_files/site/demo/secrets/passphrases/maas_region_secret.yaml b/deployment_files/site/demo/secrets/passphrases/maas_region_secret.yaml deleted file mode 100644 index aedf9281..00000000 --- a/deployment_files/site/demo/secrets/passphrases/maas_region_secret.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: maas-region-key - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: 3858f62230ac3c915f300c664312c63f -... diff --git a/deployment_files/site/demo/secrets/passphrases/ucp_airflow_oslo_messaging_password.yaml b/deployment_files/site/demo/secrets/passphrases/ucp_airflow_oslo_messaging_password.yaml deleted file mode 100644 index 66791a4d..00000000 --- a/deployment_files/site/demo/secrets/passphrases/ucp_airflow_oslo_messaging_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_airflow_oslo_messaging_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password20 -... diff --git a/deployment_files/site/demo/secrets/passphrases/ucp_airflow_postgres_password.yaml b/deployment_files/site/demo/secrets/passphrases/ucp_airflow_postgres_password.yaml deleted file mode 100644 index 119a8a40..00000000 --- a/deployment_files/site/demo/secrets/passphrases/ucp_airflow_postgres_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_airflow_postgres_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password2 -... diff --git a/deployment_files/site/demo/secrets/passphrases/ucp_armada_keystone_password.yaml b/deployment_files/site/demo/secrets/passphrases/ucp_armada_keystone_password.yaml deleted file mode 100644 index cbb8575e..00000000 --- a/deployment_files/site/demo/secrets/passphrases/ucp_armada_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_armada_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password3 -... diff --git a/deployment_files/site/demo/secrets/passphrases/ucp_barbican_keystone_password.yaml b/deployment_files/site/demo/secrets/passphrases/ucp_barbican_keystone_password.yaml deleted file mode 100644 index e786cbb3..00000000 --- a/deployment_files/site/demo/secrets/passphrases/ucp_barbican_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_barbican_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password4 -... diff --git a/deployment_files/site/demo/secrets/passphrases/ucp_barbican_oslo_db_password.yaml b/deployment_files/site/demo/secrets/passphrases/ucp_barbican_oslo_db_password.yaml deleted file mode 100644 index 7f21161f..00000000 --- a/deployment_files/site/demo/secrets/passphrases/ucp_barbican_oslo_db_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_barbican_oslo_db_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password5 -... diff --git a/deployment_files/site/demo/secrets/passphrases/ucp_deckhand_keystone_password.yaml b/deployment_files/site/demo/secrets/passphrases/ucp_deckhand_keystone_password.yaml deleted file mode 100644 index 6532aae8..00000000 --- a/deployment_files/site/demo/secrets/passphrases/ucp_deckhand_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_deckhand_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password6 -... diff --git a/deployment_files/site/demo/secrets/passphrases/ucp_deckhand_postgres_password.yaml b/deployment_files/site/demo/secrets/passphrases/ucp_deckhand_postgres_password.yaml deleted file mode 100644 index d78dde68..00000000 --- a/deployment_files/site/demo/secrets/passphrases/ucp_deckhand_postgres_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_deckhand_postgres_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password7 -... diff --git a/deployment_files/site/demo/secrets/passphrases/ucp_drydock_keystone_password.yaml b/deployment_files/site/demo/secrets/passphrases/ucp_drydock_keystone_password.yaml deleted file mode 100644 index 9a97f8f6..00000000 --- a/deployment_files/site/demo/secrets/passphrases/ucp_drydock_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_drydock_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password8 -... diff --git a/deployment_files/site/demo/secrets/passphrases/ucp_drydock_postgres_password.yaml b/deployment_files/site/demo/secrets/passphrases/ucp_drydock_postgres_password.yaml deleted file mode 100644 index de755270..00000000 --- a/deployment_files/site/demo/secrets/passphrases/ucp_drydock_postgres_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_drydock_postgres_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password9 -... diff --git a/deployment_files/site/demo/secrets/passphrases/ucp_keystone_admin_password.yaml b/deployment_files/site/demo/secrets/passphrases/ucp_keystone_admin_password.yaml deleted file mode 100644 index 76e00856..00000000 --- a/deployment_files/site/demo/secrets/passphrases/ucp_keystone_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_keystone_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password10 -... diff --git a/deployment_files/site/demo/secrets/passphrases/ucp_keystone_oslo_db_password.yaml b/deployment_files/site/demo/secrets/passphrases/ucp_keystone_oslo_db_password.yaml deleted file mode 100644 index c06c742f..00000000 --- a/deployment_files/site/demo/secrets/passphrases/ucp_keystone_oslo_db_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_keystone_oslo_db_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password11 -... diff --git a/deployment_files/site/demo/secrets/passphrases/ucp_maas_admin_password.yaml b/deployment_files/site/demo/secrets/passphrases/ucp_maas_admin_password.yaml deleted file mode 100644 index 4242f37e..00000000 --- a/deployment_files/site/demo/secrets/passphrases/ucp_maas_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_maas_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password12 -... diff --git a/deployment_files/site/demo/secrets/passphrases/ucp_maas_postgres_password.yaml b/deployment_files/site/demo/secrets/passphrases/ucp_maas_postgres_password.yaml deleted file mode 100644 index e3a83ecc..00000000 --- a/deployment_files/site/demo/secrets/passphrases/ucp_maas_postgres_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_maas_postgres_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password13 -... diff --git a/deployment_files/site/demo/secrets/passphrases/ucp_oslo_db_admin_password.yaml b/deployment_files/site/demo/secrets/passphrases/ucp_oslo_db_admin_password.yaml deleted file mode 100644 index bb77ab63..00000000 --- a/deployment_files/site/demo/secrets/passphrases/ucp_oslo_db_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_oslo_db_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password14 -... diff --git a/deployment_files/site/demo/secrets/passphrases/ucp_oslo_messaging_password.yaml b/deployment_files/site/demo/secrets/passphrases/ucp_oslo_messaging_password.yaml deleted file mode 100644 index 0ff710c6..00000000 --- a/deployment_files/site/demo/secrets/passphrases/ucp_oslo_messaging_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_oslo_messaging_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password15 -... diff --git a/deployment_files/site/demo/secrets/passphrases/ucp_postgres_admin_password.yaml b/deployment_files/site/demo/secrets/passphrases/ucp_postgres_admin_password.yaml deleted file mode 100644 index 85f97901..00000000 --- a/deployment_files/site/demo/secrets/passphrases/ucp_postgres_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_postgres_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password16 -... diff --git a/deployment_files/site/demo/secrets/passphrases/ucp_promenade_keystone_password.yaml b/deployment_files/site/demo/secrets/passphrases/ucp_promenade_keystone_password.yaml deleted file mode 100644 index 17668eed..00000000 --- a/deployment_files/site/demo/secrets/passphrases/ucp_promenade_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_promenade_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password17 -... diff --git a/deployment_files/site/demo/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml b/deployment_files/site/demo/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml deleted file mode 100644 index 99d8d8b8..00000000 --- a/deployment_files/site/demo/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_rabbitmq_erlang_cookie - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: 111df8c05b0f041d4764 -... diff --git a/deployment_files/site/demo/secrets/passphrases/ucp_shipyard_keystone_password.yaml b/deployment_files/site/demo/secrets/passphrases/ucp_shipyard_keystone_password.yaml deleted file mode 100644 index ff5b8240..00000000 --- a/deployment_files/site/demo/secrets/passphrases/ucp_shipyard_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_shipyard_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password18 -... diff --git a/deployment_files/site/demo/secrets/passphrases/ucp_shipyard_postgres_password.yaml b/deployment_files/site/demo/secrets/passphrases/ucp_shipyard_postgres_password.yaml deleted file mode 100644 index d6c8044c..00000000 --- a/deployment_files/site/demo/secrets/passphrases/ucp_shipyard_postgres_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_shipyard_postgres_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password19 -... diff --git a/deployment_files/site/demo/site-definition.yaml b/deployment_files/site/demo/site-definition.yaml deleted file mode 100644 index 0a4beb02..00000000 --- a/deployment_files/site/demo/site-definition.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -data: - revision: v1.0demo - site_type: single-node -metadata: - layeringDefinition: {abstract: false, layer: site} - name: demo - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: pegleg/SiteDefinition/v1 -... diff --git a/deployment_files/site/demo/software/charts/kubernetes/container-networking/etcd.yaml b/deployment_files/site/demo/software/charts/kubernetes/container-networking/etcd.yaml deleted file mode 100644 index ba982651..00000000 --- a/deployment_files/site/demo/software/charts/kubernetes/container-networking/etcd.yaml +++ /dev/null @@ -1,122 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-calico-etcd - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: kubernetes-calico-etcd-global - actions: - - method: merge - path: . - storagePolicy: cleartext - substitutions: - - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.calico.etcd - dest: - path: .source - - # Image versions - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.calico.etcd - dest: - path: .values.images.tags - - # IP addresses - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .calico.etcd.service_ip - dest: - path: .values.service.ip - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .calico.etcd.service_ip - dest: - path: .values.anchor.etcdctl_endpoint - - # CAs - - - src: - schema: deckhand/CertificateAuthority/v1 - name: calico-etcd - path: . - dest: - path: .values.secrets.tls.client.ca - - - src: - schema: deckhand/CertificateAuthority/v1 - name: calico-etcd-peer - path: . - dest: - path: .values.secrets.tls.peer.ca - - # Anchor client cert - - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-anchor - path: . - dest: - path: .values.secrets.anchor.tls.cert - - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-anchor - path: . - dest: - path: .values.secrets.anchor.tls.key - - # Node names - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .genesis.hostname - dest: - path: .values.nodes[0].name - - # Server certs - - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-genesis - path: . - dest: - path: .values.nodes[0].tls.client.cert - - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-genesis - path: . - dest: - path: .values.nodes[0].tls.client.key - - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-genesis-peer - path: . - dest: - path: .values.nodes[0].tls.peer.cert - - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-genesis-peer - path: . - dest: - path: .values.nodes[0].tls.peer.key - -data: {} - -... diff --git a/deployment_files/site/demo/software/charts/kubernetes/etcd/etcd.yaml b/deployment_files/site/demo/software/charts/kubernetes/etcd/etcd.yaml deleted file mode 100644 index 1bd02c83..00000000 --- a/deployment_files/site/demo/software/charts/kubernetes/etcd/etcd.yaml +++ /dev/null @@ -1,121 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-etcd - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: kubernetes-etcd-global - actions: - - method: merge - path: . - storagePolicy: cleartext - substitutions: - - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.etcd - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.etcd - dest: - path: .values.images.tags - - # IP addresses - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.etcd_service_ip - dest: - path: .values.service.ip - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.etcd_service_ip - dest: - path: .values.anchor.etcdctl_endpoint - - # CAs - - - src: - schema: deckhand/CertificateAuthority/v1 - name: kubernetes-etcd - path: . - dest: - path: .values.secrets.tls.client.ca - - - src: - schema: deckhand/CertificateAuthority/v1 - name: kubernetes-etcd-peer - path: . - dest: - path: .values.secrets.tls.peer.ca - - - - src: - schema: deckhand/Certificate/v1 - name: kubernetes-etcd-anchor - path: . - dest: - path: .values.secrets.anchor.tls.cert - - - src: - schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-anchor - path: . - dest: - path: .values.secrets.anchor.tls.key - - # Node names - - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostname - dest: - path: .values.nodes[0].name - - # Server certs - - - src: - schema: deckhand/Certificate/v1 - name: kubernetes-etcd-genesis - path: . - dest: - path: '.values.nodes[0].tls.client.cert' - - - src: - schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-genesis - path: . - dest: - path: '.values.nodes[0].tls.client.key' - - - src: - schema: deckhand/Certificate/v1 - name: kubernetes-etcd-genesis-peer - path: . - dest: - path: '.values.nodes[0].tls.peer.cert' - - - src: - schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-genesis-peer - path: . - dest: - path: '.values.nodes[0].tls.peer.key' - -data: {} - -... diff --git a/deployment_files/site/demo/software/charts/kubernetes/ingress/ingress.yaml b/deployment_files/site/demo/software/charts/kubernetes/ingress/ingress.yaml deleted file mode 100644 index c197318a..00000000 --- a/deployment_files/site/demo/software/charts/kubernetes/ingress/ingress.yaml +++ /dev/null @@ -1,33 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ingress-kube-system - replacement: true - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: ingress-kube-system - actions: - - method: merge - path: . - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostcidr - dest: - path: .values.network.vip.addr - pattern: REPLACEME -data: - values: - network: - ingress: - disable-ipv6: "true" - vip: - manage: true - addr: REPLACEME -... diff --git a/deployment_files/site/demo/software/charts/ucp/drydock/maas.yaml b/deployment_files/site/demo/software/charts/ucp/drydock/maas.yaml deleted file mode 100644 index 7449636d..00000000 --- a/deployment_files/site/demo/software/charts/ucp/drydock/maas.yaml +++ /dev/null @@ -1,30 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-maas - replacement: true - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: ucp-maas - actions: - - method: merge - path: . - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .maas-ingress - dest: - path: .values.network.maas_ingress.addr - pattern: REPLACEME -data: - values: - network: - maas_ingress: - addr: REPLACEME -... diff --git a/deployment_files/site/dev-proxy/deployment/deploymentConfiguration.yaml b/deployment_files/site/dev-proxy/deployment/deploymentConfiguration.yaml deleted file mode 100644 index 3c3dfb3d..00000000 --- a/deployment_files/site/dev-proxy/deployment/deploymentConfiguration.yaml +++ /dev/null @@ -1,30 +0,0 @@ ---- -schema: shipyard/DeploymentConfiguration/v1 -metadata: - schema: metadata/Document/v1 - name: deployment-configuration - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - physical_provisioner: - deploy_interval: 30 - deploy_timeout: 3600 - destroy_interval: 30 - destroy_timeout: 900 - join_wait: 1 - prepare_node_interval: 30 - prepare_node_timeout: 1000 - prepare_site_interval: 10 - prepare_site_timeout: 300 - verify_interval: 10 - verify_timeout: 60 - kubernetes_provisioner: - drain_timeout: 3600 - drain_grace_period: 1800 - clear_labels_timeout: 1800 - remove_etcd_timeout: 1800 - etcd_ready_timeout: 600 - armada: - manifest: 'full-site' diff --git a/deployment_files/site/dev-proxy/deployment/dev-configurables.yaml b/deployment_files/site/dev-proxy/deployment/dev-configurables.yaml deleted file mode 100644 index ad6da40f..00000000 --- a/deployment_files/site/dev-proxy/deployment/dev-configurables.yaml +++ /dev/null @@ -1,10 +0,0 @@ ---- -schema: dev/Configurables/v1 -metadata: - schema: metadata/Document/v1 - name: dev-configurables - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -# Data section provided by deploy_ucp.sh script diff --git a/deployment_files/site/dev-proxy/networks/common-addresses.yaml b/deployment_files/site/dev-proxy/networks/common-addresses.yaml deleted file mode 100644 index 4e824f5c..00000000 --- a/deployment_files/site/dev-proxy/networks/common-addresses.yaml +++ /dev/null @@ -1,105 +0,0 @@ ---- -schema: pegleg/CommonAddresses/v1 -metadata: - schema: metadata/Document/v1 - name: common-addresses - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .interface - dest: - path: .calico.ip_autodetection_method - pattern: REPLACEME - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostname - dest: - path: .genesis.hostname - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostip - dest: - path: .genesis.ip - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostip - dest: - path: .bootstrap.ip - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostcidr - dest: - path: .storage.ceph.public_cidr - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostcidr - dest: - path: .storage.ceph.cluster_cidr - - -data: - calico: - ip_autodetection_method: 'interface=REPLACEME' - etcd: - service_ip: 10.96.232.136 - - dns: - cluster_domain: cluster.local - node_domain: gate.local - service_ip: 10.96.0.10 - upstream_servers: - - 8.8.8.8 - - 8.8.4.4 - upstream_servers_joined: 8.8.8.8,8.8.4.4 - - genesis: - hostname: REPLACEME - ip: REPLACEME - - bootstrap: - ip: REPLACEME - - kubernetes: - api_service_ip: 10.96.0.1 - etcd_service_ip: 10.96.0.2 - pod_cidr: 10.97.0.0/16 - service_cidr: 10.96.0.0/16 - apiserver_port: 6443 - haproxy_port: 6553 - service_node_port_range: 30000-32767 - - etcd: - container_port: 2379 - haproxy_port: 2378 - - proxy: - http: http://proxy.foo.com:8080 - https: http://proxy.foo.com:8080 - no_proxy: '.foo.com,.cluster.local,localhost,127.0.0.1' - - node_ports: - drydock_api: 30000 - maas_api: 30001 - maas_proxy: 31800 - shipyard_api: 30003 - airflow_web: 30004 - - ntp: - servers_joined: ntp.ubuntu.com - - storage: - ceph: - public_cidr: REPLACEME - cluster_cidr: REPLACEME -... diff --git a/deployment_files/site/dev-proxy/pki/pki-catalog.yaml b/deployment_files/site/dev-proxy/pki/pki-catalog.yaml deleted file mode 100644 index 2ef1cc84..00000000 --- a/deployment_files/site/dev-proxy/pki/pki-catalog.yaml +++ /dev/null @@ -1,181 +0,0 @@ ---- -schema: promenade/PKICatalog/v1 -metadata: - schema: metadata/Document/v1 - name: cluster-certificates - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext - substitutions: - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostname - dest: - path: .certificate_authorities.kubernetes.certificates[1].hosts[0] - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostip - dest: - path: .certificate_authorities.kubernetes.certificates[1].hosts[1] - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostname - dest: - path: .certificate_authorities.kubernetes.certificates[1].common_name - pattern: HOSTNAME - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostname - dest: - path: .certificate_authorities.kubernetes.certificates[1].common_name - pattern: HOSTNAME - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostname - dest: - path: .certificate_authorities.kubernetes-etcd.certificates[2].hosts[0] - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostip - dest: - path: .certificate_authorities.kubernetes-etcd.certificates[2].hosts[1] - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostname - dest: - path: .certificate_authorities.kubernetes-etcd-peer.certificates[0].hosts[0] - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostip - dest: - path: .certificate_authorities.kubernetes-etcd-peer.certificates[0].hosts[1] - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostname - dest: - path: .certificate_authorities.calico-etcd.certificates[1].hosts[0] - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostip - dest: - path: .certificate_authorities.calico-etcd.certificates[1].hosts[1] - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostname - dest: - path: .certificate_authorities.calico-etcd-peer.certificates[1].hosts[0] - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostip - dest: - path: .certificate_authorities.calico-etcd-peer.certificates[1].hosts[1] -data: - certificate_authorities: - kubernetes: - description: CA for Kubernetes components - certificates: - - document_name: apiserver - description: Service certificate for Kubernetes apiserver - common_name: apiserver - hosts: - - localhost - - 127.0.0.1 - - 10.96.0.1 - kubernetes_service_names: - - kubernetes.default.svc.cluster.local - - document_name: kubelet-genesis - common_name: system:node:HOSTNAME - hosts: - - REPLACEME_HOST_NAME - - REPLACEME_HOST_IP - groups: - - system:nodes - - document_name: scheduler - description: Service certificate for Kubernetes scheduler - common_name: system:kube-scheduler - - document_name: controller-manager - description: certificate for controller-manager - common_name: system:kube-controller-manager - - document_name: admin - common_name: admin - groups: - - system:masters - - document_name: armada - common_name: armada - groups: - - system:masters - kubernetes-etcd: - description: Certificates for Kubernetes's etcd servers - certificates: - - document_name: apiserver-etcd - description: etcd client certificate for use by Kubernetes apiserver - common_name: apiserver - - document_name: kubernetes-etcd-anchor - description: anchor - common_name: anchor - - document_name: kubernetes-etcd-genesis - common_name: kubernetes-etcd-genesis - hosts: - - REPLACEME_HOST_NAME - - REPLACEME_HOST_IP - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - kubernetes-etcd-peer: - certificates: - - document_name: kubernetes-etcd-genesis-peer - common_name: kubernetes-etcd-genesis-peer - hosts: - - REPLACEME_HOST_NAME - - REPLACEME_HOST_IP - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - calico-etcd: - description: Certificates for Calico etcd client traffic - certificates: - - document_name: calico-etcd-anchor - description: anchor - common_name: anchor - - document_name: calico-etcd-genesis - common_name: calico-etcd-genesis - hosts: - - REPLACEME_HOST_NAME - - REPLACEME_HOST_IP - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-node - common_name: calcico-node - calico-etcd-peer: - description: Certificates for Calico etcd clients - certificates: - - document_name: calico-etcd-genesis-peer - common_name: calico-etcd-genesis-peer - hosts: - - REPLACEME_HOST_NAME - - REPLACEME_HOST_IP - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-node-peer - common_name: calcico-node-peer - keypairs: - - name: service-account - description: Service account signing key for use by Kubernetes controller-manager. -... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ceph_swift_keystone_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ceph_swift_keystone_password.yaml deleted file mode 100644 index 4f45cbe0..00000000 --- a/deployment_files/site/dev-proxy/secrets/passphrases/ceph_swift_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ceph_swift_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password1 -... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ipmi_admin_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ipmi_admin_password.yaml deleted file mode 100644 index 7f2e7941..00000000 --- a/deployment_files/site/dev-proxy/secrets/passphrases/ipmi_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ipmi_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: calvin -... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/maas_region_secret.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/maas_region_secret.yaml deleted file mode 100644 index aedf9281..00000000 --- a/deployment_files/site/dev-proxy/secrets/passphrases/maas_region_secret.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: maas-region-key - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: 3858f62230ac3c915f300c664312c63f -... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_airflow_oslo_messaging_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_airflow_oslo_messaging_password.yaml deleted file mode 100644 index 66791a4d..00000000 --- a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_airflow_oslo_messaging_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_airflow_oslo_messaging_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password20 -... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_airflow_postgres_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_airflow_postgres_password.yaml deleted file mode 100644 index 119a8a40..00000000 --- a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_airflow_postgres_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_airflow_postgres_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password2 -... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_armada_keystone_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_armada_keystone_password.yaml deleted file mode 100644 index cbb8575e..00000000 --- a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_armada_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_armada_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password3 -... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_barbican_keystone_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_barbican_keystone_password.yaml deleted file mode 100644 index e786cbb3..00000000 --- a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_barbican_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_barbican_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password4 -... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_barbican_oslo_db_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_barbican_oslo_db_password.yaml deleted file mode 100644 index 7f21161f..00000000 --- a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_barbican_oslo_db_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_barbican_oslo_db_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password5 -... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_deckhand_keystone_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_deckhand_keystone_password.yaml deleted file mode 100644 index 6532aae8..00000000 --- a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_deckhand_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_deckhand_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password6 -... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_deckhand_postgres_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_deckhand_postgres_password.yaml deleted file mode 100644 index d78dde68..00000000 --- a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_deckhand_postgres_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_deckhand_postgres_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password7 -... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_drydock_keystone_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_drydock_keystone_password.yaml deleted file mode 100644 index 9a97f8f6..00000000 --- a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_drydock_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_drydock_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password8 -... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_drydock_postgres_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_drydock_postgres_password.yaml deleted file mode 100644 index de755270..00000000 --- a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_drydock_postgres_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_drydock_postgres_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password9 -... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_keystone_admin_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_keystone_admin_password.yaml deleted file mode 100644 index 76e00856..00000000 --- a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_keystone_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_keystone_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password10 -... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_keystone_oslo_db_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_keystone_oslo_db_password.yaml deleted file mode 100644 index c06c742f..00000000 --- a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_keystone_oslo_db_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_keystone_oslo_db_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password11 -... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_maas_admin_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_maas_admin_password.yaml deleted file mode 100644 index 4242f37e..00000000 --- a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_maas_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_maas_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password12 -... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_maas_postgres_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_maas_postgres_password.yaml deleted file mode 100644 index e3a83ecc..00000000 --- a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_maas_postgres_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_maas_postgres_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password13 -... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_oslo_db_admin_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_oslo_db_admin_password.yaml deleted file mode 100644 index bb77ab63..00000000 --- a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_oslo_db_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_oslo_db_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password14 -... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_oslo_messaging_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_oslo_messaging_password.yaml deleted file mode 100644 index 0ff710c6..00000000 --- a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_oslo_messaging_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_oslo_messaging_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password15 -... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_postgres_admin_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_postgres_admin_password.yaml deleted file mode 100644 index 85f97901..00000000 --- a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_postgres_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_postgres_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password16 -... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_promenade_keystone_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_promenade_keystone_password.yaml deleted file mode 100644 index 17668eed..00000000 --- a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_promenade_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_promenade_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password17 -... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml deleted file mode 100644 index 99d8d8b8..00000000 --- a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_rabbitmq_erlang_cookie - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: 111df8c05b0f041d4764 -... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_shipyard_keystone_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_shipyard_keystone_password.yaml deleted file mode 100644 index ff5b8240..00000000 --- a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_shipyard_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_shipyard_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password18 -... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_shipyard_postgres_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_shipyard_postgres_password.yaml deleted file mode 100644 index d6c8044c..00000000 --- a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_shipyard_postgres_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_shipyard_postgres_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password19 -... diff --git a/deployment_files/site/dev-proxy/site-definition.yaml b/deployment_files/site/dev-proxy/site-definition.yaml deleted file mode 100644 index 3d888133..00000000 --- a/deployment_files/site/dev-proxy/site-definition.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -data: - revision: v1.0dev - site_type: single-node-proxy -metadata: - layeringDefinition: {abstract: false, layer: site} - name: dev-proxy - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: pegleg/SiteDefinition/v1 -... diff --git a/deployment_files/site/dev-proxy/software/charts/kubernetes/container-networking/etcd.yaml b/deployment_files/site/dev-proxy/software/charts/kubernetes/container-networking/etcd.yaml deleted file mode 100644 index ba982651..00000000 --- a/deployment_files/site/dev-proxy/software/charts/kubernetes/container-networking/etcd.yaml +++ /dev/null @@ -1,122 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-calico-etcd - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: kubernetes-calico-etcd-global - actions: - - method: merge - path: . - storagePolicy: cleartext - substitutions: - - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.calico.etcd - dest: - path: .source - - # Image versions - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.calico.etcd - dest: - path: .values.images.tags - - # IP addresses - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .calico.etcd.service_ip - dest: - path: .values.service.ip - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .calico.etcd.service_ip - dest: - path: .values.anchor.etcdctl_endpoint - - # CAs - - - src: - schema: deckhand/CertificateAuthority/v1 - name: calico-etcd - path: . - dest: - path: .values.secrets.tls.client.ca - - - src: - schema: deckhand/CertificateAuthority/v1 - name: calico-etcd-peer - path: . - dest: - path: .values.secrets.tls.peer.ca - - # Anchor client cert - - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-anchor - path: . - dest: - path: .values.secrets.anchor.tls.cert - - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-anchor - path: . - dest: - path: .values.secrets.anchor.tls.key - - # Node names - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .genesis.hostname - dest: - path: .values.nodes[0].name - - # Server certs - - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-genesis - path: . - dest: - path: .values.nodes[0].tls.client.cert - - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-genesis - path: . - dest: - path: .values.nodes[0].tls.client.key - - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-genesis-peer - path: . - dest: - path: .values.nodes[0].tls.peer.cert - - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-genesis-peer - path: . - dest: - path: .values.nodes[0].tls.peer.key - -data: {} - -... diff --git a/deployment_files/site/dev-proxy/software/charts/kubernetes/etcd/etcd.yaml b/deployment_files/site/dev-proxy/software/charts/kubernetes/etcd/etcd.yaml deleted file mode 100644 index 1bd02c83..00000000 --- a/deployment_files/site/dev-proxy/software/charts/kubernetes/etcd/etcd.yaml +++ /dev/null @@ -1,121 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-etcd - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: kubernetes-etcd-global - actions: - - method: merge - path: . - storagePolicy: cleartext - substitutions: - - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.etcd - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.etcd - dest: - path: .values.images.tags - - # IP addresses - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.etcd_service_ip - dest: - path: .values.service.ip - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.etcd_service_ip - dest: - path: .values.anchor.etcdctl_endpoint - - # CAs - - - src: - schema: deckhand/CertificateAuthority/v1 - name: kubernetes-etcd - path: . - dest: - path: .values.secrets.tls.client.ca - - - src: - schema: deckhand/CertificateAuthority/v1 - name: kubernetes-etcd-peer - path: . - dest: - path: .values.secrets.tls.peer.ca - - - - src: - schema: deckhand/Certificate/v1 - name: kubernetes-etcd-anchor - path: . - dest: - path: .values.secrets.anchor.tls.cert - - - src: - schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-anchor - path: . - dest: - path: .values.secrets.anchor.tls.key - - # Node names - - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostname - dest: - path: .values.nodes[0].name - - # Server certs - - - src: - schema: deckhand/Certificate/v1 - name: kubernetes-etcd-genesis - path: . - dest: - path: '.values.nodes[0].tls.client.cert' - - - src: - schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-genesis - path: . - dest: - path: '.values.nodes[0].tls.client.key' - - - src: - schema: deckhand/Certificate/v1 - name: kubernetes-etcd-genesis-peer - path: . - dest: - path: '.values.nodes[0].tls.peer.cert' - - - src: - schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-genesis-peer - path: . - dest: - path: '.values.nodes[0].tls.peer.key' - -data: {} - -... diff --git a/deployment_files/site/dev-proxy/software/charts/ucp/storage_provisioner/chart-group.yaml b/deployment_files/site/dev-proxy/software/charts/ucp/storage_provisioner/chart-group.yaml deleted file mode 100644 index 310eb716..00000000 --- a/deployment_files/site/dev-proxy/software/charts/ucp/storage_provisioner/chart-group.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-storage-provisioner - labels: - name: ucp-storage-provisioner - group: ucp - service: k8_storage_provisioning - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Kubernetes Storage Provisioner - sequenced: true - chart_group: - - nfs_provisioner diff --git a/deployment_files/site/dev-proxy/software/charts/ucp/storage_provisioner/nfs-prov.yaml b/deployment_files/site/dev-proxy/software/charts/ucp/storage_provisioner/nfs-prov.yaml deleted file mode 100644 index 691f6d54..00000000 --- a/deployment_files/site/dev-proxy/software/charts/ucp/storage_provisioner/nfs-prov.yaml +++ /dev/null @@ -1,85 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: nfs_provisioner - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.nfs_provisioner - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.storage.nfs_provisioner - dest: - path: .values.images.tags -data: - chart_name: nfs-provisioner - release: nfs-provisioner - namespace: kube-system - protected: - continue_processing: false - wait: - timeout: 900 - labels: - release_group: airship-nfs-provisioner - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - release_group: airship-nfs-provisioner - values: - labels: - nfs: - node_selector_key: ucp-control-plane - node_selector_value: enabled - job: - node_selector_key: ucp-control-plane - node_selector_value: enabled - storage: - hostPath: - path: /var/lib/airship/nfs - persistentVolumeClaim: - size: '30Gi' - storageclass: - name: general - dependencies: - - nfs_htk -... ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: nfs_htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.nfs_htk - dest: - path: .source -data: - chart_name: nfs_htk - release: nfs_htk - namespace: nfs_htk - values: {} - dependencies: [] -... diff --git a/deployment_files/site/dev/deployment/deploymentConfiguration.yaml b/deployment_files/site/dev/deployment/deploymentConfiguration.yaml deleted file mode 100644 index bf0b3b1c..00000000 --- a/deployment_files/site/dev/deployment/deploymentConfiguration.yaml +++ /dev/null @@ -1,30 +0,0 @@ ---- -schema: shipyard/DeploymentConfiguration/v1 -metadata: - schema: metadata/Document/v1 - name: deployment-configuration - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - physical_provisioner: - deploy_interval: 30 - deploy_timeout: 3600 - destroy_interval: 30 - destroy_timeout: 900 - join_wait: 120 - prepare_node_interval: 30 - prepare_node_timeout: 1000 - prepare_site_interval: 10 - prepare_site_timeout: 300 - verify_interval: 10 - verify_timeout: 60 - kubernetes_provisioner: - drain_timeout: 3600 - drain_grace_period: 1800 - clear_labels_timeout: 1800 - remove_etcd_timeout: 1800 - etcd_ready_timeout: 600 - armada: - manifest: 'full-site' diff --git a/deployment_files/site/dev/deployment/dev-configurables.yaml b/deployment_files/site/dev/deployment/dev-configurables.yaml deleted file mode 100644 index ad6da40f..00000000 --- a/deployment_files/site/dev/deployment/dev-configurables.yaml +++ /dev/null @@ -1,10 +0,0 @@ ---- -schema: dev/Configurables/v1 -metadata: - schema: metadata/Document/v1 - name: dev-configurables - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -# Data section provided by deploy_ucp.sh script diff --git a/deployment_files/site/dev/networks/common-addresses.yaml b/deployment_files/site/dev/networks/common-addresses.yaml deleted file mode 100644 index 9792c420..00000000 --- a/deployment_files/site/dev/networks/common-addresses.yaml +++ /dev/null @@ -1,105 +0,0 @@ ---- -schema: pegleg/CommonAddresses/v1 -metadata: - schema: metadata/Document/v1 - name: common-addresses - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .interface - dest: - path: .calico.ip_autodetection_method - pattern: REPLACEME - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostname - dest: - path: .genesis.hostname - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostip - dest: - path: .genesis.ip - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostip - dest: - path: .bootstrap.ip - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostcidr - dest: - path: .storage.ceph.public_cidr - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostcidr - dest: - path: .storage.ceph.cluster_cidr - - -data: - calico: - ip_autodetection_method: 'interface=REPLACEME' - etcd: - service_ip: 10.96.232.136 - - dns: - cluster_domain: cluster.local - node_domain: gate.local - service_ip: 10.96.0.10 - upstream_servers: - - 8.8.8.8 - - 8.8.4.4 - upstream_servers_joined: 8.8.8.8,8.8.4.4 - - genesis: - hostname: REPLACEME - ip: REPLACEME - - bootstrap: - ip: REPLACEME - - kubernetes: - api_service_ip: 10.96.0.1 - etcd_service_ip: 10.96.0.2 - pod_cidr: 10.97.0.0/16 - service_cidr: 10.96.0.0/16 - apiserver_port: 6443 - haproxy_port: 6553 - service_node_port_range: 30000-32767 - - etcd: - container_port: 2379 - haproxy_port: 2378 - - proxy: - http: - https: - no_proxy: - - node_ports: - drydock_api: 30000 - maas_api: 30001 - maas_proxy: 31800 - shipyard_api: 30003 - airflow_web: 30004 - - ntp: - servers_joined: ntp.ubuntu.com - - storage: - ceph: - public_cidr: REPLACEME - cluster_cidr: REPLACEME -... diff --git a/deployment_files/site/dev/pki/pki-catalog.yaml b/deployment_files/site/dev/pki/pki-catalog.yaml deleted file mode 100644 index 2ef1cc84..00000000 --- a/deployment_files/site/dev/pki/pki-catalog.yaml +++ /dev/null @@ -1,181 +0,0 @@ ---- -schema: promenade/PKICatalog/v1 -metadata: - schema: metadata/Document/v1 - name: cluster-certificates - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext - substitutions: - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostname - dest: - path: .certificate_authorities.kubernetes.certificates[1].hosts[0] - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostip - dest: - path: .certificate_authorities.kubernetes.certificates[1].hosts[1] - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostname - dest: - path: .certificate_authorities.kubernetes.certificates[1].common_name - pattern: HOSTNAME - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostname - dest: - path: .certificate_authorities.kubernetes.certificates[1].common_name - pattern: HOSTNAME - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostname - dest: - path: .certificate_authorities.kubernetes-etcd.certificates[2].hosts[0] - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostip - dest: - path: .certificate_authorities.kubernetes-etcd.certificates[2].hosts[1] - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostname - dest: - path: .certificate_authorities.kubernetes-etcd-peer.certificates[0].hosts[0] - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostip - dest: - path: .certificate_authorities.kubernetes-etcd-peer.certificates[0].hosts[1] - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostname - dest: - path: .certificate_authorities.calico-etcd.certificates[1].hosts[0] - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostip - dest: - path: .certificate_authorities.calico-etcd.certificates[1].hosts[1] - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostname - dest: - path: .certificate_authorities.calico-etcd-peer.certificates[1].hosts[0] - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostip - dest: - path: .certificate_authorities.calico-etcd-peer.certificates[1].hosts[1] -data: - certificate_authorities: - kubernetes: - description: CA for Kubernetes components - certificates: - - document_name: apiserver - description: Service certificate for Kubernetes apiserver - common_name: apiserver - hosts: - - localhost - - 127.0.0.1 - - 10.96.0.1 - kubernetes_service_names: - - kubernetes.default.svc.cluster.local - - document_name: kubelet-genesis - common_name: system:node:HOSTNAME - hosts: - - REPLACEME_HOST_NAME - - REPLACEME_HOST_IP - groups: - - system:nodes - - document_name: scheduler - description: Service certificate for Kubernetes scheduler - common_name: system:kube-scheduler - - document_name: controller-manager - description: certificate for controller-manager - common_name: system:kube-controller-manager - - document_name: admin - common_name: admin - groups: - - system:masters - - document_name: armada - common_name: armada - groups: - - system:masters - kubernetes-etcd: - description: Certificates for Kubernetes's etcd servers - certificates: - - document_name: apiserver-etcd - description: etcd client certificate for use by Kubernetes apiserver - common_name: apiserver - - document_name: kubernetes-etcd-anchor - description: anchor - common_name: anchor - - document_name: kubernetes-etcd-genesis - common_name: kubernetes-etcd-genesis - hosts: - - REPLACEME_HOST_NAME - - REPLACEME_HOST_IP - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - kubernetes-etcd-peer: - certificates: - - document_name: kubernetes-etcd-genesis-peer - common_name: kubernetes-etcd-genesis-peer - hosts: - - REPLACEME_HOST_NAME - - REPLACEME_HOST_IP - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - calico-etcd: - description: Certificates for Calico etcd client traffic - certificates: - - document_name: calico-etcd-anchor - description: anchor - common_name: anchor - - document_name: calico-etcd-genesis - common_name: calico-etcd-genesis - hosts: - - REPLACEME_HOST_NAME - - REPLACEME_HOST_IP - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-node - common_name: calcico-node - calico-etcd-peer: - description: Certificates for Calico etcd clients - certificates: - - document_name: calico-etcd-genesis-peer - common_name: calico-etcd-genesis-peer - hosts: - - REPLACEME_HOST_NAME - - REPLACEME_HOST_IP - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-node-peer - common_name: calcico-node-peer - keypairs: - - name: service-account - description: Service account signing key for use by Kubernetes controller-manager. -... diff --git a/deployment_files/site/dev/secrets/passphrases/ceph_swift_keystone_password.yaml b/deployment_files/site/dev/secrets/passphrases/ceph_swift_keystone_password.yaml deleted file mode 100644 index 4f45cbe0..00000000 --- a/deployment_files/site/dev/secrets/passphrases/ceph_swift_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ceph_swift_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password1 -... diff --git a/deployment_files/site/dev/secrets/passphrases/ipmi_admin_password.yaml b/deployment_files/site/dev/secrets/passphrases/ipmi_admin_password.yaml deleted file mode 100644 index 7f2e7941..00000000 --- a/deployment_files/site/dev/secrets/passphrases/ipmi_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ipmi_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: calvin -... diff --git a/deployment_files/site/dev/secrets/passphrases/maas_region_secret.yaml b/deployment_files/site/dev/secrets/passphrases/maas_region_secret.yaml deleted file mode 100644 index aedf9281..00000000 --- a/deployment_files/site/dev/secrets/passphrases/maas_region_secret.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: maas-region-key - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: 3858f62230ac3c915f300c664312c63f -... diff --git a/deployment_files/site/dev/secrets/passphrases/ucp_airflow_oslo_messaging_password.yaml b/deployment_files/site/dev/secrets/passphrases/ucp_airflow_oslo_messaging_password.yaml deleted file mode 100644 index 66791a4d..00000000 --- a/deployment_files/site/dev/secrets/passphrases/ucp_airflow_oslo_messaging_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_airflow_oslo_messaging_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password20 -... diff --git a/deployment_files/site/dev/secrets/passphrases/ucp_airflow_postgres_password.yaml b/deployment_files/site/dev/secrets/passphrases/ucp_airflow_postgres_password.yaml deleted file mode 100644 index 119a8a40..00000000 --- a/deployment_files/site/dev/secrets/passphrases/ucp_airflow_postgres_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_airflow_postgres_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password2 -... diff --git a/deployment_files/site/dev/secrets/passphrases/ucp_armada_keystone_password.yaml b/deployment_files/site/dev/secrets/passphrases/ucp_armada_keystone_password.yaml deleted file mode 100644 index cbb8575e..00000000 --- a/deployment_files/site/dev/secrets/passphrases/ucp_armada_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_armada_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password3 -... diff --git a/deployment_files/site/dev/secrets/passphrases/ucp_barbican_keystone_password.yaml b/deployment_files/site/dev/secrets/passphrases/ucp_barbican_keystone_password.yaml deleted file mode 100644 index e786cbb3..00000000 --- a/deployment_files/site/dev/secrets/passphrases/ucp_barbican_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_barbican_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password4 -... diff --git a/deployment_files/site/dev/secrets/passphrases/ucp_barbican_oslo_db_password.yaml b/deployment_files/site/dev/secrets/passphrases/ucp_barbican_oslo_db_password.yaml deleted file mode 100644 index 7f21161f..00000000 --- a/deployment_files/site/dev/secrets/passphrases/ucp_barbican_oslo_db_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_barbican_oslo_db_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password5 -... diff --git a/deployment_files/site/dev/secrets/passphrases/ucp_deckhand_keystone_password.yaml b/deployment_files/site/dev/secrets/passphrases/ucp_deckhand_keystone_password.yaml deleted file mode 100644 index 6532aae8..00000000 --- a/deployment_files/site/dev/secrets/passphrases/ucp_deckhand_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_deckhand_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password6 -... diff --git a/deployment_files/site/dev/secrets/passphrases/ucp_deckhand_postgres_password.yaml b/deployment_files/site/dev/secrets/passphrases/ucp_deckhand_postgres_password.yaml deleted file mode 100644 index d78dde68..00000000 --- a/deployment_files/site/dev/secrets/passphrases/ucp_deckhand_postgres_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_deckhand_postgres_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password7 -... diff --git a/deployment_files/site/dev/secrets/passphrases/ucp_drydock_keystone_password.yaml b/deployment_files/site/dev/secrets/passphrases/ucp_drydock_keystone_password.yaml deleted file mode 100644 index 9a97f8f6..00000000 --- a/deployment_files/site/dev/secrets/passphrases/ucp_drydock_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_drydock_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password8 -... diff --git a/deployment_files/site/dev/secrets/passphrases/ucp_drydock_postgres_password.yaml b/deployment_files/site/dev/secrets/passphrases/ucp_drydock_postgres_password.yaml deleted file mode 100644 index de755270..00000000 --- a/deployment_files/site/dev/secrets/passphrases/ucp_drydock_postgres_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_drydock_postgres_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password9 -... diff --git a/deployment_files/site/dev/secrets/passphrases/ucp_keystone_admin_password.yaml b/deployment_files/site/dev/secrets/passphrases/ucp_keystone_admin_password.yaml deleted file mode 100644 index 76e00856..00000000 --- a/deployment_files/site/dev/secrets/passphrases/ucp_keystone_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_keystone_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password10 -... diff --git a/deployment_files/site/dev/secrets/passphrases/ucp_keystone_oslo_db_password.yaml b/deployment_files/site/dev/secrets/passphrases/ucp_keystone_oslo_db_password.yaml deleted file mode 100644 index c06c742f..00000000 --- a/deployment_files/site/dev/secrets/passphrases/ucp_keystone_oslo_db_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_keystone_oslo_db_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password11 -... diff --git a/deployment_files/site/dev/secrets/passphrases/ucp_maas_admin_password.yaml b/deployment_files/site/dev/secrets/passphrases/ucp_maas_admin_password.yaml deleted file mode 100644 index 4242f37e..00000000 --- a/deployment_files/site/dev/secrets/passphrases/ucp_maas_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_maas_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password12 -... diff --git a/deployment_files/site/dev/secrets/passphrases/ucp_maas_postgres_password.yaml b/deployment_files/site/dev/secrets/passphrases/ucp_maas_postgres_password.yaml deleted file mode 100644 index e3a83ecc..00000000 --- a/deployment_files/site/dev/secrets/passphrases/ucp_maas_postgres_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_maas_postgres_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password13 -... diff --git a/deployment_files/site/dev/secrets/passphrases/ucp_oslo_db_admin_password.yaml b/deployment_files/site/dev/secrets/passphrases/ucp_oslo_db_admin_password.yaml deleted file mode 100644 index bb77ab63..00000000 --- a/deployment_files/site/dev/secrets/passphrases/ucp_oslo_db_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_oslo_db_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password14 -... diff --git a/deployment_files/site/dev/secrets/passphrases/ucp_oslo_messaging_password.yaml b/deployment_files/site/dev/secrets/passphrases/ucp_oslo_messaging_password.yaml deleted file mode 100644 index 0ff710c6..00000000 --- a/deployment_files/site/dev/secrets/passphrases/ucp_oslo_messaging_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_oslo_messaging_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password15 -... diff --git a/deployment_files/site/dev/secrets/passphrases/ucp_postgres_admin_password.yaml b/deployment_files/site/dev/secrets/passphrases/ucp_postgres_admin_password.yaml deleted file mode 100644 index 85f97901..00000000 --- a/deployment_files/site/dev/secrets/passphrases/ucp_postgres_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_postgres_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password16 -... diff --git a/deployment_files/site/dev/secrets/passphrases/ucp_promenade_keystone_password.yaml b/deployment_files/site/dev/secrets/passphrases/ucp_promenade_keystone_password.yaml deleted file mode 100644 index 17668eed..00000000 --- a/deployment_files/site/dev/secrets/passphrases/ucp_promenade_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_promenade_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password17 -... diff --git a/deployment_files/site/dev/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml b/deployment_files/site/dev/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml deleted file mode 100644 index 99d8d8b8..00000000 --- a/deployment_files/site/dev/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_rabbitmq_erlang_cookie - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: 111df8c05b0f041d4764 -... diff --git a/deployment_files/site/dev/secrets/passphrases/ucp_shipyard_keystone_password.yaml b/deployment_files/site/dev/secrets/passphrases/ucp_shipyard_keystone_password.yaml deleted file mode 100644 index ff5b8240..00000000 --- a/deployment_files/site/dev/secrets/passphrases/ucp_shipyard_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_shipyard_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password18 -... diff --git a/deployment_files/site/dev/secrets/passphrases/ucp_shipyard_postgres_password.yaml b/deployment_files/site/dev/secrets/passphrases/ucp_shipyard_postgres_password.yaml deleted file mode 100644 index d6c8044c..00000000 --- a/deployment_files/site/dev/secrets/passphrases/ucp_shipyard_postgres_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_shipyard_postgres_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password19 -... diff --git a/deployment_files/site/dev/site-definition.yaml b/deployment_files/site/dev/site-definition.yaml deleted file mode 100644 index 6a01ace2..00000000 --- a/deployment_files/site/dev/site-definition.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -data: - revision: v1.0dev - site_type: single-node -metadata: - layeringDefinition: {abstract: false, layer: site} - name: dev - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: pegleg/SiteDefinition/v1 -... diff --git a/deployment_files/site/dev/software/charts/kubernetes/container-networking/etcd.yaml b/deployment_files/site/dev/software/charts/kubernetes/container-networking/etcd.yaml deleted file mode 100644 index ba982651..00000000 --- a/deployment_files/site/dev/software/charts/kubernetes/container-networking/etcd.yaml +++ /dev/null @@ -1,122 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-calico-etcd - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: kubernetes-calico-etcd-global - actions: - - method: merge - path: . - storagePolicy: cleartext - substitutions: - - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.calico.etcd - dest: - path: .source - - # Image versions - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.calico.etcd - dest: - path: .values.images.tags - - # IP addresses - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .calico.etcd.service_ip - dest: - path: .values.service.ip - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .calico.etcd.service_ip - dest: - path: .values.anchor.etcdctl_endpoint - - # CAs - - - src: - schema: deckhand/CertificateAuthority/v1 - name: calico-etcd - path: . - dest: - path: .values.secrets.tls.client.ca - - - src: - schema: deckhand/CertificateAuthority/v1 - name: calico-etcd-peer - path: . - dest: - path: .values.secrets.tls.peer.ca - - # Anchor client cert - - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-anchor - path: . - dest: - path: .values.secrets.anchor.tls.cert - - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-anchor - path: . - dest: - path: .values.secrets.anchor.tls.key - - # Node names - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .genesis.hostname - dest: - path: .values.nodes[0].name - - # Server certs - - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-genesis - path: . - dest: - path: .values.nodes[0].tls.client.cert - - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-genesis - path: . - dest: - path: .values.nodes[0].tls.client.key - - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-genesis-peer - path: . - dest: - path: .values.nodes[0].tls.peer.cert - - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-genesis-peer - path: . - dest: - path: .values.nodes[0].tls.peer.key - -data: {} - -... diff --git a/deployment_files/site/dev/software/charts/kubernetes/etcd/etcd.yaml b/deployment_files/site/dev/software/charts/kubernetes/etcd/etcd.yaml deleted file mode 100644 index 1bd02c83..00000000 --- a/deployment_files/site/dev/software/charts/kubernetes/etcd/etcd.yaml +++ /dev/null @@ -1,121 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-etcd - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: kubernetes-etcd-global - actions: - - method: merge - path: . - storagePolicy: cleartext - substitutions: - - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.etcd - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.etcd - dest: - path: .values.images.tags - - # IP addresses - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.etcd_service_ip - dest: - path: .values.service.ip - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.etcd_service_ip - dest: - path: .values.anchor.etcdctl_endpoint - - # CAs - - - src: - schema: deckhand/CertificateAuthority/v1 - name: kubernetes-etcd - path: . - dest: - path: .values.secrets.tls.client.ca - - - src: - schema: deckhand/CertificateAuthority/v1 - name: kubernetes-etcd-peer - path: . - dest: - path: .values.secrets.tls.peer.ca - - - - src: - schema: deckhand/Certificate/v1 - name: kubernetes-etcd-anchor - path: . - dest: - path: .values.secrets.anchor.tls.cert - - - src: - schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-anchor - path: . - dest: - path: .values.secrets.anchor.tls.key - - # Node names - - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostname - dest: - path: .values.nodes[0].name - - # Server certs - - - src: - schema: deckhand/Certificate/v1 - name: kubernetes-etcd-genesis - path: . - dest: - path: '.values.nodes[0].tls.client.cert' - - - src: - schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-genesis - path: . - dest: - path: '.values.nodes[0].tls.client.key' - - - src: - schema: deckhand/Certificate/v1 - name: kubernetes-etcd-genesis-peer - path: . - dest: - path: '.values.nodes[0].tls.peer.cert' - - - src: - schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-genesis-peer - path: . - dest: - path: '.values.nodes[0].tls.peer.key' - -data: {} - -... diff --git a/deployment_files/site/dev/software/charts/ucp/storage_provisioner/chart-group.yaml b/deployment_files/site/dev/software/charts/ucp/storage_provisioner/chart-group.yaml deleted file mode 100644 index 310eb716..00000000 --- a/deployment_files/site/dev/software/charts/ucp/storage_provisioner/chart-group.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-storage-provisioner - labels: - name: ucp-storage-provisioner - group: ucp - service: k8_storage_provisioning - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext -data: - description: Kubernetes Storage Provisioner - sequenced: true - chart_group: - - nfs_provisioner diff --git a/deployment_files/site/dev/software/charts/ucp/storage_provisioner/nfs-prov.yaml b/deployment_files/site/dev/software/charts/ucp/storage_provisioner/nfs-prov.yaml deleted file mode 100644 index 7b3f8581..00000000 --- a/deployment_files/site/dev/software/charts/ucp/storage_provisioner/nfs-prov.yaml +++ /dev/null @@ -1,77 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: nfs_provisioner - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.nfs_provisioner - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.storage.nfs_provisioner - dest: - path: .values.images.tags -data: - chart_name: nfs-provisioner - release: nfs-provisioner - namespace: kube-system - timeout: 900 - wait: - timeout: 900 - install: - no_hooks: false - upgrade: - no_hooks: true - values: - labels: - nfs: - node_selector_key: ucp-control-plane - node_selector_value: enabled - job: - node_selector_key: ucp-control-plane - node_selector_value: enabled - storage: - hostPath: - path: /var/lib/airship/nfs - persistentVolumeClaim: - size: '30Gi' - storageclass: - name: general - dependencies: - - nfs_htk -... ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: nfs_htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.nfs_htk - dest: - path: .source -data: - chart_name: nfs_htk - release: nfs_htk - namespace: nfs_htk - values: {} - dependencies: [] -... diff --git a/deployment_files/site/gate-multinode/baremetal/bootactions.yaml b/deployment_files/site/gate-multinode/baremetal/bootactions.yaml deleted file mode 100644 index 24859f3d..00000000 --- a/deployment_files/site/gate-multinode/baremetal/bootactions.yaml +++ /dev/null @@ -1,34 +0,0 @@ ---- -schema: 'drydock/BootAction/v1' -metadata: - schema: 'metadata/Document/v1' - name: promjoin - storagePolicy: 'cleartext' - layeringDefinition: - abstract: false - layer: site - labels: - application: 'drydock' -data: - signaling: false - assets: - - path: /opt/promjoin.sh - type: file - permissions: '555' - location: promenade+http://promenade-api.ucp.svc.cluster.local/api/v1.0/join-scripts?design_ref={{ action.design_ref | urlencode }}&hostname={{ node.hostname }}&ip={{ node.network.default.ip }}&domain={{ node.domain }}{% for k, v in node.labels.items() %}&labels.dynamic={{ k }}={{ v }}{% endfor %} - location_pipeline: - - template - data_pipeline: - - utf8_decode - - path: /lib/systemd/system/promjoin.service - type: unit - permissions: '600' - data: |- - W1VuaXRdCkRlc2NyaXB0aW9uPVByb21lbmFkZSBJbml0aWFsaXphdGlvbiBTZXJ2aWNlCkFmdGVy - PW5ldHdvcmstb25saW5lLnRhcmdldCBsb2NhbC1mcy50YXJnZXQKQ29uZGl0aW9uUGF0aEV4aXN0 - cz0hL3Zhci9saWIvcHJvbS5kb25lCgpbU2VydmljZV0KVHlwZT1zaW1wbGUKRXhlY1N0YXJ0PS9v - cHQvcHJvbWpvaW4uc2gKCltJbnN0YWxsXQpXYW50ZWRCeT1tdWx0aS11c2VyLnRhcmdldAo= - data_pipeline: - - base64_decode - - utf8_decode -... diff --git a/deployment_files/site/gate-multinode/baremetal/nodes.yaml b/deployment_files/site/gate-multinode/baremetal/nodes.yaml deleted file mode 100644 index 166735fd..00000000 --- a/deployment_files/site/gate-multinode/baremetal/nodes.yaml +++ /dev/null @@ -1,58 +0,0 @@ ---- -schema: 'drydock/BaremetalNode/v1' -metadata: - schema: 'metadata/Document/v1' - name: n1 - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - host_profile: defaults - addressing: - - network: pxe - address: 172.24.1.11 - metadata: - boot_mac: '52:54:00:00:a3:31' - rack: rack1 - tags: - - 'masters' ---- -schema: 'drydock/BaremetalNode/v1' -metadata: - schema: 'metadata/Document/v1' - name: n2 - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - host_profile: defaults - addressing: - - network: pxe - address: 172.24.1.12 - metadata: - boot_mac: '52:54:00:1a:95:0d' - rack: rack1 - tags: - - 'masters' ---- -schema: 'drydock/BaremetalNode/v1' -metadata: - schema: 'metadata/Document/v1' - name: n3 - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - host_profile: defaults - addressing: - - network: pxe - address: 172.24.1.13 - metadata: - boot_mac: '52:54:00:31:c2:36' - rack: rack1 - tags: - - 'masters' -... diff --git a/deployment_files/site/gate-multinode/deployment/deployStrat.yaml b/deployment_files/site/gate-multinode/deployment/deployStrat.yaml deleted file mode 100644 index 42d33fe3..00000000 --- a/deployment_files/site/gate-multinode/deployment/deployStrat.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -# The global deployment strategy assumes nodes are marked with node_tags -# of masters and workers. -schema: shipyard/DeploymentStrategy/v1 -metadata: - schema: metadata/Document/v1 - name: deployment-strategy - layeringDefinition: - abstract: false - layer: global - labels: - name: deployment-strategy-global - storagePolicy: cleartext -data: - groups: - - name: masters - critical: true - depends_on: [] - selectors: - - node_names: ['n1','n2','n3'] - node_labels: [] - node_tags: [] - rack_names: [] - success_criteria: - percent_successful_nodes: 100 -... diff --git a/deployment_files/site/gate-multinode/deployment/deploymentConfiguration.yaml b/deployment_files/site/gate-multinode/deployment/deploymentConfiguration.yaml deleted file mode 100644 index c56987b1..00000000 --- a/deployment_files/site/gate-multinode/deployment/deploymentConfiguration.yaml +++ /dev/null @@ -1,31 +0,0 @@ ---- -schema: shipyard/DeploymentConfiguration/v1 -metadata: - schema: metadata/Document/v1 - name: deployment-configuration - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - physical_provisioner: - deployment_strategy: deployment-strategy - deploy_interval: 30 - deploy_timeout: 3600 - destroy_interval: 30 - destroy_timeout: 900 - join_wait: 120 - prepare_node_interval: 30 - prepare_node_timeout: 1000 - prepare_site_interval: 10 - prepare_site_timeout: 300 - verify_interval: 10 - verify_timeout: 60 - kubernetes_provisioner: - drain_timeout: 3600 - drain_grace_period: 1800 - clear_labels_timeout: 1800 - remove_etcd_timeout: 1800 - etcd_ready_timeout: 600 - armada: - manifest: 'full-site' diff --git a/deployment_files/site/gate-multinode/deployment/dev-configurables.yaml b/deployment_files/site/gate-multinode/deployment/dev-configurables.yaml deleted file mode 100644 index 4219867e..00000000 --- a/deployment_files/site/gate-multinode/deployment/dev-configurables.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -schema: dev/Configurables/v1 -metadata: - schema: metadata/Document/v1 - name: dev-configurables - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -# Data section currently hardcoded, needs to be injected by gate scripts later -data: - hostcidr: 172.24.1.0/24 -... diff --git a/deployment_files/site/gate-multinode/networks/common-addresses.yaml b/deployment_files/site/gate-multinode/networks/common-addresses.yaml deleted file mode 100644 index 9c50fd59..00000000 --- a/deployment_files/site/gate-multinode/networks/common-addresses.yaml +++ /dev/null @@ -1,63 +0,0 @@ ---- -schema: pegleg/CommonAddresses/v1 -metadata: - schema: metadata/Document/v1 - name: common-addresses - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - calico: - ip_autodetection_method: 'interface=ens3' - etcd: - service_ip: 10.96.232.136 - - dns: - cluster_domain: cluster.local - node_domain: gate.local - service_ip: 10.96.0.10 - upstream_servers: - - 172.24.1.9 - upstream_servers_joined: 172.24.1.9 - - genesis: - hostname: n0 - ip: 172.24.1.10 - - bootstrap: - ip: 172.24.1.10 - - kubernetes: - api_service_ip: 10.96.0.1 - etcd_service_ip: 10.96.0.2 - pod_cidr: 10.97.0.0/16 - service_cidr: 10.96.0.0/16 - apiserver_port: 6443 - haproxy_port: 6553 - service_node_port_range: 30000-32767 - - etcd: - container_port: 2379 - haproxy_port: 2378 - - proxy: - http: - https: - no_proxy: - - node_ports: - drydock_api: 30000 - maas_api: 30001 - maas_proxy: 31800 - shipyard_api: 30003 - airflow_web: 30004 - - ntp: - servers_joined: ntp.ubuntu.com - - storage: - ceph: - public_cidr: 172.24.1.0/24 - cluster_cidr: 172.24.1.0/24 -... diff --git a/deployment_files/site/gate-multinode/networks/physical/network.yaml b/deployment_files/site/gate-multinode/networks/physical/network.yaml deleted file mode 100644 index 5e883dd4..00000000 --- a/deployment_files/site/gate-multinode/networks/physical/network.yaml +++ /dev/null @@ -1,49 +0,0 @@ ---- -schema: 'drydock/NetworkLink/v1' -metadata: - schema: 'metadata/Document/v1' - name: pxe - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - bonding: - mode: disabled - mtu: 1500 - linkspeed: auto - trunking: - mode: disabled - default_network: pxe - allowed_networks: - - pxe -... ---- -schema: 'drydock/Network/v1' -metadata: - schema: 'metadata/Document/v1' - name: pxe - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - cidr: 172.24.1.0/24 - routes: - - subnet: 0.0.0.0/0 - gateway: 172.24.1.1 - metric: 100 - ranges: - - type: reserved - start: 172.24.1.1 - end: 172.24.1.10 - - type: static - start: 172.24.1.11 - end: 172.24.1.20 - - type: dhcp - start: 172.24.1.41 - end: 172.24.1.50 - dns: - domain: gate.local - servers: '172.24.1.9' -... diff --git a/deployment_files/site/gate-multinode/pki/pki-catalog.yaml b/deployment_files/site/gate-multinode/pki/pki-catalog.yaml deleted file mode 100644 index d0980324..00000000 --- a/deployment_files/site/gate-multinode/pki/pki-catalog.yaml +++ /dev/null @@ -1,271 +0,0 @@ ---- -schema: promenade/PKICatalog/v1 -metadata: - schema: metadata/Document/v1 - name: cluster-certificates - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - certificate_authorities: - kubernetes: - description: CA for Kubernetes components - certificates: - - document_name: apiserver - description: Service certificate for Kubernetes apiserver - common_name: apiserver - hosts: - - localhost - - 127.0.0.1 - - 10.96.0.1 - kubernetes_service_names: - - kubernetes.default.svc.cluster.local - - document_name: kubelet-genesis - common_name: system:node:n0 - hosts: - - n0 - - 172.24.1.10 - groups: - - system:nodes - - document_name: kubelet-n0 - common_name: system:node:n0 - hosts: - - n0 - - 172.24.1.10 - groups: - - system:nodes - - document_name: kubelet-n1 - common_name: system:node:n1 - hosts: - - n1 - - 172.24.1.11 - groups: - - system:nodes - - document_name: kubelet-n2 - common_name: system:node:n2 - hosts: - - n2 - - 172.24.1.12 - groups: - - system:nodes - - document_name: kubelet-n3 - common_name: system:node:n3 - hosts: - - n3 - - 172.24.1.13 - groups: - - system:nodes - - document_name: scheduler - description: Service certificate for Kubernetes scheduler - common_name: system:kube-scheduler - - document_name: controller-manager - description: certificate for controller-manager - common_name: system:kube-controller-manager - - document_name: admin - common_name: admin - groups: - - system:masters - - document_name: armada - common_name: armada - groups: - - system:masters - kubernetes-etcd: - description: Certificates for Kubernetes's etcd servers - certificates: - - document_name: apiserver-etcd - description: etcd client certificate for use by Kubernetes apiserver - common_name: apiserver - - document_name: kubernetes-etcd-anchor - description: anchor - common_name: anchor - - document_name: kubernetes-etcd-genesis - common_name: kubernetes-etcd-genesis - hosts: - - n0 - - 172.24.1.10 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - - document_name: kubernetes-etcd-n0 - common_name: kubernetes-etcd-n0 - hosts: - - n0 - - 172.24.1.10 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - - document_name: kubernetes-etcd-n1 - common_name: kubernetes-etcd-n1 - hosts: - - n1 - - 172.24.1.11 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - - document_name: kubernetes-etcd-n2 - common_name: kubernetes-etcd-n2 - hosts: - - n2 - - 172.24.1.12 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - - document_name: kubernetes-etcd-n3 - common_name: kubernetes-etcd-n3 - hosts: - - n3 - - 172.24.1.13 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - - kubernetes-etcd-peer: - certificates: - - document_name: kubernetes-etcd-genesis-peer - common_name: kubernetes-etcd-genesis-peer - hosts: - - n0 - - 172.24.1.10 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - - document_name: kubernetes-etcd-n0-peer - common_name: kubernetes-etcd-n0-peer - hosts: - - n0 - - 172.24.1.10 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - - document_name: kubernetes-etcd-n1-peer - common_name: kubernetes-etcd-n1-peer - hosts: - - n1 - - 172.24.1.11 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - - document_name: kubernetes-etcd-n2-peer - common_name: kubernetes-etcd-n2-peer - hosts: - - n2 - - 172.24.1.12 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - - document_name: kubernetes-etcd-n3-peer - common_name: kubernetes-etcd-n3-peer - hosts: - - n3 - - 172.24.1.13 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - calico-etcd: - description: Certificates for Calico etcd client traffic - certificates: - - document_name: calico-etcd-anchor - description: anchor - common_name: anchor - - document_name: calico-etcd-genesis - common_name: calico-etcd-genesis - hosts: - - n0 - - 172.24.1.10 - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-etcd-n0 - common_name: calico-etcd-n0 - hosts: - - n0 - - 172.24.1.10 - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-etcd-n1 - common_name: calico-etcd-n1 - hosts: - - n1 - - 172.24.1.11 - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-etcd-n2 - common_name: calico-etcd-n2 - hosts: - - n2 - - 172.24.1.12 - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-etcd-n3 - common_name: calico-etcd-n3 - hosts: - - n3 - - 172.24.1.13 - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-node - common_name: calcico-node - calico-etcd-peer: - description: Certificates for Calico etcd clients - certificates: - - document_name: calico-etcd-genesis-peer - common_name: calico-etcd-genesis-peer - hosts: - - n0 - - 172.24.1.10 - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-etcd-n0-peer - common_name: calico-etcd-n0-peer - hosts: - - n0 - - 172.24.1.10 - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-etcd-n1-peer - common_name: calico-etcd-n1-peer - hosts: - - n1 - - 172.24.1.11 - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-etcd-n2-peer - common_name: calico-etcd-n2-peer - hosts: - - n2 - - 172.24.1.12 - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-etcd-n3-peer - common_name: calico-etcd-n3-peer - hosts: - - n3 - - 172.24.1.13 - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-node-peer - common_name: calcico-node-peer - keypairs: - - name: service-account - description: Service account signing key for use by Kubernetes controller-manager. -... diff --git a/deployment_files/site/gate-multinode/profile/hardware/generic_vm.yaml b/deployment_files/site/gate-multinode/profile/hardware/generic_vm.yaml deleted file mode 100644 index 530ac91d..00000000 --- a/deployment_files/site/gate-multinode/profile/hardware/generic_vm.yaml +++ /dev/null @@ -1,23 +0,0 @@ ---- -schema: 'drydock/HardwareProfile/v1' -metadata: - schema: 'metadata/Document/v1' - name: GenericVM - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - vendor: 'Dell' - generation: '1' - hw_version: '2' - bios_version: '2.2.3' - boot_mode: 'bios' - bootstrap_protocol: 'pxe' - pxe_interface: 0 - device_aliases: - pnic01: - bus_type: 'pci' - dev_type: 'Intel 10Gbps NIC' - address: '0000:00:03.0' -... diff --git a/deployment_files/site/gate-multinode/profile/host/defaults.yaml b/deployment_files/site/gate-multinode/profile/host/defaults.yaml deleted file mode 100644 index cd51eb69..00000000 --- a/deployment_files/site/gate-multinode/profile/host/defaults.yaml +++ /dev/null @@ -1,49 +0,0 @@ ---- -schema: 'drydock/HostProfile/v1' -metadata: - name: defaults - schema: 'metadata/Document/v1' - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - hardware_profile: 'GenericVM' - oob: - type: 'libvirt' - libvirt_uri: 'qemu+ssh://virtmgr@172.24.1.1/system' - storage: - physical_devices: - vda: - labels: - bootdrive: 'true' - partitions: - - name: 'root' - size: '20g' - bootable: true - filesystem: - mountpoint: '/' - fstype: 'ext4' - mount_options: 'defaults' - - name: 'boot' - size: '1g' - filesystem: - mountpoint: '/boot' - fstype: 'ext4' - mount_options: 'defaults' - - primary_network: pxe - interfaces: - ens3: - device_link: pxe - slaves: - - ens3 - networks: - - pxe - platform: - image: 'xenial' - kernel: 'hwe-16.04' - metadata: - tags: - - 'foo' -... diff --git a/deployment_files/site/gate-multinode/profile/region.yaml b/deployment_files/site/gate-multinode/profile/region.yaml deleted file mode 100644 index 27af9acc..00000000 --- a/deployment_files/site/gate-multinode/profile/region.yaml +++ /dev/null @@ -1,21 +0,0 @@ ---- -schema: 'drydock/Region/v1' -metadata: - schema: 'metadata/Document/v1' - name: 'gate-multinode' - layeringDefinition: - abstract: false - layer: site - storagePolicy: 'cleartext' - substitutions: - - src: - schema: deckhand/Certificate/v1 - name: ubuntu_ssh_key - path: . - dest: - path: .authorized_keys[0] - labels: - application: 'drydock' -data: - authorized_keys: [] -... diff --git a/deployment_files/site/gate-multinode/secrets/passphrases/ceph_swift_keystone_password.yaml b/deployment_files/site/gate-multinode/secrets/passphrases/ceph_swift_keystone_password.yaml deleted file mode 100644 index 4f45cbe0..00000000 --- a/deployment_files/site/gate-multinode/secrets/passphrases/ceph_swift_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ceph_swift_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password1 -... diff --git a/deployment_files/site/gate-multinode/secrets/passphrases/ipmi_admin_password.yaml b/deployment_files/site/gate-multinode/secrets/passphrases/ipmi_admin_password.yaml deleted file mode 100644 index 7f2e7941..00000000 --- a/deployment_files/site/gate-multinode/secrets/passphrases/ipmi_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ipmi_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: calvin -... diff --git a/deployment_files/site/gate-multinode/secrets/passphrases/maas_region_secret.yaml b/deployment_files/site/gate-multinode/secrets/passphrases/maas_region_secret.yaml deleted file mode 100644 index aedf9281..00000000 --- a/deployment_files/site/gate-multinode/secrets/passphrases/maas_region_secret.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: maas-region-key - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: 3858f62230ac3c915f300c664312c63f -... diff --git a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_airflow_oslo_messaging_password.yaml b/deployment_files/site/gate-multinode/secrets/passphrases/ucp_airflow_oslo_messaging_password.yaml deleted file mode 100644 index 66791a4d..00000000 --- a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_airflow_oslo_messaging_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_airflow_oslo_messaging_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password20 -... diff --git a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_airflow_postgres_password.yaml b/deployment_files/site/gate-multinode/secrets/passphrases/ucp_airflow_postgres_password.yaml deleted file mode 100644 index 119a8a40..00000000 --- a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_airflow_postgres_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_airflow_postgres_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password2 -... diff --git a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_armada_keystone_password.yaml b/deployment_files/site/gate-multinode/secrets/passphrases/ucp_armada_keystone_password.yaml deleted file mode 100644 index cbb8575e..00000000 --- a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_armada_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_armada_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password3 -... diff --git a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_barbican_keystone_password.yaml b/deployment_files/site/gate-multinode/secrets/passphrases/ucp_barbican_keystone_password.yaml deleted file mode 100644 index e786cbb3..00000000 --- a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_barbican_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_barbican_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password4 -... diff --git a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_barbican_oslo_db_password.yaml b/deployment_files/site/gate-multinode/secrets/passphrases/ucp_barbican_oslo_db_password.yaml deleted file mode 100644 index 7f21161f..00000000 --- a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_barbican_oslo_db_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_barbican_oslo_db_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password5 -... diff --git a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_deckhand_keystone_password.yaml b/deployment_files/site/gate-multinode/secrets/passphrases/ucp_deckhand_keystone_password.yaml deleted file mode 100644 index 6532aae8..00000000 --- a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_deckhand_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_deckhand_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password6 -... diff --git a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_deckhand_postgres_password.yaml b/deployment_files/site/gate-multinode/secrets/passphrases/ucp_deckhand_postgres_password.yaml deleted file mode 100644 index d78dde68..00000000 --- a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_deckhand_postgres_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_deckhand_postgres_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password7 -... diff --git a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_drydock_keystone_password.yaml b/deployment_files/site/gate-multinode/secrets/passphrases/ucp_drydock_keystone_password.yaml deleted file mode 100644 index 9a97f8f6..00000000 --- a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_drydock_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_drydock_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password8 -... diff --git a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_drydock_kvm_ssh_key.yaml b/deployment_files/site/gate-multinode/secrets/passphrases/ucp_drydock_kvm_ssh_key.yaml deleted file mode 100644 index 25b98e5c..00000000 --- a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_drydock_kvm_ssh_key.yaml +++ /dev/null @@ -1,38 +0,0 @@ ---- -schema: deckhand/CertificateKey/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_drydock_kvm_ssh_key - layeringDefinition: - layer: site - abstract: false - storagePolicy: cleartext -data: |- - -----BEGIN RSA PRIVATE KEY----- - MIIEowIBAAKCAQEA1K4inGpze6uhnMO2Wf74AE5i6rbMBLppZaguwvWx25bgt0Ie - q3WbQiT+rA0897lO1s551mDMKmtbxM5k28ai3uymcv5tgcN5APeO+gfXNQeOZ4s6 - kcgDpSQTSmkYLJZCOqPjrPEJvSKo7SAy+kJkAjBAqfCYfwo9t/yqXTRr+ugKTujz - mBn8N2NNNwfi2VIF1Kcav4Nbwn96npYfIRuwGZWf9jykdGmzL/sm2m1G1WxxSIgZ - n4hKkZqHbHClmGUKex7GzJ1vDz/YhVHMDgyjIqSsioIA8GE/TkEL8+LJe/ecWPsI - gReYtrHtbRP7nau7xoa0AGCp+OELiCYeKtnBgQIDAQABAoIBAGsjBYByB5bHEPSd - iqCvVlMhKac/SmsfVLTHEjdX+a66xJzMjBKnffzGEhyt1oacLOD8xld+D5tW1bXA - mwIzgBx4bikDjjqOM8iO7NF7XafzFIOImYqSjXOFRsp3QpxDXT2ZDboy+kryyNIb - JFL5WtPXZtu0vb1RdWHXwCKPo82SZoUJYWFBSZ+6+O1cKFCGxhYOPytFtMkoco7R - 52L+wpbYdnrY8hcOzj/sojfiXicyOxJJQ8D/p1LjGRr6arL7hbPnPM+p+zEzX6Zy - zu/tREK7aJ865BXoJ4dzHm1OoE+HUnT2OFfe2+0bGpPLc/50gDQV7zTPpxp8vJDb - gzAnayECgYEA/0dqZhu1W5L1jCVOI4akMf629Novs6f4UreQE4le7U/nhMN6W+kp - RB2hz+d8owgw7wvx0LIhBmtGO1PgLYvrDJdzJ3Q283z72BQfZ6ubzZzzvz3esSYR - ARdRVZ2QBksOuFZRLD0AjjoqrlnCGczimI59tv45N/z2lNxqvbta450CgYEA1Ufq - 8FkfFIukMx3gOgV/+rmKD6UNbvKlVncAagB/Ig9eEl0eBlp0bInCFVv1oiFRJCBr - vpq3XZBnlwhkgTAdDx+yYO6MVR3OsDPDiqdr2re1deDfZa6k8JD1Z6S2ATlhWIok - IqifbMewu/l7ekvrf9zQB+PAKKiO/F+VkQLOijUCgYAKxSuTBUZAh9G+SPCkBRE2 - XsW/TNlIXiTW8JGukVQk9QMSkeC+sfagvhNOnzid9EGERF++a1WDXNFIvYAuy8Ft - 9ZHRL1EGMta5RhgRGqdnJGEQR372wGFlR2OSFiS2b0I+ur2P/T7hwUh9tKHAzukc - gJ6DMvSdDRomK6qBOL9b7QKBgAFFv5IVhgjyWFVxvS+7bqsJRliXjH/39KKSbS80 - t411eAM2CQLSsVUgcUb9WHbSKhDEHMBzXdqyDNwq0aavqcy4TLElWzL6zYvhky4V - l6AjbnK4l7yckSFaTAyFQAy70efcUyDdzq2wd053y5PMNih6IceaRUA42TmKPHM0 - CBVtAoGBALZFV3fpPU/nEiblaCQTc7fqJ9hxIOr2HSUXCae2yOqQNpOkRA/1KLnM - HaH88P6fibYdE6VtA3HcLgCQyB6wL/GoFGHkTloBRzZeSIFTW0bjwsVUFXkC/jyG - FxVZOaooEhP7Su5IBrDxbTqeKHgsDoU+gAiL0LWjt9lsvbttNbe+ - -----END RSA PRIVATE KEY----- -... diff --git a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_drydock_postgres_password.yaml b/deployment_files/site/gate-multinode/secrets/passphrases/ucp_drydock_postgres_password.yaml deleted file mode 100644 index de755270..00000000 --- a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_drydock_postgres_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_drydock_postgres_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password9 -... diff --git a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_keystone_admin_password.yaml b/deployment_files/site/gate-multinode/secrets/passphrases/ucp_keystone_admin_password.yaml deleted file mode 100644 index 76e00856..00000000 --- a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_keystone_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_keystone_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password10 -... diff --git a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_keystone_oslo_db_password.yaml b/deployment_files/site/gate-multinode/secrets/passphrases/ucp_keystone_oslo_db_password.yaml deleted file mode 100644 index c06c742f..00000000 --- a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_keystone_oslo_db_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_keystone_oslo_db_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password11 -... diff --git a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_maas_admin_password.yaml b/deployment_files/site/gate-multinode/secrets/passphrases/ucp_maas_admin_password.yaml deleted file mode 100644 index 4242f37e..00000000 --- a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_maas_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_maas_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password12 -... diff --git a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_maas_postgres_password.yaml b/deployment_files/site/gate-multinode/secrets/passphrases/ucp_maas_postgres_password.yaml deleted file mode 100644 index e3a83ecc..00000000 --- a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_maas_postgres_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_maas_postgres_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password13 -... diff --git a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_oslo_db_admin_password.yaml b/deployment_files/site/gate-multinode/secrets/passphrases/ucp_oslo_db_admin_password.yaml deleted file mode 100644 index bb77ab63..00000000 --- a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_oslo_db_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_oslo_db_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password14 -... diff --git a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_oslo_messaging_password.yaml b/deployment_files/site/gate-multinode/secrets/passphrases/ucp_oslo_messaging_password.yaml deleted file mode 100644 index 0ff710c6..00000000 --- a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_oslo_messaging_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_oslo_messaging_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password15 -... diff --git a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_postgres_admin_password.yaml b/deployment_files/site/gate-multinode/secrets/passphrases/ucp_postgres_admin_password.yaml deleted file mode 100644 index 85f97901..00000000 --- a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_postgres_admin_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_postgres_admin_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password16 -... diff --git a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_promenade_keystone_password.yaml b/deployment_files/site/gate-multinode/secrets/passphrases/ucp_promenade_keystone_password.yaml deleted file mode 100644 index 17668eed..00000000 --- a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_promenade_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_promenade_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password17 -... diff --git a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml b/deployment_files/site/gate-multinode/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml deleted file mode 100644 index 99d8d8b8..00000000 --- a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_rabbitmq_erlang_cookie - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: 111df8c05b0f041d4764 -... diff --git a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_shipyard_keystone_password.yaml b/deployment_files/site/gate-multinode/secrets/passphrases/ucp_shipyard_keystone_password.yaml deleted file mode 100644 index ff5b8240..00000000 --- a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_shipyard_keystone_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_shipyard_keystone_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password18 -... diff --git a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_shipyard_postgres_password.yaml b/deployment_files/site/gate-multinode/secrets/passphrases/ucp_shipyard_postgres_password.yaml deleted file mode 100644 index d6c8044c..00000000 --- a/deployment_files/site/gate-multinode/secrets/passphrases/ucp_shipyard_postgres_password.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -schema: deckhand/Passphrase/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_shipyard_postgres_password - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: password19 -... diff --git a/deployment_files/site/gate-multinode/site-definition.yaml b/deployment_files/site/gate-multinode/site-definition.yaml deleted file mode 100644 index edec698e..00000000 --- a/deployment_files/site/gate-multinode/site-definition.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -data: - revision: v1.0demo - site_type: single-node -metadata: - layeringDefinition: {abstract: false, layer: site} - name: gate-multinode - schema: metadata/Document/v1 - storagePolicy: cleartext -schema: pegleg/SiteDefinition/v1 -... diff --git a/deployment_files/site/gate-multinode/software/charts/kubernetes/container-networking/etcd.yaml b/deployment_files/site/gate-multinode/software/charts/kubernetes/container-networking/etcd.yaml deleted file mode 100644 index 4a97a8b3..00000000 --- a/deployment_files/site/gate-multinode/software/charts/kubernetes/container-networking/etcd.yaml +++ /dev/null @@ -1,188 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-calico-etcd - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: kubernetes-calico-etcd-global - actions: - - method: merge - path: . - storagePolicy: cleartext - substitutions: - - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.calico.etcd - dest: - path: .source - - # Image versions - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.calico.etcd - dest: - path: .values.images.tags - - # IP addresses - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .calico.etcd.service_ip - dest: - path: .values.service.ip - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .calico.etcd.service_ip - dest: - path: .values.anchor.etcdctl_endpoint - - # CAs - - - src: - schema: deckhand/CertificateAuthority/v1 - name: calico-etcd - path: . - dest: - path: .values.secrets.tls.client.ca - - - src: - schema: deckhand/CertificateAuthority/v1 - name: calico-etcd-peer - path: . - dest: - path: .values.secrets.tls.peer.ca - - # Anchor client cert - - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-anchor - path: . - dest: - path: .values.secrets.anchor.tls.cert - - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-anchor - path: . - dest: - path: .values.secrets.anchor.tls.key - - # Server certs - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-n0 - path: . - dest: - path: .values.nodes[0].tls.client.cert - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-n0 - path: . - dest: - path: .values.nodes[0].tls.client.key - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-n0-peer - path: . - dest: - path: .values.nodes[0].tls.peer.cert - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-n0-peer - path: . - dest: - path: .values.nodes[0].tls.peer.key - - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-n1 - path: . - dest: - path: .values.nodes[1].tls.client.cert - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-n1 - path: . - dest: - path: .values.nodes[1].tls.client.key - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-n1-peer - path: . - dest: - path: .values.nodes[1].tls.peer.cert - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-n1-peer - path: . - dest: - path: .values.nodes[1].tls.peer.key - - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-n2 - path: . - dest: - path: .values.nodes[2].tls.client.cert - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-n2 - path: . - dest: - path: .values.nodes[2].tls.client.key - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-n2-peer - path: . - dest: - path: .values.nodes[2].tls.peer.cert - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-n2-peer - path: . - dest: - path: .values.nodes[2].tls.peer.key - - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-n3 - path: . - dest: - path: .values.nodes[3].tls.client.cert - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-n3 - path: . - dest: - path: .values.nodes[3].tls.client.key - - src: - schema: deckhand/Certificate/v1 - name: calico-etcd-n3-peer - path: . - dest: - path: .values.nodes[3].tls.peer.cert - - src: - schema: deckhand/CertificateKey/v1 - name: calico-etcd-n3-peer - path: . - dest: - path: .values.nodes[3].tls.peer.key -data: - values: - nodes: - - name: n0 - - name: n1 - - name: n2 - - name: n3 -... diff --git a/deployment_files/site/gate-multinode/software/charts/kubernetes/etcd/etcd.yaml b/deployment_files/site/gate-multinode/software/charts/kubernetes/etcd/etcd.yaml deleted file mode 100644 index 923f599d..00000000 --- a/deployment_files/site/gate-multinode/software/charts/kubernetes/etcd/etcd.yaml +++ /dev/null @@ -1,185 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-etcd - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: kubernetes-etcd-global - actions: - - method: merge - path: . - storagePolicy: cleartext - substitutions: - - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.kubernetes.etcd - dest: - path: .source - - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.kubernetes.etcd - dest: - path: .values.images.tags - - # IP addresses - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.etcd_service_ip - dest: - path: .values.service.ip - - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.etcd_service_ip - dest: - path: .values.anchor.etcdctl_endpoint - - # CAs - - - src: - schema: deckhand/CertificateAuthority/v1 - name: kubernetes-etcd - path: . - dest: - path: .values.secrets.tls.client.ca - - - src: - schema: deckhand/CertificateAuthority/v1 - name: kubernetes-etcd-peer - path: . - dest: - path: .values.secrets.tls.peer.ca - - - - src: - schema: deckhand/Certificate/v1 - name: kubernetes-etcd-anchor - path: . - dest: - path: .values.secrets.anchor.tls.cert - - - src: - schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-anchor - path: . - dest: - path: .values.secrets.anchor.tls.key - - # Server certs - - src: - schema: deckhand/Certificate/v1 - name: kubernetes-etcd-n0 - path: . - dest: - path: '.values.nodes[0].tls.client.cert' - - src: - schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-n0 - path: . - dest: - path: '.values.nodes[0].tls.client.key' - - src: - schema: deckhand/Certificate/v1 - name: kubernetes-etcd-n0-peer - path: . - dest: - path: '.values.nodes[0].tls.peer.cert' - - src: - schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-n0-peer - path: . - dest: - path: '.values.nodes[0].tls.peer.key' - - src: - schema: deckhand/Certificate/v1 - name: kubernetes-etcd-n1 - path: . - dest: - path: '.values.nodes[1].tls.client.cert' - - src: - schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-n1 - path: . - dest: - path: '.values.nodes[1].tls.client.key' - - src: - schema: deckhand/Certificate/v1 - name: kubernetes-etcd-n1-peer - path: . - dest: - path: '.values.nodes[1].tls.peer.cert' - - src: - schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-n1-peer - path: . - dest: - path: '.values.nodes[1].tls.peer.key' - - src: - schema: deckhand/Certificate/v1 - name: kubernetes-etcd-n2 - path: . - dest: - path: '.values.nodes[2].tls.client.cert' - - src: - schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-n2 - path: . - dest: - path: '.values.nodes[2].tls.client.key' - - src: - schema: deckhand/Certificate/v1 - name: kubernetes-etcd-n2-peer - path: . - dest: - path: '.values.nodes[2].tls.peer.cert' - - src: - schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-n2-peer - path: . - dest: - path: '.values.nodes[2].tls.peer.key' - - src: - schema: deckhand/Certificate/v1 - name: kubernetes-etcd-n3 - path: . - dest: - path: '.values.nodes[3].tls.client.cert' - - src: - schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-n3 - path: . - dest: - path: '.values.nodes[3].tls.client.key' - - src: - schema: deckhand/Certificate/v1 - name: kubernetes-etcd-n3-peer - path: . - dest: - path: '.values.nodes[3].tls.peer.cert' - - src: - schema: deckhand/CertificateKey/v1 - name: kubernetes-etcd-n3-peer - path: . - dest: - path: '.values.nodes[3].tls.peer.key' - -data: - values: - nodes: - - name: n0 - - name: n1 - - name: n2 - - name: n3 -... diff --git a/deployment_files/site/gate-multinode/software/charts/kubernetes/ingress/ingress.yaml b/deployment_files/site/gate-multinode/software/charts/kubernetes/ingress/ingress.yaml deleted file mode 100644 index ed8008cc..00000000 --- a/deployment_files/site/gate-multinode/software/charts/kubernetes/ingress/ingress.yaml +++ /dev/null @@ -1,24 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ingress-kube-system - replacement: true - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: ingress-kube-system - actions: - - method: merge - path: . - storagePolicy: cleartext -data: - values: - network: - ingress: - disable-ipv6: "true" - vip: - manage: true - addr: '172.24.1.6/32' -... diff --git a/deployment_files/site/gate-multinode/software/charts/ucp/drydock/drydock.yaml b/deployment_files/site/gate-multinode/software/charts/ucp/drydock/drydock.yaml deleted file mode 100644 index fd0e613e..00000000 --- a/deployment_files/site/gate-multinode/software/charts/ucp/drydock/drydock.yaml +++ /dev/null @@ -1,38 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-drydock - replacement: true - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: ucp-drydock - actions: - - method: merge - path: . - storagePolicy: cleartext - substitutions: - - src: - schema: deckhand/CertificateKey/v1 - name: airship_drydock_kvm_ssh_key - path: . - dest: - path: .values.conf.ssh.private_key -data: - values: - manifests: - secret_ssh_key: true - pod: - security_context: - drydock: - pod: - runAsUser: 0 - conf: - drydock: - plugins: - oob_driver: - - 'drydock_provisioner.drivers.oob.pyghmi_driver.driver.PyghmiDriver' - - 'drydock_provisioner.drivers.oob.libvirt_driver.driver.LibvirtDriver' -... diff --git a/deployment_files/site/gate-multinode/software/charts/ucp/drydock/maas.yaml b/deployment_files/site/gate-multinode/software/charts/ucp/drydock/maas.yaml deleted file mode 100644 index 2023a1b6..00000000 --- a/deployment_files/site/gate-multinode/software/charts/ucp/drydock/maas.yaml +++ /dev/null @@ -1,35 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-maas - replacement: true - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: ucp-maas - actions: - - method: merge - path: . - storagePolicy: cleartext - substitutions: - - src: - schema: deckhand/CertificateKey/v1 - name: airship_drydock_kvm_ssh_key - path: . - dest: - path: .values.conf.ssh.private_key -data: - values: - manifests: - secret_ssh_key: true - conf: - maas: - dns: {dns_servers: '172.24.1.9'} - ntp: {use_external_only: 'true' } - cache: {enabled: true} - network: - maas_ingress: - addr: '172.24.1.5/32' -... diff --git a/deployment_files/site/gate-multinode/software/charts/ucp/storage_provisioner/ceph-config-os.yaml b/deployment_files/site/gate-multinode/software/charts/ucp/storage_provisioner/ceph-config-os.yaml deleted file mode 100644 index 197287d0..00000000 --- a/deployment_files/site/gate-multinode/software/charts/ucp/storage_provisioner/ceph-config-os.yaml +++ /dev/null @@ -1,123 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: os-ceph-config - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.ceph - dest: - path: .source - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ceph.ceph - dest: - path: .values.images.tags - # IP addresses - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .storage.ceph.public_cidr - dest: - path: .values.network.public - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .storage.ceph.cluster_cidr - dest: - path: .values.network.cluster - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.identity - dest: - path: .values.endpoints.identity - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ceph.object_store - dest: - path: .values.endpoints.object_store - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ceph.ceph_mon - dest: - path: .values.endpoints.ceph_mon - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ceph.ceph_mgr - dest: - path: .values.endpoints.ceph_mgr - # Credentials - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.keystone.admin - dest: - path: .values.endpoints.identity.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ceph.swift.keystone - dest: - path: .values.endpoints.identity.auth.swift - # Secrets - - dest: - path: .values.endpoints.identity.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_keystone_admin_password - path: . - - dest: - path: .values.endpoints.identity.auth.swift.password - src: - schema: deckhand/Passphrase/v1 - name: ceph_swift_keystone_password - path: . -data: - chart_name: os-ceph-config - release: os-ceph-config - namespace: openstack - timeout: 3600 - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - application: ceph - component: namespace-client-key-generator - values: - labels: - job: - node_selector_key: ucp-control-plane - node_selector_value: enabled - provisioner: - node_selector_key: ucp-control-plane - node_selector_value: enabled - ceph: - rgw_keystone_auth: true - deployment: - storage_secrets: false - ceph: false - rbd_provisioner: false - cephfs_provisioner: false - client_secrets: true - rgw_keystone_user_and_endpoints: false - dependencies: - - ceph_htk -... diff --git a/deployment_files/site/gate-multinode/software/charts/ucp/storage_provisioner/ceph-config.yaml b/deployment_files/site/gate-multinode/software/charts/ucp/storage_provisioner/ceph-config.yaml deleted file mode 100644 index 3aa44724..00000000 --- a/deployment_files/site/gate-multinode/software/charts/ucp/storage_provisioner/ceph-config.yaml +++ /dev/null @@ -1,123 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-ceph-config - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.ceph - dest: - path: .source - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ceph.ceph - dest: - path: .values.images.tags - # IP addresses - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .storage.ceph.public_cidr - dest: - path: .values.network.public - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .storage.ceph.cluster_cidr - dest: - path: .values.network.cluster - # Endpoints - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.identity - dest: - path: .values.endpoints.identity - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ceph.object_store - dest: - path: .values.endpoints.object_store - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ceph.ceph_mon - dest: - path: .values.endpoints.ceph_mon - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ceph.ceph_mgr - dest: - path: .values.endpoints.ceph_mgr - # Credentials - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.keystone.admin - dest: - path: .values.endpoints.identity.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ceph.swift.keystone - dest: - path: .values.endpoints.identity.auth.swift - # Secrets - - dest: - path: .values.endpoints.identity.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_keystone_admin_password - path: . - - dest: - path: .values.endpoints.identity.auth.swift.password - src: - schema: deckhand/Passphrase/v1 - name: ceph_swift_keystone_password - path: . -data: - chart_name: ucp-ceph-config - release: ucp-ceph-config - namespace: ucp - timeout: 3600 - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - application: ceph - component: namespace-client-key-generator - values: - labels: - job: - node_selector_key: ucp-control-plane - node_selector_value: enabled - provisioner: - node_selector_key: ucp-control-plane - node_selector_value: enabled - ceph: - rgw_keystone_auth: true - deployment: - storage_secrets: false - ceph: false - rbd_provisioner: false - cephfs_provisioner: false - client_secrets: true - rgw_keystone_user_and_endpoints: false - dependencies: - - ceph_htk -... diff --git a/deployment_files/site/gate-multinode/software/charts/ucp/storage_provisioner/ceph.yaml b/deployment_files/site/gate-multinode/software/charts/ucp/storage_provisioner/ceph.yaml deleted file mode 100644 index 8781e992..00000000 --- a/deployment_files/site/gate-multinode/software/charts/ucp/storage_provisioner/ceph.yaml +++ /dev/null @@ -1,277 +0,0 @@ ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-ceph - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - # Chart source - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.ceph - dest: - path: .source - # Images - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .images.ceph.ceph - dest: - path: .values.images.tags - # IP addresses - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostcidr - dest: - path: .values.network.public - - src: - schema: dev/Configurables/v1 - name: dev-configurables - path: .hostcidr - dest: - path: .values.network.cluster - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ucp.identity - dest: - path: .values.endpoints.identity - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ceph.object_store - dest: - path: .values.endpoints.object_store - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ceph.ceph_mon - dest: - path: .values.endpoints.ceph_mon - - src: - schema: pegleg/EndpointCatalogue/v1 - name: ucp_endpoints - path: .ceph.ceph_mgr - dest: - path: .values.endpoints.ceph_mgr - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ucp.keystone.admin - dest: - path: .values.endpoints.identity.auth.admin - - src: - schema: pegleg/AccountCatalogue/v1 - name: ucp_service_accounts - path: .ceph.swift.keystone - dest: - path: .values.endpoints.identity.auth.swift - # Secrets - - dest: - path: .values.endpoints.identity.auth.admin.password - src: - schema: deckhand/Passphrase/v1 - name: ucp_keystone_admin_password - path: . - - dest: - path: .values.endpoints.identity.auth.swift.password - src: - schema: deckhand/Passphrase/v1 - name: ceph_swift_keystone_password - path: . -data: - chart_name: ceph - release: ucp-ceph - namespace: ceph - timeout: 900 - wait: - timeout: 900 - install: - no_hooks: false - upgrade: - no_hooks: false - pre: - delete: - - type: job - labels: - application: ceph - component: bootstrap - - type: job - labels: - application: ceph - component: mds-keyring-generator - - type: job - labels: - application: ceph - component: mon-keyring-generator - - type: job - labels: - application: ceph - component: rgw-keyring-generator - - type: job - labels: - application: ceph - component: storage-keys-generator - - type: job - labels: - application: ceph - component: osd-keyring-generator - values: - labels: - job: - node_selector_key: ucp-control-plane - node_selector_value: enabled - provisioner: - node_selector_key: ucp-control-plane - node_selector_value: enabled - endpoints: - identity: - namespace: openstack - object_store: - namespace: ceph - ceph_mon: - namespace: ceph - ceph: - rgw_keystone_auth: true - deployment: - ceph: true - client_secrets: false - rbd_provisioner: true - cephfs_provisioner: true - rgw_keystone_user_and_endpoints: false - storage_secrets: true - bootstrap: - enabled: true - conf: - storage: - osd: - - data: - type: directory - location: /var/lib/openstack-helm/ceph/osd/osd-one - journal: - type: directory - location: /var/lib/openstack-helm/ceph/osd/journal-one - rgw_ks: - enabled: true - ceph: - global: - fsid: '88904ebb-f6fc-48b1-80ec-e1915cfa84a9' - osd_pool_default_size: 1 - osd: - osd_crush_chooseleaf_type: 0 - pool: - crush: - tunables: 'hammer' - target: - osd: 1 - pg_per_osd: 100 - default: - crush_rule: same_host - spec: - # RBD pool - - name: rbd - application: rbd - replication: 1 - percent_total_data: 40 - # CephFS pools - - name: cephfs_metadata - application: cephfs - replication: 1 - percent_total_data: 5 - - name: cephfs_data - application: cephfs - replication: 1 - percent_total_data: 10 - # RadosGW pools - - name: .rgw.root - application: rgw - replication: 1 - percent_total_data: 0.1 - - name: default.rgw.control - application: rgw - replication: 1 - percent_total_data: 0.1 - - name: default.rgw.data.root - application: rgw - replication: 1 - percent_total_data: 0.1 - - name: default.rgw.gc - application: rgw - replication: 1 - percent_total_data: 0.1 - - name: default.rgw.log - application: rgw - replication: 1 - percent_total_data: 0.1 - - name: default.rgw.intent-log - application: rgw - replication: 1 - percent_total_data: 0.1 - - name: default.rgw.meta - application: rgw - replication: 1 - percent_total_data: 0.1 - - name: default.rgw.usage - application: rgw - replication: 1 - percent_total_data: 0.1 - - name: default.rgw.users.keys - application: rgw - replication: 1 - percent_total_data: 0.1 - - name: default.rgw.users.email - application: rgw - replication: 1 - percent_total_data: 0.1 - - name: default.rgw.users.swift - application: rgw - replication: 1 - percent_total_data: 0.1 - - name: default.rgw.users.uid - application: rgw - replication: 1 - percent_total_data: 0.1 - - name: default.rgw.buckets.extra - application: rgw - replication: 1 - percent_total_data: 0.1 - - name: default.rgw.buckets.index - application: rgw - replication: 1 - percent_total_data: 3 - - name: default.rgw.buckets.data - application: rgw - replication: 1 - percent_total_data: 34.8 - dependencies: - - ceph_htk -... ---- -schema: armada/Chart/v1 -metadata: - schema: metadata/Document/v1 - name: ceph_htk - layeringDefinition: - abstract: false - layer: global - storagePolicy: cleartext - substitutions: - - src: - schema: pegleg/SoftwareVersions/v1 - name: software-versions - path: .charts.ucp.ceph-htk - dest: - path: .source -data: - chart_name: ceph_htk - release: ceph_htk - namespace: ceph_htk - timeout: 100 - values: {} - dependencies: [] -... diff --git a/deployment_files/site/gate-multinode/software/charts/ucp/storage_provisioner/chart-group.yaml b/deployment_files/site/gate-multinode/software/charts/ucp/storage_provisioner/chart-group.yaml deleted file mode 100644 index fdd4e0a5..00000000 --- a/deployment_files/site/gate-multinode/software/charts/ucp/storage_provisioner/chart-group.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -schema: armada/ChartGroup/v1 -metadata: - schema: metadata/Document/v1 - name: ucp-storage-provisioner - replacement: true - labels: - name: ucp-storage-provisioner - group: ucp - service: k8_storage_provisioning - layeringDefinition: - abstract: false - layer: site - actions: - - method: merge - path: . - parentSelector: - name: ucp-storage-provisioner - storagePolicy: cleartext -data: - description: Kubernetes Storage Provisioner - sequenced: true - chart_group: - - ucp-ceph - - ucp-ceph-config - - os-ceph-config diff --git a/deployment_files/site/gate-multinode/software/configs/endpoints.yaml b/deployment_files/site/gate-multinode/software/configs/endpoints.yaml deleted file mode 100644 index f1657d66..00000000 --- a/deployment_files/site/gate-multinode/software/configs/endpoints.yaml +++ /dev/null @@ -1,33 +0,0 @@ ---- -schema: pegleg/EndpointCatalogue/v1 -metadata: - schema: metadata/Document/v1 - name: ucp_endpoints - replacement: true - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: ucp_endpoints - actions: - - method: merge - path: . - storagePolicy: cleartext -# Override endpoints specified at the global layer, in support of a -# dns server -data: - ucp: - physicalprovisioner: - host_fqdn_override: - public: drydock.gate.local - maas_region: - host_fqdn_override: - public: maas.gate.local - identity: - host_fqdn_override: - public: keystone.gate.local - shipyard: - host_fqdn_override: - public: shipyard.gate.local -... - diff --git a/deployment_files/site/gate-multinode/software/configs/versions.yaml b/deployment_files/site/gate-multinode/software/configs/versions.yaml deleted file mode 100644 index c6ecea2c..00000000 --- a/deployment_files/site/gate-multinode/software/configs/versions.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -schema: pegleg/SoftwareVersions/v1 -metadata: - schema: metadata/Document/v1 - name: software-versions - replacement: true - layeringDefinition: - abstract: false - layer: site - parentSelector: - name: software-versions - actions: - - method: merge - path: . - storagePolicy: cleartext -# This document is merged with the globals, and is where you can override -# versions to match a patchset, for example. Anything specified in the global -# versions can be overridden, such as chart or image versions. -data: - charts: {} - images: {} -... diff --git a/deployment_files/type/single-node/v1.0demo/network/KubernetesNetwork.yaml b/deployment_files/type/single-node/v1.0demo/network/KubernetesNetwork.yaml deleted file mode 100644 index 4903556f..00000000 --- a/deployment_files/type/single-node/v1.0demo/network/KubernetesNetwork.yaml +++ /dev/null @@ -1,87 +0,0 @@ ---- -schema: promenade/KubernetesNetwork/v1 -metadata: - schema: metadata/Document/v1 - name: kubernetes-network - layeringDefinition: - abstract: false - layer: type - storagePolicy: cleartext - substitutions: - # DNS - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .dns.cluster_domain - dest: - path: .dns.cluster_domain - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .dns.service_ip - dest: - path: .dns.service_ip - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .dns.upstream_servers - dest: - path: .dns.upstream_servers - - # Kubernetes IPs - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.api_service_ip - dest: - path: .kubernetes.service_ip - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.pod_cidr - dest: - path: .kubernetes.pod_cidr - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.service_cidr - dest: - path: .kubernetes.service_cidr - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.etcd_service_ip - dest: - path: .etcd.service_ip - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .etcd.container_port - dest: - path: .etcd.container_port - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .etcd.haproxy_port - dest: - path: .etcd.haproxy_port - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.apiserver_port - dest: - path: .kubernetes.apiserver_port - - src: - schema: pegleg/CommonAddresses/v1 - name: common-addresses - path: .kubernetes.haproxy_port - dest: - path: .kubernetes.haproxy_port - -data: - dns: - bootstrap_validation_checks: - - calico-etcd.kube-system.svc.cluster.local - - kubernetes-etcd.kube-system.svc.cluster.local - - kubernetes.default.svc.cluster.local -... diff --git a/doc/requirements.txt b/doc/requirements.txt deleted file mode 100644 index ddc6a294..00000000 --- a/doc/requirements.txt +++ /dev/null @@ -1,3 +0,0 @@ -# Documentation -sphinx>=1.6.2 -sphinx_rtd_theme==0.2.4 \ No newline at end of file diff --git a/doc/source/api-conventions.rst b/doc/source/api-conventions.rst deleted file mode 100644 index d1bf72c3..00000000 --- a/doc/source/api-conventions.rst +++ /dev/null @@ -1,359 +0,0 @@ -.. - Copyright 2017 AT&T Intellectual Property. - All Rights Reserved. - - Licensed under the Apache License, Version 2.0 (the "License"); you may - not use this file except in compliance with the License. You may obtain - a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - License for the specific language governing permissions and limitations - under the License. - -.. warning:: - - This repository is being deprecated. Project documentation has moved to the - `Airship Docs`_ project, and Airship-in-a-Bottle environment will be merged - into the `Airship Treasuremap`_ project. - -.. _api-conventions: - -API Conventions -=============== - -A collection of conventions that components of Airship -utilize for their REST APIs - -Resource path naming --------------------- - -- Resource paths nodes follow an all lower case naming scheme, and - pluralize the resource names. Nodes that refer to keys, ids or names that - are externally controlled, the external naming will be honored. -- The version of the API resource path will be prefixed before the first - node of the path for that resource using v#.# format. -- By default and unless otherwise noted, the API will be namespaced by /api - before the version. For the purposes of documentation, this will not be - specified in each of the resource paths below. In more complex APIs, Airship - components may use values other than /api to be more specific to point to a - particular service. - -:: - - /api/v1.0/sampleresources/ExTeRnAlNAME-1234 - ^ ^ ^ ^ - | | | defer to external naming - | | plural - | lower case - version here - -Status responses ----------------- - -Status responses, and more specifically error responses (HTTP response body -accompanying 4xx and 5xx series responses where possible) are a customized -version of the `Kubernetes standard for error representation`_. Airship -utilizes the details field in a more formalized way to represent multiple -messages related to a status response, as follows: - -:: - - { - "kind": "Status", - "apiVersion": "v{{#.#}}", - "metadata": {}, - "status": "{{Success | Failure}}", - "message": "{{message phrase}}", - "reason": "{{reason name}}", - "details": { - "errorCount": {{n}}, - "messageList": [ - { "message" : "{{message contents}}", - "error": true|false, - "kind": "SimpleMessage" } - ... - ] - }, - "code": {{http status code}} - } - - -such that: - -* The metadata field is optionally present, as an empty object. Clients should - be ready to receive this field, but services are not required to produce it. -* The message phrase is a terse but descriptive message indicating what has - happened. -* The reason name is the short name indicating the cause of the status. It - should be a camel cased phrase-as-a-word, to mimic the Kubernetes status - usage. -* The details field is optional. -* If used, the details follow the shown format, with an errorCount and - messageList field present. - - - The repeating entity inside the messageList can be decorated with as - many other fields as are useful, but at least have a message field and - error field. - - - A kind field is optional, but if used will indicate the presence of - other fields. By default, the kind field is assumed to be - "SimpleMessage", which requires only the aforementioned message and - error fields. - - - The errorCount field is an integer representing the count of messageList - entities that have ``error: true`` - -* When using this document as the body of a HTTP response, ``code`` is - populated with a valid `HTTP status code`_ - -Required Headers ----------------- - -X-Auth-Token - The auth token to identify the invoking user. Required unless the resource is - explictly unauthenticated. - -Optional Headers ----------------- - -X-Context-Marker - A context id that will be carried on all logs for this client-provided - marker. This marker may only be a 36-character canonical representation of an - UUID (8-4-4-4-12) - -X-End-User - The user name of the initial invoker that will be carried on all logs for - user tracing cross components. Shipyard doesn't support this header and when - passed, it will be ignored. - -Validation API --------------- -All Airship components that participate in validation of the design supplied to -a site implement a common resource to perform document validations. Document -validations are synchronous. -Because of the different sources of documents that should be supported, a -flexible input descriptor is used to indicate from where an Airship component -will retrieve the documents to be validated. - -POST /v1.0/validatedesign -~~~~~~~~~~~~~~~~~~~~~~~~~ -Invokes an Airship component to perform validations against the documents -specified by the input structure. Synchronous. - -Input structure -^^^^^^^^^^^^^^^ - -:: - - { - rel : "design", - href: "deckhand+https://{{deckhand_url}}/revisions/{{revision_id}}/rendered-documents", - type: "application/x-yaml" - } - -Output structure -^^^^^^^^^^^^^^^^ - -The output structure reuses the Kubernetes Status kind to represent the result -of validations. The Status kind will be returned for both successful and failed -validation to maintain a consistent of interface. If there are additional -diagnostics that associate to a particular validation, the entries in the -messageList should be of kind "ValidationMessage" (preferred), or -"SimpleMessage" (assumed default base message kind). - -Failure message example using a ValidationMessage kind for the messageList:: - - { - "kind": "Status", - "apiVersion": "v1.0", - "metadata": {}, - "status": "Failure", - "message": "{{Component Name}} validations failed", - "reason": "Validation", - "details": { - "errorCount": {{n}}, - "messageList": [ - { "message" : "{{validation failure message}}", - "error": true, - "name": "{{identifying name of the validation}}", - "documents": [ - { "schema": "{{schema and name of the document being validated}}", - "name": "{{name of the document being validated}}" - }, - ... - ] - "level": "Error", - "diagnostic": "{{information about what lead to the message}}", - "kind": "ValidationMessage" }, - ... - ] - }, - "code": 400 - } - -Success message example:: - - { - "kind": "Status", - "apiVersion": "v1.0", - "metadata": {}, - "status": "Success", - "message": "{{Component Name}} validations succeeded", - "reason": "Validation", - "details": { - "errorCount": 0, - "messageList": [] - }, - "code": 200 - } - -ValidationMessage Message Type -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -The ValidationMessage message type is used to provide more information about -validation results than a SimpleMessage provides. These are the fields of a -ValidationMessage: - -- documents (optional): If applicable to configuration documents, specifies - the design documents by schema and name that were involved in the specific - validation. If the documents element is not provided, or is an empty list, - the assumption is that the validation is not traced to a document, and may - be a validaiton of environmental or process needs. - - - schema (required): The schema of the document. - E.g. drydock/NetworkLink/v1 - - name (required): The name of the document. - E.g. pxe-rack1 - -- error (required): true if the message indcates an error, false if the - message indicates a non-error. -- kind (required): ValidationMessage -- level (required): The severity of the validation result. This should align - with the error field value. Valid values are "Error", "Warning", and - "Info". -- message (required): The more complete message indicating the result of the - validation. - E.g.: MTU 8972 for pxe-rack1 is invalid for standard (non-jumbo) frames -- name (required): The name of the validation being performed. This is a short - name that identifies the validation among a full set of validations. It is - preferred to use non-action words to identify the validation. - E.g. "MTU in bounds" is preferred instead of "Check MTU in bounds" -- diagnostic (optional): Provides further contextual information that may help - with determining the source of the validation or provide further details. - -Health Check API ----------------- -Each Airship component shall expose an endpoint that allows other components -to access and validate its health status. Clients of the health check should -wait up to 30 seconds for a health check response from each component. - -GET /v1.0/health -~~~~~~~~~~~~~~~~ -Invokes an Airship component to return its health status. This endpoint is -intended to be unauthenticated, and must not return any information beyond the -noted 204 or 503 status response. The component invoked is expected to return a -response in less than 30 seconds. - -Health Check Output -^^^^^^^^^^^^^^^^^^^ -The current design will be for the component to return an empty response -to show that it is alive and healthy. This means that the component that -is performing the query will receive HTTP response code 204. - -HTTP response code 503 with a generic response status or an empty message body -will be returned if the component determines it is in a non-healthy state, -or is unable to reach another component it is dependent upon. - -GET /v1.0/health/extended -~~~~~~~~~~~~~~~~~~~~~~~~~ -Airship components may provide an extended health check. This request invokes a -component to return its detailed health status. Authentication is required -to invoke this API call. - -Extended Health Check Output -^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -The output structure reuses the Kubernetes Status kind to represent the health -check results. The Status kind will be returned for both successful and failed -health checks to ensure consistencies. The message field will contain summary -information related to the results of the health check. Detailed information -of the health check will be provided as well. - -Failure message example:: - - { - "kind": "Status", - "apiVersion": "v1.0", - "metadata": {}, - "status": "Failure", - "message": "{{Component Name}} failed to respond", - "reason": "HealthCheck", - "details": { - "errorCount": {{n}}, - "messageList": [ - { "message" : "{{Detailed Health Check failure information}}", - "error": true, - "kind": "SimpleMessage" }, - ... - ] - }, - "code": 503 - } - -Success message example:: - - { - "kind": "Status", - "apiVersion": "v1.0", - "metadata": {}, - "status": "Success", - "message": "", - "reason": "HealthCheck", - "details": { - "errorCount": 0, - "messageList": [] - }, - "code": 200 - } - -Versions API ------------- -Each Airship component shall expose an endpoint that allows other components to -discover its different API versions. This endpoint is not prefixed by /api -or a version. - -GET /versions -~~~~~~~~~~~~~ -Invokes an Airship component to return its list of API versions. This endpoint -is intended to be unauthenticated, and must not return any information beyond -the output noted below. - -Versions output -^^^^^^^^^^^^^^^ -Each Airship component shall return a list of its different API versions. The -response body shall be keyed with the name of each API version, with -accompanying information pertaining to the version's `path` and `status`. The -`status` field shall be an enum which accepts the values `stable` and `beta`, -where `stable` implies a stable API and `beta` implies an under-development -API. - -Success message example:: - - { - "v1.0": { - "path": "/api/v1.0", - "status": "stable" - }, - "v1.1": { - "path": "/api/v1.1", - "status": "beta" - }, - "code": 200 - } - -.. _Kubernetes standard for error representation: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#response-status-kind -.. _HTTP status code: https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html -.. _Airship Docs: https://airship-docs.readthedocs.org -.. _Airship Treasuremap: https://opendev.org/airship/treasuremap/ diff --git a/doc/source/code-conventions.rst b/doc/source/code-conventions.rst deleted file mode 100644 index 8446495a..00000000 --- a/doc/source/code-conventions.rst +++ /dev/null @@ -1,220 +0,0 @@ -.. - Copyright 2017 AT&T Intellectual Property. - All Rights Reserved. - - Licensed under the Apache License, Version 2.0 (the "License"); you may - not use this file except in compliance with the License. You may obtain - a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - License for the specific language governing permissions and limitations - under the License. - -.. warning:: - - This repository is being deprecated. Project documentation has moved to the - `Airship Docs`_ project, and Airship-in-a-Bottle environment will be merged - into the `Airship Treasuremap`_ project. - -.. _code-conventions: - -Code and Project Conventions -============================ - -Conventions and standards that guide the development and arrangement of Airship -component projects. - -Project Structure ------------------ - -Charts -~~~~~~ -Each project that maintains helm charts will keep those charts in a directory -``charts`` located at the root of the project. The charts directory will -contain subdirectories for each of the charts maintained as part of that -project. These subdirectories should be named for the component represented by -that chart. - -e.g.: For project ``foo``, which also maintains the charts for ``bar`` and -``baz``: - -- foo/charts/foo contains the chart for ``foo`` -- foo/charts/bar contains the chart for ``bar`` -- foo/charts/baz contains the chart for ``baz`` - -Helm charts utilize the `helm-toolkit`_ supported by the `Openstack-Helm`_ team -and follow the standards documented there. - -Images -~~~~~~ -Each project that creates a `Docker`_ image will keep the dockerfile in a -directory ``images`` located at the root of the project. The images directory -will contain subdirectories for each of the images created as part of that -project. The subdirectory will contain the dockerfile that can be used to -generate the image. - -e.g.: For project ``foo``, which also produces a Docker image for ``bar``: - -- foo/images/foo contains the dockerfile for ``foo`` -- foo/images/bar contains the dockerfile for ``bar`` - -Makefile -~~~~~~~~ -Each project must provide a makefile at the root of the project. The makefile -should implement each of the following makefile targets: - -- ``images`` will produce the docker images for the component and each other - component it is responsible for building. -- ``charts`` will helm package all of the charts maintained as part of the - project. -- ``lint`` will perform code linting for the code and chart linting for the - charts maintained as part of the project, as well as any other reasonable - linting activity. -- ``dry-run`` will produce a helm template for the charts maintained as part - of the project. -- ``all`` will run the lint, charts, and images targets. -- ``docs`` should render any documentation that has build steps. -- ``run_{component_name}`` should build the image and do a rudimentary (at - least) test of the image's functionality. -- ``run_images`` performs the inidividual run_{component_name} targets for - projects that produce more than one image. -- ``tests`` to invoke linting tests (e.g. PEP-8) and unit tests for the - components in the project - -For projects that are Python based, the makefile targets typically reference -tox commands, and those projects will include a tox.ini defining the tox -targets. Note that tox.ini files will reside inside the source directories for -modules within the project, but a top-level tox.ini may exist at the root of -the repository that includes the necessary targets to build documentation. - -Documentation -~~~~~~~~~~~~~ -Also see :ref:`documentation-conventions` - -Documentation source for the component should reside in a 'docs' directory at -the root of the project. - -Linting and Formatting Standards -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -Code in the Airship components should follow the prevalent linting and -formatting standards for the language being implemented. In lieu of industry -accepted code formatting standards for a target language, strive for -readability and maintainability. - -=============== ====================================== -Known Standards -------------------------------------------------------- -Language Uses -=============== ====================================== -Python PEP-8 -=============== ====================================== - -Airship components must provide for automated checking of their formatting -standards, such as the lint step noted above in the makefile. Components may -provide automated reformatting. - -Tests Location -~~~~~~~~~~~~~~ -Tests should be in parallel structures to the related code, unless dictated by -target language ecosystem. - -For Python projects, the preferred location for tests is a ``tests`` directory -under the directory for the module. E.g. Tests for module foo: -{root}/src/bin/foo/foo/tests. -An alternataive location is ``tests`` at the root of the project, although this -should only be used if there are not multiple components represented in the -same repository, or if the tests cross the components in the repository. - -Each type of test should be in its own subdirectory of tests, to allow for easy -separation. E.g. tests/unit, tests/functional, tests/integration. - -Source Code Location -~~~~~~~~~~~~~~~~~~~~ -A standard structure for the source code places the source for each module in -a module-named directory under either /src/bin or /src/lib, for executable -modules and shared library modules respectively. Since each module needs its -own setup.py and setup.cfg (python) that lives parallel to the top-level -module (i.e. the package), the directory for the module will contain another -directory named the same. - -For example, Project foo, with module foo_service would have a source structure -that is /src/bin/foo_service/foo_service, wherein the __init__.py for the -package resides. - -Sample Project Structure (Python) -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -Project ``foo``, supporting multiple executable modules ``foo_service``, -``foo_cli``, and a shared module ``foo_client`` :: - - {root of foo} - |- /doc - | |- /source - | |- requirements.txt - |- /etc - | |- /foo - | |- {sample files} - |- /charts - | |- /foo - | |- /bar - |- /images - | |- /foo - | | |- Dockerfile - | |- /bar - | |- Dockerfile - |- /tools - | |- {scripts/utilities supporting build and test} - |- /src - | |- /bin - | | |- /foo_service - | | | |- /foo_service - | | | | |- __init__.py - | | | | |- {source directories and files} - | | | |- /tests - | | | | |- unit - | | | | |- functional - | | | |- setup.py - | | | |- setup.cfg - | | | |- requirements.txt (and related files) - | | | |- tox.ini - | | |- /foo_cli - | | |- /foo_cli - | | | |- __init__.py - | | | |- {source directories and files} - | | |- /tests - | | | |- unit - | | | |- functional - | | |- setup.py - | | |- setup.cfg - | | |- requirements.txt (and related files) - | | |- tox.ini - | |- /lib - | |- /foo_client - | |- /foo_client - | | |- __init__.py - | | |- {source directories and files} - | |- /tests - | | |- unit - | | |- functional - | |- setup.py - | |- setup.cfg - | |- requirements.txt (and related files) - | |- tox.ini - |- Makefile - |- README (suitable for github consumption) - |- tox.ini (primarily for the build of repository-level docs) - -Note that this is a sample structure, and that target languages may preclude -the location of some items (e.g. tests). For those components with language -or ecosystem standards contrary to this structure, ecosystem convention should -prevail. - - -.. _Docker: https://www.docker.com/ -.. _helm-toolkit: https://opendev.org/openstack/openstack-helm-infra/src/branch/master/helm-toolkit -.. _Openstack-Helm: https://wiki.openstack.org/wiki/Openstack-helm -.. _Airship Docs: https://airship-docs.readthedocs.org -.. _Airship Treasuremap: https://opendev.org/airship/treasuremap/ diff --git a/doc/source/conf.py b/doc/source/conf.py deleted file mode 100644 index 0efbf008..00000000 --- a/doc/source/conf.py +++ /dev/null @@ -1,160 +0,0 @@ -# -*- coding: utf-8 -*- -# -# shipyard documentation build configuration file, created by -# sphinx-quickstart on Sat Sep 16 03:40:50 2017. -# -# This file is execfile()d with the current directory set to its -# containing dir. -# -# Note that not all possible configuration values are present in this -# autogenerated file. -# -# All configuration values have a default; values that are commented out -# serve to show the default. - -# If extensions (or modules to document with autodoc) are in another directory, -# add these directories to sys.path here. If the directory is relative to the -# documentation root, use os.path.abspath to make it absolute, like shown here. -# -# import os -# import sys -# sys.path.insert(0, os.path.abspath('.')) -import sphinx_rtd_theme - - -# -- General configuration ------------------------------------------------ - -# If your documentation needs a minimal Sphinx version, state it here. -# -# needs_sphinx = '1.0' - -# Add any Sphinx extension module names here, as strings. They can be -# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom -# ones. -extensions = [ - 'sphinx.ext.autodoc', - 'sphinx.ext.todo', - 'sphinx.ext.viewcode', -] - -# Add any paths that contain templates here, relative to this directory. -# templates_path = [] - -# The suffix(es) of source filenames. -# You can specify multiple suffix as a list of string: -# -# source_suffix = ['.rst', '.md'] -source_suffix = '.rst' - -# The master toctree document. -master_doc = 'index' - -# General information about the project. -project = u'Airship' -copyright = u'2019 The Airship Authors.' -author = u'Airship Authors' - -# The version info for the project you're documenting, acts as replacement for -# |version| and |release|, also used in various other places throughout the -# built documents. -# -# The short X.Y version. -version = u'0.1.0' -# The full version, including alpha/beta/rc tags. -release = u'0.1.0' - -# The language for content autogenerated by Sphinx. Refer to documentation -# for a list of supported languages. -# -# This is also used if you do content translation via gettext catalogs. -# Usually you set "language" from the command line for these cases. -language = None - -# List of patterns, relative to source directory, that match files and -# directories to ignore when looking for source files. -# This patterns also effect to html_static_path and html_extra_path -exclude_patterns = [] - -# The name of the Pygments (syntax highlighting) style to use. -pygments_style = 'sphinx' - -# If true, `todo` and `todoList` produce output, else they produce nothing. -todo_include_todos = False - - -# -- Options for HTML output ---------------------------------------------- - -# The theme to use for HTML and HTML Help pages. See the documentation for -# a list of builtin themes. -# -html_theme = "sphinx_rtd_theme" -html_theme_path = [sphinx_rtd_theme.get_html_theme_path()] - -# Theme options are theme-specific and customize the look and feel of a theme -# further. For a list of options available for each theme, see the -# documentation. -# -# html_theme_options = {} - -# Add any paths that contain custom static files (such as style sheets) here, -# relative to this directory. They are copied after the builtin static files, -# so a file named "default.css" will overwrite the builtin "default.css". -html_static_path = [] - - -# -- Options for HTMLHelp output ------------------------------------------ - -# Output file base name for HTML help builder. -htmlhelp_basename = 'airshipdoc' - - -# -- Options for LaTeX output --------------------------------------------- - -latex_elements = { - # The paper size ('letterpaper' or 'a4paper'). - # - # 'papersize': 'letterpaper', - - # The font size ('10pt', '11pt' or '12pt'). - # - # 'pointsize': '10pt', - - # Additional stuff for the LaTeX preamble. - # - # 'preamble': '', - - # Latex figure (float) alignment - # - # 'figure_align': 'htbp', -} - -# Grouping the document tree into LaTeX files. List of tuples -# (source start file, target name, title, -# author, documentclass [howto, manual, or own class]). -latex_documents = [ - (master_doc, 'airship.tex', u'Airship Documentation', - u'Airship Authors', 'manual'), -] - - -# -- Options for manual page output --------------------------------------- - -# One entry per manual page. List of tuples -# (source start file, name, description, authors, manual section). -man_pages = [ - (master_doc, 'Airship', u'Airship Documentation', - [author], 1) -] - - -# -- Options for Texinfo output ------------------------------------------- - -# Grouping the document tree into Texinfo files. List of tuples -# (source start file, target name, title, author, -# dir menu entry, description, category) -texinfo_documents = [ - (master_doc, 'Airship', u'Airship Documentation', - author, 'Airship', - 'Airship documentation', - 'Miscellaneous'), -] diff --git a/doc/source/conventions.rst b/doc/source/conventions.rst deleted file mode 100644 index 65e7a286..00000000 --- a/doc/source/conventions.rst +++ /dev/null @@ -1,54 +0,0 @@ -.. - Copyright 2017 AT&T Intellectual Property. - All Rights Reserved. - - Licensed under the Apache License, Version 2.0 (the "License"); you may - not use this file except in compliance with the License. You may obtain - a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - License for the specific language governing permissions and limitations - under the License. - -.. warning:: - - This repository is being deprecated. Project documentation has moved to the - `Airship Docs`_ project, and Airship-in-a-Bottle environment will be merged - into the `Airship Treasuremap`_ project. - -.. _conventions: - -Airship Conventions -=================== -Airship components conform to a minimal set of conventions to -provide for reasonable levels of consistency. - -Language --------- -While these documents are not an IETF RFC, `RFC 2119`_ provides for useful -language definitions. In this spirit: - -- 'must', 'shall', 'will', and 'required' language indicates inflexible rules. -- 'should' and 'recommended' language is expected to be followed but reasonable - exceptions may exist. -- 'may' and 'can' language is intended to be optional, but will provide a - recommended approach if used. - -Conventions and Standards -------------------------- - -.. toctree:: - :maxdepth: 2 - - api-conventions - code-conventions - documentation-conventions - service-logging-conventions - -.. _RFC 2119: https://www.ietf.org/rfc/rfc2119.txt -.. _Airship Docs: https://airship-docs.readthedocs.org -.. _Airship Treasuremap: https://opendev.org/airship/treasuremap/ diff --git a/doc/source/dev-getting-started.rst b/doc/source/dev-getting-started.rst deleted file mode 100644 index 801ad04b..00000000 --- a/doc/source/dev-getting-started.rst +++ /dev/null @@ -1,170 +0,0 @@ -.. - Copyright 2017 AT&T Intellectual Property. - All Rights Reserved. - - Licensed under the Apache License, Version 2.0 (the "License"); you may - not use this file except in compliance with the License. You may obtain - a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - License for the specific language governing permissions and limitations - under the License. - -.. warning:: - - This repository is being deprecated. Project documentation has moved to the - `Airship Docs`_ project, and Airship-in-a-Bottle environment will be merged - into the `Airship Treasuremap`_ project. - -.. _dev-getting-started: - -Getting Started for Airship Developers -====================================== -Airship uses many foundational concepts that should be understood by developers -wanting to get started. This documentation attempts to provide a survey of -those topics. - -Concepts --------- - -- Containers/Docker -- RESTful APIs -- YAML -- Security - -Containers/Docker -~~~~~~~~~~~~~~~~~ -Airship is, at its core, intended to be used in a containerized fashion. -Dockerfile resources exist in each of the project repositories that are used by -the build process to generate Docker images. Images are hosted on `quay.io`_ -under ``airshipit``. - -Each main component is responsible for generating one or more images (E.g.: -Shipyard produces a Shipyard image and an `Airflow`_ image). - -When running, nearly every aspect of Airship runs as a container, and Airship -(primarily Promenade + Armada) sets up many of the other foundational -components as containers, including many `Kubernetes`_ components, `etcd`_, -`Calico`_, and `Ceph`_. - -RESTful APIs -~~~~~~~~~~~~ -Each Airship component that runs as a service provides a RESTful API. -Some :ref:`api-conventions` exist explaining the basic format of requests and -responses and required endpoints that are exposed, such as health check and -and design validation. - -YAML -~~~~ -The `YAML`_ document format is used along with `JSON Schema`_ to define the -declarative site and software design inputs to the Airship components. - -Security -~~~~~~~~ -Security is a consideration from the ground-up for Airship components. Some -technologies in this space are TLS and `Keystone`_ auth. Airship APIs are -protected by RBAC policies implemented with `oslo.policy`_ (with some -exceptions for basic health checking and listing of API versions). Keystone -middleware serves as a layer in the pipeline of service layers for each -component, providing lookup of authenticated users, resolving their roles, -which are then checked. Access enforcement is within the Airship components, -using a decorator for each API that requires limited access. - -Environment ------------ - -- Helm -- Kubernetes -- Linux - -Helm -~~~~ -Airship components are deployed into Kubernetes using `Armada`_, which in turn -uses the Tiller component of `Helm`_. Helm charts are used to generate the -Kubernetes artifacts (deployments, jobs, configmaps, etc...). - -Kubernetes -~~~~~~~~~~ -Airship is thoroughly intertwined with Kubernetes: - -- Airship depends on Kubernetes as the orchestrator of the containers that make - up the platform. -- Airship sets up a single node Kubernetes instance during the `Promenade`_ - genesis process, with the necessary configuration to become the seed of a - resilient Kubernetes cluster during later stages of Airship. -- Airship's components run as containers inside the Kubernetes cluster. - -Linux -~~~~~ -Airship is targeted to a Linux platform. There are significant elements of -Airship that use shell scripts to drive processes. - -Coding ------- -Further information is available in :ref:`code-conventions`. - -Airship is primarily a combination of Python 3 and shell scripting. There are -several Python libraries that are used in common across many components: - -- Falcon: A service framework providing the API endpoints. -- uWSGI: The service container. -- oslo_config: Provides per-deployment, configuration file configurability. -- oslo_policy: Provides RBAC support for API endpoints (and more). -- Requests: A framework for making HTTP requests and receiving responses. -- Click: A CLI framework used to provide component-level Command Line - Interfaces. - -Each component also brings in their own dependencies as needed. - -Database(s) ------------ -Several of the Airship components require some data persistence. Some data -persistence is achieved by utilizing Kubernetes provided mechanisms, and the -Keystone software uses a MariaDB instance, but most is accomplished using a -containerized PostgreSQL database. - -Interaction with PostgreSQL uses the following: - -- SQLAlchemy: A python library providing most of the needed database - functionality. -- Alembic: Version management for database schemas and data. -- oslo_db: An OpenStack layer providing additional functionality over - SQLAlchemy. - -Testing -------- - -- Unit -- Functional -- Integration - -Unit and functional tests are used in the gating of changes before merging -code. Unit tests utilize combinations of `pytest`_ and `stestr`_. Functional -tests utilize `Gabbi`_. These tools are not exclusive of others, but are the -primary tools being used for unit and functional tests. - -Integration testing is orchestrated in the merge gates, and uses various means -of testing. - -.. _Airflow: https://airflow.apache.org/ -.. _Armada: https://airship-armada.readthedocs.io/ -.. _Calico: https://www.projectcalico.org/calico-networking-for-kubernetes/ -.. _Ceph: https://ceph.com -.. _etcd: https://coreos.com/etcd/ -.. _Gabbi: https://github.com/cdent/gabbi -.. _Helm: https://github.com/kubernetes/helm -.. _JSON Schema: http://json-schema.org/ -.. _Keystone: https://docs.openstack.org/keystone/latest/ -.. _Kubernetes: https://kubernetes.io/ -.. _oslo.policy: https://docs.openstack.org/oslo.policy/latest/ -.. _Promenade: https://airship-promenade.readthedocs.io/ -.. _pytest: https://docs.pytest.org/en/latest/ -.. _quay.io: https://quay.io/organization/airshipit -.. _stestr: https://github.com/mtreinish/stestr -.. _YAML: http://yaml.org/ -.. _Airship Docs: https://airship-docs.readthedocs.org -.. _Airship Treasuremap: https://opendev.org/airship/treasuremap/ diff --git a/doc/source/documentation-conventions.rst b/doc/source/documentation-conventions.rst deleted file mode 100644 index 40282429..00000000 --- a/doc/source/documentation-conventions.rst +++ /dev/null @@ -1,95 +0,0 @@ -.. - Copyright 2017 AT&T Intellectual Property. - All Rights Reserved. - - Licensed under the Apache License, Version 2.0 (the "License"); you may - not use this file except in compliance with the License. You may obtain - a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - License for the specific language governing permissions and limitations - under the License. - -.. warning:: - - This repository is being deprecated. Project documentation has moved to the - `Airship Docs`_ project, and Airship-in-a-Bottle environment will be merged - into the `Airship Treasuremap`_ project. - -.. _documentation-conventions: - -Documentation -============= -Each Airship component will maintain documentation addressing two audiences: - - #. Consumer documentation - #. Developer documentation - -Consumer Documentation ----------------------- -Consumer documentation is that which is intended to be referenced by users of -the component. This includes information about each of the following: - -- Introduction - the purpose and charter of the software -- Features - capabilies the software has -- Usage - interaction with the software - e.g. API and CLI documentation -- Setup/Installation - how an end user would set up and run the software - including system requirements -- Support - where and how a user engages support or makes change requests for - the software - -Developer Documentation ------------------------ -Developer documentation is used by developers of the software, and addresses -the following topics: - -- Archiecture and Design - features and structure of the software -- Inline, Code, Method - documentaiton specific to the fuctions and procedures - in the code -- Development Environment - explaining how a developer would need to configure - a working environment for the software -- Contribution - how a developer can contribute to the software - -Format ------- -There are multiple means by which consumers and developers will read the -documentation for Airship components. The two common places for Airship -components are `Github`_ in the form of README and code-based documentation, -and `Readthedocs`_ for more complete/formatted documentation. - -Documentation that is expected to be read in Github must exist and may use -either `reStructuredText`_ or `Markdown`_. This generally would be limited to -the README file at the root of the project and/or a documentation directory. -The README should direct users to the published documentation location. - -Documentation intended for Readthedocs will use reStructuredText, and should -provide a `Sphinx`_ build of the documentation. - -Finding Treasuremap -------------------- -`Treasuremap`_ is a project that serves as a starting point for the larger -Containerized Cloud Platform, and provides context for the Airship component -projects. - -Airship component projects should include the following at the top of the -main/index page of their `Readthedocs`_ documentation: - -.. tip:: - - {{component name}} is part of Airship, a collection of components that - coordinate to form a means of configuring, deploying and maintaining a - Kubernetes environment using a declarative set of yaml documents. More - details on using Airship may be found by using the `Treasuremap`_ - -.. _reStructuredText: http://www.sphinx-doc.org/en/stable/rest.html -.. _Markdown: https://daringfireball.net/projects/markdown/syntax -.. _Readthedocs: https://airshipit.readthedocs.io/ -.. _Github: https://github.com -.. _Sphinx: http://www.sphinx-doc.org/en/stable/index.html -.. _Treasuremap: https://opendev.org/airship/treasuremap/ -.. _Airship Docs: https://airship-docs.readthedocs.org -.. _Airship Treasuremap: https://opendev.org/airship/treasuremap/ diff --git a/doc/source/docutils.conf b/doc/source/docutils.conf deleted file mode 100644 index b49cd480..00000000 --- a/doc/source/docutils.conf +++ /dev/null @@ -1,2 +0,0 @@ -[general] -smart_quotes=no \ No newline at end of file diff --git a/doc/source/index.rst b/doc/source/index.rst deleted file mode 100644 index 84797b68..00000000 --- a/doc/source/index.rst +++ /dev/null @@ -1,74 +0,0 @@ -.. - Copyright 2017 AT&T Intellectual Property. - All Rights Reserved. - - Licensed under the Apache License, Version 2.0 (the "License"); you may - not use this file except in compliance with the License. You may obtain - a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - License for the specific language governing permissions and limitations - under the License. - -.. warning:: - - This repository is being deprecated. Project documentation has moved to the - `Airship Docs`_ project, and Airship-in-a-Bottle environment will be merged - into the `Airship Treasuremap`_ project. - -.. note:: - - These documents will be reworked to reflect the changes associated with - becoming an OpenStack hosted project: Airship. Expect major changes to occur - with time. See more at `airshipit.org`_ - -Airship -======= - -Airship is a collection of components that coordinate to form a means of -configuring, deploying and maintaining a `Kubernetes`_ environment using a -declarative set of `yaml`_ documents. More details on using parts of Airship -may be found by using the `Treasuremap`_ - -Approach --------- -Airship revolves around the setup and use of Kubernetes and `Helm`_ and takes -cues from these projects. The first use case of Airship is the deployment -of `OpenStack-Helm`_ which also influences Airship's direction. - -Building this Documentation ---------------------------- - -Use of ``make docs`` will build a html version of this documentation that can -be viewed using a browser at doc/build/index.html on the local filesystem. - -Specification Details ---------------------- - -Proposed, approved, and implemented specifications_ for -Airship projects are available. - -Conventions and Standards -------------------------- - -.. toctree:: - :maxdepth: 3 - - conventions - security/guide - dev-getting-started - -.. _airshipit.org: https://airshipit.org -.. _Helm: https://helm.sh/ -.. _Kubernetes: https://kubernetes.io/ -.. _Openstack: https://www.openstack.org/ -.. _Openstack-Helm: https://docs.openstack.org/openstack-helm/latest/ -.. _Treasuremap: https://opendev.org/airship/treasuremap/ -.. _yaml: http://yaml.org/ -.. _specifications: /projects/specs -.. _Airship Docs: https://airship-docs.readthedocs.org -.. _Airship Treasuremap: https://opendev.org/airship/treasuremap/ diff --git a/doc/source/security/guide.rst b/doc/source/security/guide.rst deleted file mode 100644 index 494b7e54..00000000 --- a/doc/source/security/guide.rst +++ /dev/null @@ -1,65 +0,0 @@ -.. - Copyright 2018 AT&T Intellectual Property. - All Rights Reserved. - - Licensed under the Apache License, Version 2.0 (the "License"); you may - not use this file except in compliance with the License. You may obtain - a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - License for the specific language governing permissions and limitations - under the License. - -.. warning:: - - This repository is being deprecated. Project documentation has moved to the - `Airship Docs`_ project, and Airship-in-a-Bottle environment will be merged - into the `Airship Treasuremap`_ project. - -.. _security_guide: - -Airship Security Guide -====================== - -An undercloud environment deployed via Airship crosses many security domains. This -guide explains many of the security concerns that have been reviewed and considered -by the Airship developers. Because Airship is a highly configuration-driven platform, -there is some onus on the end-user to make good decisions with their configuration. - -Layout and Nomenclature ------------------------ - -Each topic in the security guide will provide some overview for scope of that topic -and then provide a list of tactical security items. For each item two statuses will -be listed as well as the project scope. - - * Project Scope: Which Airship projects address this security item. - * Solution: The solution is how this security concern is addressed in the platform - - * Remediated: The item is solved for automatically - * Configurable: The item is based on configuration. Guidance will be provided. - * Mitigated: The item currently mitigated while a permanent remediation is in progress. - * Pending: Addressing the item is in-progress - - * Audit: Auditing the item provides for ongoing monitoring to ensure there is no regression - - * Testing: The item is tested for in an automated test pipeline during development - * Validation: The item is reported on by a validation framework after a site deployment - * Pending: Auditing is in-progress - -Airship Security Topics ------------------------ - -.. toctree:: - :maxdepth: 1 - - template - haproxy - ubuntu - -.. _Airship Docs: https://airship-docs.readthedocs.org -.. _Airship Treasuremap: https://opendev.org/airship/treasuremap/ diff --git a/doc/source/security/haproxy.rst b/doc/source/security/haproxy.rst deleted file mode 100644 index 39b89d15..00000000 --- a/doc/source/security/haproxy.rst +++ /dev/null @@ -1,64 +0,0 @@ -.. - Copyright 2018 AT&T Intellectual Property. - All Rights Reserved. - - Licensed under the Apache License, Version 2.0 (the "License"); you may - not use this file except in compliance with the License. You may obtain - a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - License for the specific language governing permissions and limitations - under the License. - -.. warning:: - - This repository is being deprecated. Project documentation has moved to the - `Airship Docs`_ project, and Airship-in-a-Bottle environment will be merged - into the `Airship Treasuremap`_ project. - -.. _haproxy_security_guide: - -HAProxy Security Guide -====================== - -Updated: 13-AUG-2018 - -This guide covers configurations for HAProxy. Specifically, in ``mode tcp``. - -.. contents:: :depth: 2 - -Security Item List ------------------- - -TCP Mode -^^^^^^^^ - -The instance will work in pure TCP mode. A full-duplex connection will be -established between clients and servers, and no layer 7 examination will be -performed. This is the default mode. It should be used for TLS. - -Max Connections -^^^^^^^^^^^^^^^ - -Set ``maxconn`` in ``global`` to a reasonable level. HAProxy will queue -requests beyond that value. - -Set Headers -^^^^^^^^^^^ -"set-header" does the same as "add-header" except that the header name is first -removed if it existed. This is useful when passing security information to the -server, where the header must not be manipulated by external users. Note that -the new value is computed before the removal so it is possible to concatenate a -value to an existing header. - -References ----------- - -`HAProxy Configuration Guide `_ - -.. _Airship Docs: https://airship-docs.readthedocs.org -.. _Airship Treasuremap: https://opendev.org/airship/treasuremap/ diff --git a/doc/source/security/template.rst b/doc/source/security/template.rst deleted file mode 100644 index b89eaabf..00000000 --- a/doc/source/security/template.rst +++ /dev/null @@ -1,79 +0,0 @@ -.. - Copyright 2018 AT&T Intellectual Property. - All Rights Reserved. - - Licensed under the Apache License, Version 2.0 (the "License"); you may - not use this file except in compliance with the License. You may obtain - a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - License for the specific language governing permissions and limitations - under the License. - -.. warning:: - - This repository is being deprecated. Project documentation has moved to the - `Airship Docs`_ project, and Airship-in-a-Bottle environment will be merged - into the `Airship Treasuremap`_ project. - -.. _template_security_guide: - -Template for a Security Guide Topic -=================================== - -Updated: 1-AUG-2018 - -An overview of the scope of this topic. - -.. contents:: :depth: 2 - -Security Item List ------------------- - -Sensitive Data Security -^^^^^^^^^^^^^^^^^^^^^^^ - -Sensitive data should be encrypted at-rest. - - * Project Scope: Deckhand - * Solution *Remediated*: The ``storagePolicy`` metadata determines if Deckhand will persist - document data encrypted. - * Audit: *Testing*: Pipeline test checks that documents with a ``storagePolicy: encrypted`` - are not persisted to the database with an intact ``data`` section. - -Sensitive data should be encrypted in-transit. - - * Project Scope: Shipyard, Deckhand - * Solution *Pending*: Shipyard and Deckhand API endpoints should support - TLS. See data_security_. - * Audit: *Pending*: Expect to validate post-deployment that endpoints all support TLS - -Configuration Guidance ----------------------- - -For items that require guidance on configuration that impact a security item -please list an item here. Use RST anchors and links to link the security item solution -status to this guidance. - -Temporary Mitigation Status ---------------------------- - -.. _data_security: - -Data Security In-Transit -^^^^^^^^^^^^^^^^^^^^^^^^ - -Current work to support Deckhand enabling TLS termination, Shipyard enabling self-signing -CAs and Barbican supporting TLS termination. - -References ----------- - -`Transport Layer Security (TLS) `_ - -.. _Airship Docs: https://airship-docs.readthedocs.org -.. _Airship Treasuremap: https://opendev.org/airship/treasuremap/ diff --git a/doc/source/security/ubuntu.rst b/doc/source/security/ubuntu.rst deleted file mode 100644 index dec60f2e..00000000 --- a/doc/source/security/ubuntu.rst +++ /dev/null @@ -1,256 +0,0 @@ -.. - Copyright 2018 AT&T Intellectual Property. - All Rights Reserved. - - Licensed under the Apache License, Version 2.0 (the "License"); you may - not use this file except in compliance with the License. You may obtain - a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - License for the specific language governing permissions and limitations - under the License. - -.. warning:: - - This repository is being deprecated. Project documentation has moved to the - `Airship Docs`_ project, and Airship-in-a-Bottle environment will be merged - into the `Airship Treasuremap`_ project. - -.. _ubuntu_security_guide: - -Canonical Ubuntu/MAAS Security Guide -==================================== - -Updated: 6-AUG-2018 - -This guide covers the configuration of MAAS to run securely and to deploy -secure installations of Ubuntu 16.04.x. Some items are above and beyond MAAS -when MAAS does not offer the functionality needed to fully secure a -newly provisioned server. - -.. contents:: :depth: 2 - -Security Item List ------------------- - -Filesystem Permissions -^^^^^^^^^^^^^^^^^^^^^^ - -Many files on the filesystem can contain sensitive data that can hasten a malignant -attack on a host. Ensure the below files have appropriate ownership and permissions - -================================== ========= ========= =============== - Filesystem Path Owner Group Permissions -================================== ========= ========= =============== -``/boot/System.map-*`` root root ``0600`` -``/etc/shadow`` root shadow ``0640`` -``/etc/gshadow`` root shadow ``0640`` -``/etc/passwwd`` root root ``0644`` -``/etc/group`` root root ``0644`` -``/var/log/kern.log`` root root ``0640`` -``/var/log/auth.log`` root root ``0640`` -``/var/log/syslog`` root root ``0640`` -================================== ========= ========= =============== - - - Project Scope: Drydock - - Solution *Configurable*: A bootaction will be run to enforce this on first boot - - Audit: *Pending*: This will be verified on an ongoing basis via a Sonobuoy plugin - -Filesystem Partitioning -^^^^^^^^^^^^^^^^^^^^^^^ - -The mounts ``/tmp``, ``/var``, ``/var/log``, ``/var/log/audit`` and ``/home`` should be -individual file systems. - - - Project Scope: Drydock - - Solution *Configurable*: Drydock supports user designed partitioning, see - `Filesystem Configuration`_. - - Audit: *Testing*: The Airship testing pipeline will validate that nodes are partitioned - as described in the site definition. - -Filesystem Hardening -^^^^^^^^^^^^^^^^^^^^ - -Disallow symlinks and hardlinks to files not owned by the user. Set ``fs.protected_symlinks`` and -``fs.protected_hardlinks`` to ``1``. - - - Project Scope: Diving Bell - - Solution *Configurable*: Diving Bell overrides will enforce this kernel tunable. By default - MAAS deploys nodes in compliance. - - Audit: *Pending*: This will be verified on an ongoing basis via a Sonobuoy plugin. - -Execution Environment Hardening -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -The kernel tunable ``fs.suid_dumpable`` must be set to ``0`` and there must be a hard limit -disabling core dumps (``hard core 0``) - - - Project Scope: DivingBell, Drydock - - Solution *Configurable*: Diving Bell overrides will enforce this kernel tunable, by default - MAAS deploys nodes with ``fs.suid_dumpable = 2``. A boot action will put in place the hard - limit. - - Audit: *Pending*: This will be verified on an ongoing basis via a Sonobuoy plugin - -Randomizing stack space can make it harder to exploit buffer overflow vulnerabilities. Enable -the kernel tunable ``kernel.randomize_va_space = 2``. - - - Project Scope: DivingBell - - Solution *Configurable*: Diving Bell overrides will enforce this kernel tunable, by default - MAAS deploys nodes in compliance. - - Audit: *Pending*: This will be verified on an ongoing basis via a Sonobuoy plugin - -Mandatory Access Control -^^^^^^^^^^^^^^^^^^^^^^^^ - -Put in place the approved default AppArmor profile and ensure that Docker is configured -to use it. - - - Project Scope: Drydock, Promenade - - Solution *Configurable*: A bootaction will put in place the default AppArmor profile. Promenade - will deploy a Docker configuration to enforce the default policy. - - Audit: *Pending*: This will be verified on an ongoing basis via a Sonobuoy plugin probing - ``/proc//attr/current``. - -Put in place an approved AppArmor profile to be used by containers that will manipulate the -on-host AppArmor profiles. This allows an init container in Pods to put customized AppArmor -profile in place and load them. - - - Project Scope: Drydock - - Solution *Configurable*: A bootaction will put in place the profile-manager AppArmor profile and - load it on each boot. - - Audit: *Pending*: The availability of this profile will be verified by a Sonobuoy plugin. - -.. IMPORTANT:: - - All other AppArmor profiles must be delivered and loaded by an init container in the Pod - that requires them. The Pod must also be decorated with the appropriate annotation to specify - the custom profile. - -System Monitoring -^^^^^^^^^^^^^^^^^ - -Run `rsyslogd` to log events. - - - Project Scope: Drydock - - Solution *Remediated*: MAAS installs rsyslog by default. - - Audit: *Pending*: This will be verified on an ongoing basis via a Sonobuoy plugin. - -Run a monitor for logging kernel audit events such as auditd. - - - Project Scope: Non-Airship - - Solution *Remediated*: The `Sysdig Falco `_ will be used - and - - Audit: *Pending*: This will be verified on an ongoing basis via a Sonobuoy plugin. - -Watch the watchers. Ensure that monitoring services are up and responsive. - - - Project Scope: Non-Airship - - Solution *Remediated*: Nagios will monitor host services and Kubernetes resources - - Audit: *Validation*: Internal corporate systems track Nagios heartbeats to ensure Nagios is responsive - -Blacklisted Services -^^^^^^^^^^^^^^^^^^^^ - -The below services are deprecated and should not be enabled or installed on hosts. - -================ ==================== - Service Ubuntu Package -================ ==================== - telnet telnetd - inet telnet inetutils-telnetd - SSL telnet telnetd-ssl - NIS nis - NTP date ntpdate -================ ==================== - - - Project Scope: Drydock - - Solution *Configurable*: A boot action will be used to enforce this on first boot. - - Audit: *Pending*: This will be verified on an ongoing basis via Sonobuoy plugin. - -Required System Services -^^^^^^^^^^^^^^^^^^^^^^^^ - -``cron`` and ``ntpd`` **must** be installed and enabled on all hosts. Only administrative -accounts should have access to cron. ``ntpd -q`` should show time synchronization is active. - - - Project Scope: Drydock - - Solution *Remediated*: A MAAS deployed node runs cron and configured ntpd by default. - - Audit: *Pending*: This will be verified on an ongoing basis via Sonobuoy plugin. - -System Service Configuration -^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -If ``sshd`` is enabled, ensure it is securely configured: - - - **Must** only support protocol version 2 (``Protocol 2``) - - **Must** disallow root SSH logins (``PermitRootLogin no``) - - **Must** disallow empty passwords (``PermitEmptyPasswords no``) - - **Should** set a idle timeout interval (``ClientAliveInterval 600`` and ``ClientAliveCountMax 0``) - - - Project Scope: Drydock - - Solution *Configurable*: A boot action will install an explicit configuration file - - Audit: *Pending*: This will be verified on an ongoing basis via Sonobuoy plugin. - -Network Security -^^^^^^^^^^^^^^^^ - -.. IMPORTANT:: - - Calico network policies will be used to secure host-level network access. Nothing will - be orchestrated outside of Calico to enforce host-level network policy. - -Secure the transport of traffic between nodes and MAAS/Drydock during node deployment. - - - Project Scope: Drydock, MAAS - - Solution *Pending*: The Drydock and MAAS charts will be updated to include an Ingress - port utilizing TLS 1.2 and a publicly signed certificate. Also the service will enable - TLS on the pod IP. - - Audit: *Testing*: The testing pipeline will validate the deployment is using TLS to - access the Drydock and MAAS APIs. - -.. DANGER:: - - Some traffic, such as iPXE, DHCP, TFTP, will utilize node ports and is not encrypted. This - is not configurable. However, this traffic traverses the private PXE network. - -Secure Accounts -^^^^^^^^^^^^^^^ - -Enforce a minimum password length of 8 characters - - - Project Scope: Drydock - - Solution *Configurable*: A boot action will update ``/etc/pam.d/common-password`` to specify ``minlen=8`` for ``pam_unix.so``. - - Audit: *Pending*: This will be verified on an ongoing basis via Sonobuoy plugin. - -Configuration Guidance ----------------------- - -Filesystem Configuration -^^^^^^^^^^^^^^^^^^^^^^^^ - -The filesystem partitioning strategy should be sure to protect the ability for the host to -log critical information, both for security and reliability. The log data should not risk -filling up the root filesystem (``/``) and non-critical log data should not risk crowding out -critical log data. If you are shipping log data to a remote store, the latter concern is -less critical. Because Airship nodes are built to **ONLY** run Kubernetes, isolating filesystems -such as ``/home`` is not as critical since there is no direct user access and applications -are running in a containerized environment. - -Temporary Mitigation Status ---------------------------- - - -References ----------- - - * `OpenSCAP for Ubuntu 16.04 `_ - * `Ubuntu 16.04 Server Guide `_ - * `Canonical MAAS 2.3 TLS `_ - * `Canonical MAAS 2.4 TLS `_ - -.. _Airship Docs: https://airship-docs.readthedocs.org -.. _Airship Treasuremap: https://opendev.org/airship/treasuremap/ diff --git a/doc/source/service-logging-conventions.rst b/doc/source/service-logging-conventions.rst deleted file mode 100644 index 0312fa3a..00000000 --- a/doc/source/service-logging-conventions.rst +++ /dev/null @@ -1,73 +0,0 @@ -.. - Copyright 2017 AT&T Intellectual Property. - All Rights Reserved. - - Licensed under the Apache License, Version 2.0 (the "License"); you may - not use this file except in compliance with the License. You may obtain - a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - License for the specific language governing permissions and limitations - under the License. - -.. warning:: - - This repository is being deprecated. Project documentation has moved to the - `Airship Docs`_ project, and Airship-in-a-Bottle environment will be merged - into the `Airship Treasuremap`_ project. - -.. _service-logging-conventions: - -Service Logging Conventions -=========================== -Airship services must provide logging, should conform to a standard logging -format, and may utilize shared code to do so. - -Standard Logging Format ------------------------ -The following is the intended format to be used when logging from Airship -services. When logging from those parts that are no services, a close -reasonable approximation is desired. - -:: - - Timestamp Level RequestID ExternalContextID ModuleName(Line) Function - Message - -Where: - -- Timestamp is like ``2006-02-08 22:20:02,165``, or the standard ouptut from - ``%(asctime)s`` -- Level is 'DEBUG', 'INFO', 'WARNING', 'ERROR', 'CRITICAL', padded to 8 - characters, left aligned. -- RequestID is the UUID assigned to the request in canonical 8-4-4-4-12 format. -- ExternalContextID is the UUID assigned from the external source (or generated - for the same purpose), in 8-4-4-4-12 format. -- ModuleName is the name of the module or class from which the logging - originates. -- Line is the line number of the logging statement -- Function is the name of the function or method from which the logging - originates -- Message is the text of the message to be logged. - -Example Python Logging Format -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -:: - - %(asctime)s %(levelname)-8s %(req_id)s %(external_ctx)s %(user)s %(module)s(%(lineno)d) %(funcName)s - %(message)s' - -See `Python Logging`_ for explanation of format. - -Loggers in Code ---------------- -Components should prefer loggers that are at the module or class level, -allowing for finer grained logging control than a global logger. - - -.. _Python Logging: https://docs.python.org/3/library/logging.html -.. _Airship Docs: https://airship-docs.readthedocs.org -.. _Airship Treasuremap: https://opendev.org/airship/treasuremap/ diff --git a/manifests/common/creds.sh b/manifests/common/creds.sh deleted file mode 100644 index 1550a194..00000000 --- a/manifests/common/creds.sh +++ /dev/null @@ -1,56 +0,0 @@ -#!/bin/bash -# -# Copyright 2018 AT&T Intellectual Property. All other rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Credentials that can be exported to work with Shipyard. -# To set your environment variables to the values in this script, run using: -# source creds.sh -# - -SHIPYARD_KEYSTONE_PASSWORD=$(awk ' -## format we are looking for: -#schema: deckhand/Passphrase/v1 -#metadata: -# schema: metadata/Document/v1 -# name: ucp_shipyard_keystone_password -# layeringDefinition: -# abstract: false -# layer: site -# storagePolicy: cleartext -#data: password18 - /^schema: deckhand\/Passphrase\/v1/ { - getline - getline - getline - if ($2=="ucp_shipyard_keystone_password") { - getline - getline - getline - getline - getline - print $2 - exit - } - else { - getline - } -}' deployment_files.yaml) - -export OS_USER_DOMAIN_NAME=default -export OS_PROJECT_DOMAIN_NAME=default -export OS_PROJECT_NAME=service -export OS_USERNAME=shipyard -export OS_PASSWORD="${SHIPYARD_KEYSTONE_PASSWORD}" -export OS_AUTH_URL=http://keystone.ucp.svc.cluster.local:80/v3 diff --git a/manifests/common/deploy-airship.sh b/manifests/common/deploy-airship.sh deleted file mode 100755 index 95a1ddf3..00000000 --- a/manifests/common/deploy-airship.sh +++ /dev/null @@ -1,491 +0,0 @@ -#!/bin/bash -# -# Copyright 2018 AT&T Intellectual Property. All other rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -############################################################################### -# # -# Set up and deploy an Airship environment for development/testing purposes. # -# Many of the defaults and sources used here are NOT production ready, and # -# this should not be used as a copy/paste source for any production use. # -# # -############################################################################### - -set -x - -# IMPORTANT: -# If the directory for airship-in-a-bottle is already cloned into $WORKSPACE, -# it will not be re-cloned. This can be used to set up different tests, like -# changing the versions and contents of the design before running this script - -# The last step to run through in this script. Valid Values are "collect", -# "genesis", "deploy", and "demo". By default this will run through to the end -# of the genesis steps -LAST_STEP_NAME=${1:-"genesis"} - -if [[ ${LAST_STEP_NAME} == "collect" ]]; then - STEP_BREAKPOINT=10 -elif [[ ${LAST_STEP_NAME} == "genesis" ]]; then - STEP_BREAKPOINT=20 -elif [[ ${LAST_STEP_NAME} == "deploy" ]]; then - STEP_BREAKPOINT=30 -elif [[ ${LAST_STEP_NAME} == "demo" ]]; then - STEP_BREAKPOINT=40 -else - STEP_BREAKPOINT=20 -fi - -# The directory that will contain the copies of designs and repos from this script -export WORKSPACE=${WORKSPACE:-"/root/deploy"} - -# The site to deploy -TARGET_SITE=${TARGET_SITE:-"dev"} - -# Setup blank defaults for proxy variables -http_proxy=${http_proxy:-""} -https_proxy=${https_proxy:-""} -no_proxy=${no_proxy:-""} - -# The host name for the single-node deployment. e.g.: 'genesis' -SHORT_HOSTNAME=${SHORT_HOSTNAME:-""} -# The host ip for this single-node deployment. e.g.: '10.0.0.9' -HOSTIP=${HOSTIP:-""} -# The cidr for the network for the host. e.g.: '10.0.0.0/24' -HOSTCIDR=${HOSTCIDR:-""} -# The interface on the host/genesis node. e.g.: 'ens3' -NODE_NET_IFACE=${NODE_NET_IFACE:-""} -# Allowance for Genesis/Armada to settle in seconds: -POST_GENESIS_DELAY=${POST_GENESIS_DELAY:-60} - - -# Repositories -AIRSHIP_IN_A_BOTTLE_REPO=${AIRSHIP_IN_A_BOTTLE_REPO:-"https://opendev.org/airship/airship-in-a-bottle"} -AIRSHIP_IN_A_BOTTLE_REFSPEC=${AIRSHIP_IN_A_BOTTLE_REFSPEC:-""} -PEGLEG_REPO=${PEGLEG_REPO:-"https://opendev.org/airship/pegleg.git"} -PEGLEG_REFSPEC=${PEGLEG_REFSPEC:-""} -SHIPYARD_REPO=${SHIPYARD_REPO:-"https://opendev.org/airship/shipyard.git"} -SHIPYARD_REFSPEC=${SHIPYARD_REFSPEC:-""} - -# Images -# TODO(bryan-strassner) refit to use master Pegleg -PEGLEG_IMAGE=${PEGLEG_IMAGE:-"quay.io/airshipit/pegleg:ac6297eae6c51ab2f13a96978abaaa10cb46e3d6"} -PROMENADE_IMAGE=${PROMENADE_IMAGE:-"quay.io/airshipit/promenade:master"} - -# Command shortcuts -PEGLEG=${WORKSPACE}/pegleg/tools/pegleg.sh - -function check_preconditions() { - set +x - fail=false - if ! [ $(id -u) = 0 ] ; then - echo "Please execute this script as root!" - fail=true - fi - if [ -z ${HOSTIP} ] ; then - echo "The HOSTIP variable must be set. E.g. 10.0.0.9" - fail=true - fi - if [ -z ${SHORT_HOSTNAME} ] ; then - echo "The SHORT_HOSTNAME variable must be set. E.g. testvm1" - fail=true - fi - if [ -z ${HOSTCIDR} ] ; then - echo "The HOSTCIDR variable must be set. E.g. 10.0.0.0/24" - fail=true - fi - if [ -z ${NODE_NET_IFACE} ] ; then - echo "The NODE_NET_IFACE variable must be set. E.g. ens3" - fail=true - fi - if [[ -z $(grep $SHORT_HOSTNAME /etc/hosts | grep $HOSTIP) ]] - then - echo "No /etc/hosts entry found for $SHORT_HOSTNAME. Please add one." - fail=true - fi - if [ $fail = true ] ; then - echo "Preconditions failed" - exit 1 - fi - set -x -} - -function setup_workspace() { - # Setup workspace directories - mkdir -p ${WORKSPACE}/collected - mkdir -p ${WORKSPACE}/genesis - # Open permissions for output from Promenade - chmod -R 777 ${WORKSPACE}/genesis -} - -function configure_docker() { - if [[ ! -z "${https_proxy}" ]] || [[ ! -z "${http_proxy}" ]] - then - echo "Configuring Docker to use a proxy..." - mkdir -p /etc/systemd/system/docker.service.d/ - cat << EOF > /etc/systemd/system/docker.service.d/http-proxy.conf -[Service] -Environment="HTTP_PROXY=${http_proxy}" -Environment="HTTPS_PROXY=${https_proxy}" -Environment="NO_PROXY=${no_proxy}" -EOF - systemctl daemon-reload - systemctl restart docker - fi -} - -function configure_apt() { - if [[ ! -z "${https_proxy}" ]] || [[ ! -z "${http_proxy}" ]] - then - echo "Configuring apt to use a proxy..." - mkdir -p /etc/apt/ - cat << EOF > /etc/apt/apt.conf -Acquire::http::proxy "${http_proxy}"; -Acquire::https::proxy "${https_proxy}"; -EOF - fi -} - -function get_repo() { - # Setup a repository in the workspace - # - # $1 = name of directory the repo will clone to - # $2 = repository url - # $3 = refspec of repo pull - cd ${WORKSPACE} - if [ ! -d "$1" ] ; then - git clone $2 $1 - if [ -n "$3" ] ; then - pushd $1 - git pull $2 $3 - popd - fi - fi -} - -function setup_repos() { - # Clone and pull the various git repos - # Get pegleg for the script only. Image is separately referenced. - get_repo pegleg ${PEGLEG_REPO} ${PEGLEG_REFSPEC} - # Get airship-in-a-bottle for the design - get_repo airship-in-a-bottle ${AIRSHIP_IN_A_BOTTLE_REPO} ${AIRSHIP_IN_A_BOTTLE_REFSPEC} - # Get Shipyard for use after genesis - get_repo shipyard ${SHIPYARD_REPO} ${SHIPYARD_REFSPEC} -} - -function configure_dev_configurables() { - cat << EOF >> ${WORKSPACE}/airship-in-a-bottle/deployment_files/site/${TARGET_SITE}/deployment/dev-configurables.yaml -data: - hostname: ${SHORT_HOSTNAME} - hostip: ${HOSTIP} - hostcidr: ${HOSTCIDR} - interface: ${NODE_NET_IFACE} - maas-ingress: '192.169.1.5/32' -EOF -} - -function install_dependencies() { - apt -qq update - # Install docker - apt -y install --no-install-recommends docker.io jq nmap -} - -function run_pegleg_collect() { - # Runs pegleg collect to get the documents combined - IMAGE=${PEGLEG_IMAGE} TERM_OPTS="-i" ${PEGLEG} site -p /workspace/airship-in-a-bottle/deployment_files collect ${TARGET_SITE} -s /workspace/collected -} - -function generate_certs() { - # Runs the generation of certs by Promenade and builds bootstrap scripts - # Note: In the really real world, CAs and certs would be provided as part of - # the supplied design. In this dev/test environment, self signed is fine. - # Moves the generated certificates from /genesis to the design, so that a - # Lint can be run - set +x - echo "=== Generating updated certificates ===" - set -x - # Copy the collected yamls into the target for the certs - cp "${WORKSPACE}/collected"/*.yaml ${WORKSPACE}/genesis - - docker run --rm -t \ - -e http_proxy=$http_proxy \ - -e https_proxy=$https_proxy \ - -e no_proxy=$no_proxy \ - -w /target \ - -e PROMENADE_DEBUG=false \ - -v ${WORKSPACE}/genesis:/target \ - ${PROMENADE_IMAGE} \ - promenade \ - generate-certs \ - -o /target \ - $(ls ${WORKSPACE}/genesis) - - # Copy the generated certs back into the deployment_files structure - cp ${WORKSPACE}/genesis/certificates.yaml ${WORKSPACE}/airship-in-a-bottle/deployment_files/site/${TARGET_SITE}/secrets -} - -function lint_design() { - # After the certificates are in the deployment files run a pegleg lint - IMAGE=${PEGLEG_IMAGE} TERM_OPTS="-i" ${PEGLEG} lint -p /workspace/airship-in-a-bottle/deployment_files -} - -function generate_genesis() { - # Generate the genesis scripts - docker run --rm -t \ - -e http_proxy=$http_proxy \ - -e https_proxy=$https_proxy \ - -e no_proxy=$no_proxy \ - -w /target \ - -e PROMENADE_DEBUG=false \ - -v ${WORKSPACE}/genesis:/target \ - ${PROMENADE_IMAGE} \ - promenade \ - build-all \ - -o /target \ - --validators \ - $(ls ${WORKSPACE}/genesis) -} - -function run_genesis() { - # Runs the genesis script that was generated - ${WORKSPACE}/genesis/genesis.sh -} - -function validate_genesis() { - # Vaidates the genesis deployment - ${WORKSPACE}/genesis/validate-genesis.sh -} - -function genesis_complete() { - # Setup kubeconfig - if [ ! -d "$HOME/.kube" ] ; then - mkdir ~/.kube - fi - cp -r /etc/kubernetes/admin/pki ~/.kube/pki - cat /etc/kubernetes/admin/kubeconfig.yaml | sed -e 's/\/etc\/kubernetes\/admin/./' > ~/.kube/config - - set +x - echo "-----------" - echo "Waiting ${POST_GENESIS_DELAY} seconds for Genesis process to settle. This is a good time to grab one more coffee :)" - echo "-----------" - sleep ${POST_GENESIS_DELAY} - echo " " - echo "Genesis complete. " - print_shipyard_info1 - set -x -} - -function print_shipyard_info1() { - SHIPYARD_KEYSTONE_PASS=$(awk '/^data:/ {print $2}' ${WORKSPACE}/airship-in-a-bottle/deployment_files/site/${TARGET_SITE}/secrets/passphrases/ucp_shipyard_keystone_password.yaml) - set +x - # signals that genesis completed - echo " " - echo "The .yaml files in ${WORKSPACE} contain the site design that may be suitable for use with Shipyard. " - echo "The Shipyard Keystone password ${SHIPYARD_KEYSTONE_PASS} may be found in ${WORKSPACE}/airship-in-a-bottle/deployment_files/site/${TARGET_SITE}/secrets/passphrases/ucp_shipyard_keystone_password.yaml" - echo " " - set -x -} - -function setup_deploy_site() { - # creates a directory /${WORKSPACE}/site with all the things necessary to run - # deploy_site - mkdir -p ${WORKSPACE}/site - cp ${WORKSPACE}/airship-in-a-bottle/manifests/common/creds.sh ${WORKSPACE}/site - cp ${WORKSPACE}/genesis/*.yaml ${WORKSPACE}/site - cp ${WORKSPACE}/shipyard/tools/run_shipyard.sh ${WORKSPACE}/site - cp ${WORKSPACE}/shipyard/tools/shipyard_docker_base_command.sh ${WORKSPACE}/site - cp ${WORKSPACE}/shipyard/tools/execute_shipyard_action.sh ${WORKSPACE}/site - print_shipyard_info2 -} -function print_shipyard_info2() { - set +x - echo " " - echo "${WORKSPACE}/site is set up with creds.sh which can be sourced to set up credentials for use in running Shipyard" - echo "${WORKSPACE}/site contains .yaml files that represent the single-node site deployment. (deployment_files.yaml, certificates.yaml)" - echo " " - echo "----------------------------------------------------------------------------------" - echo "The following commands will execute Shipyard to setup and run a deploy_site action" - echo "----------------------------------------------------------------------------------" - echo "cd ${WORKSPACE}/site" - echo "source creds.sh" - echo "./run_shipyard.sh create configdocs design --filename=/home/shipyard/host/deployment_files.yaml" - echo "./run_shipyard.sh create configdocs secrets --filename=/home/shipyard/host/certificates.yaml --append" - echo "./run_shipyard.sh commit configdocs" - echo "./run_shipyard.sh create action deploy_site" - echo " " - echo "-----------" - echo "Other Notes" - echo "-----------" - echo "If you need to run Armada directly to deploy charts (fix something broken?), the following may be of use:" - echo "export ARMADA_IMAGE=quay.io/airshipit/armada" - echo "docker run -t -v ~/.kube:/armada/.kube -v ${WORKSPACE}/site:/target --net=host \${ARMADA_IMAGE} apply /target/your-yaml.yaml" - echo " " - set -x -} - -function execute_deploy_site() { - set +x - echo " " - echo "This is an automated deployment using Shipyard, running commands noted previously" - echo "Please stand by while Shipyard deploys the site" - echo " " - set -x - #Automate the steps of deploying a site. - cd ${WORKSPACE}/site - source creds.sh - ./run_shipyard.sh create configdocs design --filename=/home/shipyard/host/deployment_files.yaml - ./run_shipyard.sh create configdocs secrets --filename=/home/shipyard/host/certificates.yaml --append - ./run_shipyard.sh commit configdocs - # set variables used in execute_shipyard_action.sh - export max_shipyard_count=${max_shipyard_count:-60} - export shipyard_query_time=${shipyard_query_time:-90} - # monitor the execution of deploy_site - bash execute_shipyard_action.sh 'deploy_site' -} - -function execute_create_heat_stack() { - # TODO: (bryan-strassner) prevent this running unless we're running from a - # compatible site defintion that includes OpenStack - set +x - echo " " - echo "Performing basic sanity checks by creating heat stacks" - echo " " - set -x - # Switch to directory where the script is located - cd ${WORKSPACE}/airship-in-a-bottle/manifests/dev_single_node - bash test_create_heat_stack.sh -} - -function publish_horizon_dashboard() { - kubectl -n openstack expose service/horizon-int --type=NodePort --name=horizon-dashboard -} - -function print_dashboards() { - AIRFLOW_PORT=$(kubectl -n ucp get service airflow-web-int -o jsonpath="{.spec.ports[0].nodePort}") - HORIZON_PORT=$(kubectl -n openstack get service horizon-dashboard -o jsonpath="{.spec.ports[0].nodePort}") - MAAS_PORT=$(kubectl -n ucp get service maas-region-ui -o jsonpath="{.spec.ports[0].nodePort}") - MASS_PASS=$(awk '/^data:/ {print $2}' ${WORKSPACE}/airship-in-a-bottle/deployment_files/site/${TARGET_SITE}/secrets/passphrases/ucp_maas_admin_password.yaml) - set +x - echo " " - echo "OpenStack Horizon dashboard is available on this host at the following URL:" - echo " " - echo " http://${HOSTIP}:${HORIZON_PORT}" - echo " " - # TODO: (roman_g) can we source it from somewhere? - echo "Credentials:" - echo " Domain: default" - echo " Username: admin" - echo " Password: password" - echo " " - echo "OpenStack CLI commands could be launched via \`./run_openstack_cli.sh\` script, e.g.:" - echo " # cd ${WORKSPACE}/airship-in-a-bottle/manifests/dev_single_node" - echo " # ./run_openstack_cli.sh stack list" - echo " ..." - echo " " - echo "Other dashboards:" - echo " " - echo " MAAS: http://${HOSTIP}:${MAAS_PORT}/MAAS/ admin/${MASS_PASS}" - echo " Airship Shipyard Airflow DAG: http://${HOSTIP}:${AIRFLOW_PORT}/" - echo " " - echo "Airship itself does not have a dashboard." - echo " " - # TODO: (roman_g) endpoints.yaml path below does not seem to be a reliable location - echo "Other endpoints and credentials are listed in the following locations:" - echo " ${WORKSPACE}/airship-in-a-bottle/deployment_files/global/v1.0${TARGET_SITE}/software/config/endpoints.yaml" - echo " ${WORKSPACE}/airship-in-a-bottle/deployment_files/site/${TARGET_SITE}/secrets/passphrases/" - echo "Exposed ports of services can be listed with the following command:" - echo " # kubectl get services --all-namespaces | grep -v ClusterIP" - echo " ..." - echo " " - set -x -} - -function your_next_steps() { - set +x - echo " " - echo "---------------------------------------------------------------" - echo " " - echo "Airship has completed deployment of OpenStack (OpenStack-Helm)." - echo " " - echo "Explore Airship Treasuremap repository and documentation" - echo "available at the following URLs:" - echo " " - echo " https://opendev.org/airship/treasuremap/" - echo " https://airship-treasuremap.readthedocs.io/" - echo " " - echo "---------------------------------------------------------------" - echo " " - set -x -} - -function clean() { - # Perform any cleanup of temporary or unused artifacts - set +x - echo "To remove files generated during this script's execution, delete ${WORKSPACE}." - echo "This VM is disposable. Re-deployment in this same VM will lead to unpredictable results." - set -x -} - -function error() { - # Processes errors - set +x - echo "Error when $1." - set -x - exit 1 -} - -trap clean EXIT - - -# Common steps for all breakpoints specified -check_preconditions || error "checking for preconditions" -configure_apt || error "configuring apt behind proxy" -setup_workspace || error "setting up workspace directories" -setup_repos || error "setting up Git repos" -configure_dev_configurables || error "adding dev-configurables values" -install_dependencies || error "installing dependencies" -configure_docker || error "configuring docker behind proxy" - -# collect -if [[ ${STEP_BREAKPOINT} -ge 10 ]]; then - echo "This is a good time to grab a coffee :)" - run_pegleg_collect || error "running pegleg collect" -fi - -# genesis -if [[ ${STEP_BREAKPOINT} -ge 20 ]]; then - generate_certs || error "setting up certs with Promenade" - # Temporarially disabled until lint_design works with a single node. - # lint_design || error "linting the design" - generate_genesis || error "generating genesis" - run_genesis || error "running genesis" - validate_genesis || error "validating genesis" - genesis_complete || error "printing out some info about next steps" - setup_deploy_site || error "preparing the /site directory for deploy_site" -fi - -# deploy -if [[ ${STEP_BREAKPOINT} -ge 30 ]]; then - execute_deploy_site || error "executing deploy_site from the /site directory" -fi - -# demo -if [[ ${STEP_BREAKPOINT} -ge 40 ]]; then - execute_create_heat_stack || error "creating heat stack" - publish_horizon_dashboard || error "publishing Horizon dashboard" - print_shipyard_info1 - print_shipyard_info2 - print_dashboards || error "printing dashboards list" - ## Done - your_next_steps -fi diff --git a/manifests/dev_minimal/README.txt b/manifests/dev_minimal/README.txt deleted file mode 100644 index dc9551d7..00000000 --- a/manifests/dev_minimal/README.txt +++ /dev/null @@ -1,113 +0,0 @@ -# Copyright 2018 AT&T Intellectual Property. All other rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -dev_minimal -=========== - -Sets up and deploys an instance of Airship using the images pinned in the -versions file of the targeted deployment_files based site definitions (dev). -versions file: deployment_files/global/v1.0dev/software/config/versions.yaml - -Running ../common/deploy_airship.sh will download and build into the -/root/deploy directory. - -Proxy Configuration -------------------- - -Configuration in this section is needed only if running the deployment -behind a corporate proxy. - -1) Update the /etc/environment file, and append your proxy configurtion there. - Then you will need to source the /etc/environment to set the proxy environment. - For instance, you will need to add following lines in the - /etc/environment file, and then source it: - - export http_proxy="your.proxy.address:port" - export https_proxy="your.proxy.address:port" - export no_proxy=".foo.com,.cluster.local,localhost,127.0.0.0/8,10.0.0.0/24" - export HTTP_PROXY="http://your.proxy.address:port" - export HTTPS_PROXY="http://your.proxy.address:port" - export NO_PROXY=".foo.com,.cluster.local,localhost,127.0.0.0/8,10.0.0.0/24" - -2) Update the file deployment_files/site/dev-proxy/networks/common-addresses.yaml - to specify your proxy server and appropriate no_proxy list. In this file, - also update the dns list, and add your corporate name servers to the - dns list. This is done for name resolution of internal corporate - addresses behind the proxy. -3) Change set-env.sh to use TARGET_SITE of 'dev-proxy'. -4) Update "charts" section in deployment_files/global/v1.0dev/software/config/versions.yaml - file, every chart should include "proxy_server" parameter with proxy configuration. - For example: - - armada: - type: git - location: https://opendev.org/airship/armada - subpath: charts/armada - reference: 709eb9ec9b78b76fd18b817ae6c7a32221e9d0c4 - proxy_server: http://your.proxy.address:port - -Process -------- -1) Set up a VM with at least 4 cores and 12GB of memeory. 8 core/16GB is - recommended. 32GB of disk is enough, use more if you plan on doing any - extended use. -2) Become root. All the commands are run as root. -3) Update etc/hosts with IP/Hostname of your VM. e.g. 10.0.0.15 testvm1. -4) go to /root/deploy and clone airship-in-a-bottle. Switch to a target - patchset if needed - 4a) If you use a directory other than /root/deploy, /root/deploy will be - created, and airship-in-a-bottle will be re-cloned there. (Technically - /root/${WORKSPACE}) -5) cd into /root/deploy/airship-in-a-bottle/manifests/dev_minimal -6) Update the set-env.sh with the hostname and ip on the appropriate lines. -7) source set-env.sh -8) ../common/deploy-airship.sh -You may sepecify a target point to stop the deployment by using an argument of -"collect", "genesis", or "deploy" to the deploy_airship.sh. It will -default to "genesis". The "demo" value that is supported will not work with -the dev_minimal site definition. - -Next Steps ----------- -Assuming a target breakpoint of "genesis" or "deploy", all of the documents -used for a subsequent deploy_site action are now placed into the -/root/deploy/site directory for ease of use - instructions are -provided by the script at the end of a successful genesis process. - -A script: "creds.sh" is copied into the /root/deploy/site -directory that can be sourced to set environment variables that will enable -Keystone authorization to use for running Shipyard. - -Example: - -. creds.sh - -Other files located in /root/deploy/site: -run_shipyard.sh - runs a container to execute the CLI for Shipyard -certificates.yaml - the certificates generated automatically during this - deployment -deployment_files.yaml - the files used during a deploy_site or update_site - action in Shipyard. - -Example: - -cd /root/deploy/site -. creds.sh -./run_shipyard.sh create configdocs design --filename=/home/shipyard/host/deployment_files.yaml -./run_shipyard.sh create configdocs secrets --filename=/home/shipyard/host/certificates.yaml --append -./run_shipyard.sh commit configdocs - -Optionally, if you wish to deploy the loaded configdocs: - -./run_shipyard.sh create action deploy_site diff --git a/manifests/dev_minimal/set-env.sh b/manifests/dev_minimal/set-env.sh deleted file mode 100644 index 47e92655..00000000 --- a/manifests/dev_minimal/set-env.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# -# Copyright 2018 AT&T Intellectual Property. All other rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -############################################################################### -# # -# Example environment customization # -# # -############################################################################### - -# For use with most lab VMs, the first 4 values are probably the most -# frequently changed - -# The hostname for the genesis node -export SHORT_HOSTNAME=testvm1 -# The IP address of the genesis node -export HOSTIP=10.0.0.9 -# The CIDR of the network for the genesis node -export HOSTCIDR=10.0.0.0/24 -# The network interface on the genesis node -export NODE_NET_IFACE=ens3 - -# Repositories -# export AIRSHIP_IN_A_BOTTLE_REPO="https://opendev.org/airship/airship-in-a-bottle" -# export AIRSHIP_IN_A_BOTTLE_REFSPEC="" -# export PEGLEG_REPO="https://opendev.org/airship/pegleg.git" -# export PEGLEG_REFSPEC="" -# export SHIPYARD_REPO="https://opendev.org/airship/shipyard.git" -# export SHIPYARD_REFSPEC="" - -# Images -# export PEGLEG_IMAGE="quay.io/airshipit/pegleg:latest" -# export PROMENADE_IMAGE="quay.io/airshipit/promenade:latest" - -# The directory that will contain the copies of designs and repos from this script -# export WORKSPACE="/root/deploy" - -# The site to deploy -export TARGET_SITE="dev" -# If running behind a proxy -# export TARGET_SITE="dev-proxy" diff --git a/manifests/dev_single_node/README.txt b/manifests/dev_single_node/README.txt deleted file mode 100644 index fc24ca51..00000000 --- a/manifests/dev_single_node/README.txt +++ /dev/null @@ -1,32 +0,0 @@ -# Copyright 2018 AT&T Intellectual Property. All other rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -dev_single_node, an Airship Demonstration -========================================= - -Use the airship-in-a-bottle.sh script to automatically deploy a demonstration -version of Airship. It will attempt to detect the required environment settings -and deploy an instance of Airship, including running a demo instance of -OpenStack (using OpenStack Helm), and creating a simple Virtual Machine. - -This demonstration uses the images pinned in the versions file of the targeted -deployment_files based site definitions: -deployment_files/global/v1.0demo/software/config/versions.yaml - -By default, files will be downloaded into and built in the /root/deploy -directory of the virtual machine being used to install this demo. - -Note that this process will result in the contents of the VM to be modified -outside of that directory, and the VM should be intended to be discarded after -demo use. diff --git a/manifests/dev_single_node/airship-in-a-bottle.sh b/manifests/dev_single_node/airship-in-a-bottle.sh deleted file mode 100755 index fa2504fb..00000000 --- a/manifests/dev_single_node/airship-in-a-bottle.sh +++ /dev/null @@ -1,163 +0,0 @@ -#!/bin/bash -# -# Copyright 2018 AT&T Intellectual Property. All other rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -############################################################################### -# # -# Set up and deploy an Airship environment for demonstration purposes. # -# Many of the defaults and sources used here are NOT production ready, and # -# this should not be used as a copy/paste source for any production use. # -# # -############################################################################### - -usage () -{ - echo "Usage: $(basename $0) {-y|-h}" 1>&2 - echo " -y don't ask questions, trust autodetection" 1>&2 - echo " -h this help" 1>&2 -} -# See how we were called. -case "$1" in - "" ) ;; - "-y" ) ASSUME_YES=1;; - "-h"|* ) usage; exit 1;; -esac - -echo "" -echo "Welcome to Airship in a Bottle" -echo "" -echo " /--------------------\\" -echo "| \\" -echo "| |---| \\----" -echo "| | x | \\" -echo "| |---| |" -echo "| | /" -echo "| \____|____/ /----" -echo "| /" -echo " \--------------------/" -echo "" -echo "" -echo "A prototype example of deploying the Airship suite on a single VM." -echo "" -sleep 1 -echo "" -echo "This example will run through:" -echo " - Setup" -echo " - Genesis of Airship (Kubernetes)" -echo " - Basic deployment of Openstack (including Nova, Neutron, and Horizon using Openstack Helm)" -echo " - VM creation automation using Heat" -echo "" -echo "The expected runtime of this script is greater than 1 hour" -echo "" -sleep 1 -echo "" -echo "The minimum recommended size of the Ubuntu 16.04 VM is 4 vCPUs, 20GB of RAM with 32GB disk space." -CPU_COUNT=$(grep -c processor /proc/cpuinfo) -RAM_TOTAL=$(awk '/MemTotal/ {print $2}' /proc/meminfo) -# Blindly assume that all storage on this VM is under root FS -DISK_SIZE=$(df --output=source,size / | awk '/dev/ {print $2}') -source /etc/os-release -if [[ $CPU_COUNT -lt 4 || $RAM_TOTAL -lt 20000000 || $DISK_SIZE -lt 30000000 || $NAME != "Ubuntu" || $VERSION_ID != "16.04" ]]; then - echo "Error: minimum VM recommendations are not met. Exiting." - exit 1 -fi -if [[ $(id -u) -ne 0 ]]; then - echo "Please execute this script as root!" - exit 1 -fi -sleep 1 -echo "Let's collect some information about your VM to get started." -sleep 1 - -# IP and Hostname setup -get_local_ip () -{ - ip addr | awk "/inet/ && /${HOST_IFACE}/{sub(/\/.*$/,\"\",\$2); print \$2}" -} -HOST_IFACE=$(ip route | grep "^default" | head -1 | awk '{ print $5 }') -LOCAL_IP=$(get_local_ip) - -if [[ $ASSUME_YES -ne 1 ]]; then - read -p "Is your HOST IFACE $HOST_IFACE? (Y/n) " YN_HI - if [[ ! "$YN_HI" =~ ^([yY]|"")$ ]]; then - read -p "What is your HOST IFACE? " HOST_IFACE - fi - LOCAL_IP=$(get_local_ip) - - read -p "Is your LOCAL IP $LOCAL_IP? (Y/n) " YN_IP - if [[ ! "$YN_IP" =~ ^([yY]|"")$ ]]; then - read -p "What is your LOCAL IP? " LOCAL_IP - fi -fi - -# Shells out to get the hostname for the single-node deployment to avoid some -# config conflicts -set -x -export SHORT_HOSTNAME=$(hostname -s) -set +x - -# Updates the /etc/hosts file -HOSTS="${LOCAL_IP} ${SHORT_HOSTNAME}" -HOSTS_REGEX="${LOCAL_IP}.*${SHORT_HOSTNAME}" -if grep -q "$HOSTS_REGEX" "/etc/hosts"; then - echo "Not updating /etc/hosts, entry ${HOSTS} already exists." -else - echo "Updating /etc/hosts with: ${HOSTS}" - cat << EOF | tee -a /etc/hosts -$HOSTS -EOF -fi - -# x/32 will work for CEPH in a single node deploy. -CIDR="$LOCAL_IP/32" - -# Variable setup -set -x -# The IP address of the genesis node -export HOSTIP=$LOCAL_IP -# The CIDR of the network for the genesis node -export HOSTCIDR=$CIDR -# The network interface on the genesis node -export NODE_NET_IFACE=$HOST_IFACE - -export TARGET_SITE="demo" -set +x - -# Changes DNS servers in common-addresses.yaml to the system's DNS servers -get_dns_servers () -{ - if hash nmcli 2>/dev/null; then - nmcli dev show | awk '/IP4.DNS/ {print $2}' | xargs - else - cat /etc/resolv.conf | awk '/nameserver/ {print $2}' | xargs - fi -} - -if grep -q "10.96.0.10" "/etc/resolv.conf"; then - echo "Not changing DNS servers, /etc/resolv.conf already updated." -else - DNS_CONFIG_FILE="../../deployment_files/site/$TARGET_SITE/networks/common-addresses.yaml" - declare -a DNS_SERVERS=($(get_dns_servers)) - NS1=${DNS_SERVERS[0]:-8.8.8.8} - NS2=${DNS_SERVERS[1]:-$NS1} - echo "Using DNS servers $NS1 and $NS2." - sed -i "s/8.8.8.8/$NS1/" $DNS_CONFIG_FILE - sed -i "s/8.8.4.4/$NS2/" $DNS_CONFIG_FILE -fi - -echo "" -echo "Starting Airship deployment..." -sleep 1 -../common/deploy-airship.sh demo diff --git a/manifests/dev_single_node/test_create_heat_stack.sh b/manifests/dev_single_node/test_create_heat_stack.sh deleted file mode 100755 index 98193ffb..00000000 --- a/manifests/dev_single_node/test_create_heat_stack.sh +++ /dev/null @@ -1,94 +0,0 @@ -#!/bin/bash -# Copyright 2018 AT&T Intellectual Property. All other rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -set -e - -# External subnet is local to the environment and generally can be anything -# other then clash with default all-in-one OSH setup that uses 127.24.4.0/24 -export OSH_BR_EX_ADDR="172.24.8.1/24" -export OSH_EXT_SUBNET="172.24.8.0/24" - -# Install curl if it's not already installed -apt -y install --no-install-recommends curl - -# Copy run_openstack_cli and openstack_cli_docker_base_command script to dev_single_node directory -cp /root/deploy/airship-in-a-bottle/tools/run_openstack_cli.sh /root/deploy/airship-in-a-bottle/manifests/dev_single_node/ -cp /root/deploy/airship-in-a-bottle/tools/openstack_cli_docker_base_command.sh /root/deploy/airship-in-a-bottle/manifests/dev_single_node/ - -# Change to the dev_single_node directory -cd /root/deploy/airship-in-a-bottle/manifests/dev_single_node - -printf "\nCreating KeyPair\n" -env -i ./run_openstack_cli.sh keypair create heat-vm-key > id_rsa -chmod 600 id_rsa - -printf "Downloading heat-public-net-deployment.yaml\n" -curl -LO https://raw.githubusercontent.com/openstack/openstack-helm/master/tools/gate/files/heat-public-net-deployment.yaml - -printf "Creating public-net Heat Stack\n" -env -i ./run_openstack_cli.sh stack create --wait \ - --parameter subnet_cidr=${OSH_EXT_SUBNET} \ - --parameter subnet_gateway=${OSH_BR_EX_ADDR%/*} \ - -t heat-public-net-deployment.yaml \ - public-net - -printf "Downloading heat-basic-vm-deployment.yaml\n" -curl -LO https://raw.githubusercontent.com/openstack/openstack-helm/master/tools/gate/files/heat-basic-vm-deployment.yaml - -printf "Creating test-stack-01\n" -env -i ./run_openstack_cli.sh stack create -t heat-basic-vm-deployment.yaml test-stack-01 --wait - -printf "Heat Stack List\n" -env -i ./run_openstack_cli.sh stack list - -printf "Nova Server List\n" -env -i ./run_openstack_cli.sh server list - -FLOATING_IP=$(env -i ./run_openstack_cli.sh stack output show \ - test-stack-01 \ - floating_ip \ - -f value -c output_value) - -printf "Configuring required network settings\n" -sudo ip addr add ${OSH_BR_EX_ADDR} dev br-ex -sudo ip link set br-ex up -sudo iptables -P FORWARD ACCEPT -DEFAULT_ROUTE_DEV="$(sudo ip -4 route list 0/0 | awk '{ print $5; exit }')" -sudo iptables -t nat -A POSTROUTING -o ${DEFAULT_ROUTE_DEV} -s ${OSH_EXT_SUBNET} -j MASQUERADE - -function wait_for_ssh_port { - # Default wait timeout is 300 seconds - set +x - end=$(date +%s) - if ! [ -z $2 ]; then - end=$((end + $2)) - else - end=$((end + 300)) - fi - while true; do - # Use Nmap as its the same on Ubuntu and RHEL family distros - nmap -Pn -p22 $1 | awk '$1 ~ /22/ {print $2}' | grep -q 'open' && \ - break || true - sleep 1 - now=$(date +%s) - [ $now -gt $end ] && echo "Could not connect to $1 port 22 in time" && exit -1 - done - set -x -} -wait_for_ssh_port $FLOATING_IP - -install -m 0700 -d ~/.ssh -ssh-keyscan "${FLOATING_IP}" >> ~/.ssh/known_hosts -printf "The test VM is accessible via SSH: ssh -i id_rsa cirros@${FLOATING_IP}\n" diff --git a/tools/gate/playbooks/zuul-linter.yaml b/tools/gate/playbooks/zuul-linter.yaml deleted file mode 100644 index bf216574..00000000 --- a/tools/gate/playbooks/zuul-linter.yaml +++ /dev/null @@ -1,30 +0,0 @@ -# Copyright 2017 The Openstack-Helm Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -- hosts: primary - tasks: - - name: Execute a Whitespace Linter check - command: find . -not -path "*/\.*" -not -path "*/doc/build/*" -not -name "*.tgz" -type f -exec egrep -ln " +$" {} \; - register: result - failed_when: result.stdout != "" - - name: Install shellcheck - apt: - name: "shellcheck" - become: true - - name: Execute Shellcheck Against Framework Scripts - command: find ./tools -type f -name '*.sh' -exec shellcheck -e SC1090 {} \; - args: - chdir: "{{ zuul.project.src_dir }}" - register: result - failed_when: result.stdout != "" diff --git a/tools/multi_nodes_gate/README.md b/tools/multi_nodes_gate/README.md deleted file mode 100644 index e139fd0b..00000000 --- a/tools/multi_nodes_gate/README.md +++ /dev/null @@ -1,6 +0,0 @@ -# This repository is no longer used - -All deployment scripts have been moved to the -[airship/treasuremap](https://opendev.org/airship/treasuremap/src/branch/master/tools/deployment/seaworthy-virt) -repository. You can check git history on this repository to retrieve old -contents. diff --git a/tools/openstack_cli_docker_base_command.sh b/tools/openstack_cli_docker_base_command.sh deleted file mode 100755 index 44a14df2..00000000 --- a/tools/openstack_cli_docker_base_command.sh +++ /dev/null @@ -1,44 +0,0 @@ -#!/bin/bash -# Copyright 2018 AT&T Intellectual Property. All other rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -set -e - -# Define Variables -# -# NOTE: User will need to set up the required environment variables -# before executing this script if they differ from the default values. -# -NAMESPACE="${NAMESPACE:-openstack}" - -# Define Base Docker Command -base_docker_command=$(cat << EndOfCommand -sudo docker run -t --rm --net=host --e http_proxy=${HTTP_PROXY} --e https_proxy=${HTTPS_PROXY} --e no_proxy=${NO_PROXY} --e OS_AUTH_URL=${OS_AUTH_URL:-http://keystone.${NAMESPACE}.svc.cluster.local:80/v3} --e OS_USERNAME=${OS_USERNAME:-admin} --e OS_USER_DOMAIN_NAME=${OS_USER_DOMAIN_NAME:-default} --e OS_PASSWORD=${OS_PASSWORD:-password} --e OS_PROJECT_DOMAIN_NAME=${OS_PROJECT_DOMAIN_NAME:-default} --e OS_PROJECT_NAME=${OS_PROJECT_NAME:-admin} --e OS_REGION_NAME=${OS_REGION_NAME:-RegionOne} --e OS_IDENTITY_API_VERSION=${OS_IDENTITY_API_VERSION:-3} --w /host/$(pwd) --v /:/host:rshared -EndOfCommand -) - -export base_docker_command diff --git a/tools/run_openstack_cli.sh b/tools/run_openstack_cli.sh deleted file mode 100755 index 75a267f3..00000000 --- a/tools/run_openstack_cli.sh +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/bash -# Copyright 2018 AT&T Intellectual Property. All other rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -set -e - -# Define variables -COMMAND='openstack' -OPENSTACK_CLI_IMAGE="${OPENSTACK_CLI_IMAGE:-docker.io/openstackhelm/heat:ocata}" - -# Get the path of the directory where the script is located -# Source Base Docker Command -DIR="$(dirname "${BASH_SOURCE[0]}")" -# shellcheck disable=SC1091 -cd "${DIR}" && source openstack_cli_docker_base_command.sh - -# Execute OpenStack CLI -# shellcheck disable=SC2154 -${base_docker_command} "${OPENSTACK_CLI_IMAGE}" "${COMMAND}" "$@" diff --git a/tox.ini b/tox.ini deleted file mode 100644 index a71d469e..00000000 --- a/tox.ini +++ /dev/null @@ -1,14 +0,0 @@ -[tox] -# Allows docs to be built without setup.py having to exist. Requires that -# usedevelop be False as well (which it is by default). -skipsdist = True - -[testenv] -whitelist_externals = rm - -[testenv:docs] -basepython = python3 -deps = -r{toxinidir}/doc/requirements.txt -commands = - rm -rf doc/build - sphinx-build -W -b html doc/source doc/build/html