Deprecate airship-in-a-bottle

Change-Id: Iabd48994f97a7c58fe902216f831f51cb72115f0
This commit is contained in:
Roman Gorshunov 2020-04-15 10:54:01 +02:00
parent b69fac2d0d
commit 969b27c95a
276 changed files with 10 additions and 18634 deletions

9
.github/SECURITY.md vendored
View File

@ -1,9 +0,0 @@
# Security Policy
## Reporting a Vulnerability
The Airship community is committed to expediently confirming, resolving, and
disclosing all reported security vulnerabilities. To report a security
vulnerabillity, please refer to our [vulnerability management process][1].
[1]: https://airship-docs.readthedocs.io/en/latest/security/vulnerabilities.html

10
.gitignore vendored
View File

@ -1,10 +0,0 @@
# Sphinx documentation
doc/_build/
doc/build/
.tox
# OSX folder settings files
.DS_Store
# Other
.vagrant/

View File

@ -1,98 +0,0 @@
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- project:
templates:
- docs-on-readthedocs
vars:
rtd_webhook_id: '38573'
rtd_project_name: 'airshipit'
check:
jobs:
- airship-in-a-bottle-linter
gate:
jobs:
- airship-in-a-bottle-linter
post:
jobs:
- airship-in-a-bottle-upload-git-mirror
- nodeset:
name: airship-integration-single-node
nodes:
- name: primary
label: ubuntu-bionic
- job:
name: airship-in-a-bottle-linter
run: tools/gate/playbooks/zuul-linter.yaml
nodeset: airship-integration-single-node
- job:
name: airship-in-a-bottle-upload-git-mirror
parent: upload-git-mirror
description: Mirrors airship/in-a-bottle to airshipit/airship-in-a-bottle
vars:
git_mirror_repository: airshipit/airship-in-a-bottle
secrets:
- name: git_mirror_credentials
secret: airship-in-a-bottle-airshipit-github-secret
pass-to-parent: true
- secret:
name: airship-in-a-bottle-airshipit-github-secret
data:
user: git
host: github.com
host_key: github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==
ssh_key: !encrypted/pkcs1-oaep
- G7vSue9nRd4lCtNCSmg4NR4ZG34tyvUeURQkk0JGa98zYC+RDFlrSewg+7paYyf/8b+Jb
P2BlnoyyHeJeQ1P+pf9ifElL3iKS7GBk6GALHuwMxZX5rAKVndLeGDn3+aGpLqPmv68uE
o1TPStHSGMZvypo0qbZJP5B9ao1t88K+DPp4q4ym4AkW7ErQ30YvZ+8rtPF7srN0hsGtZ
8HU3LZbGn9EjlF2HP2n2j9QL2yVOFG2m3U4fO8D76ek7Gk/fB6kPo4d1DTYLKmjfgd/3v
CHh7QiRINIcNu0EOD+i5ODdnyKNjbHQxhKJXd1xCLjNzwPDmeu1QkAZUgSQLD65AtrXa4
Gta0UW2Im7U1/F6Q/6j5EqakshV90F6EuenOGoIJ9ZjDGoNohaTeuY+ri+QwwMeTU/DCX
RYIIuHu3rI/QsQYF3o02uY0dwpGO3YtRPkXN5B74RTObfCNllTSs/N6m1RbQHB+hjoEVp
fN+qk+n1MQGfWJiE5dZFsBQYLiVJhlbC+M/5NjR8pUtcsNlcpqSjuQ+PVYazACYlyJJ4/
59qjXb1Qpk4KOronTQCoYnNU+pxKy8I4hzFWGYJKYS0l8BN39eco1Gqo1hXTl28nxQ+bJ
p5F/UOx3shizH95s+bPNbiBwRoo9sEkhFoSlA1UZxRALflnGgJgXJs2/GEPcPQ=
- izn/asLSpM5n+z1vzegsMpXJl9UY2LqNi5Pyu8nwez/uKG66Ew4eEZf40LyCxaSg+zg8v
kXd+sx9iV0JyGpWUmSZzFmqD6/GVp4/uXrDchb4L+PqX2I+3BCVpQ/EIXVmgFpj1D91oQ
/cccWsgYN/ryLMja4Jq1vVTgCNT9t7LyLXk21TgNfaQwv4Q8YMv6efLb+EHihN+k9UsO6
JkwrwigrL8C3jPuoBHPKxexdTMm40GGk/+DA+wSEtWXlMDea+dk9ZOILfWVaMuUGidOdC
HF9agZqb3rALTlUOVuGGTHYQXAtrgC0CL1AiRZh0upOmtBMIfT5cVCmJBkuNOKyJpQgjq
Ela7r1tiNJ/BS0FdLtG1v2jpHC1dxK7GkLoUsmMITxf8awW9018JcfAGfC7pIGyIokLvs
OWrCDWk5MWW1LkrwciV78TJqVT24uaYGGYePLJ8b17sw2Jm0C54pUJJpYOFHU8D2gg23+
tl5jskCBwU22rOkm7vCfRAg7gtowPqV3HQQDbfH0CXq5XeE8+i/NMa5NWguUWoX+KyCTO
GRx47DPg0HpwDs0yCSsQ60eWi01ozWGQycQTzXI0iCkaQUFsGNV0tqxQYXesVAdhtFcdV
ZL5cRE5vnIVXP7/UFBsYgVpVayr6GSMakJrBGG4QTz+FMuTQVYun/oSjq1NLSs=
- MK7umdAeVLj9FHLrF2NVxp5r1/m6f04c79K53g8ctCtniw9JugbCyL4GXz8N4/G9d624K
XFcL7YNyIAfFgfY5oPmAutw7ygdBFmjHd+h3cGrx5qQTpzqln7qJPi1No7OzSOey3P0Dj
ryLSFHSDBo1kjp8yOvhFDZROK0o3+QEdW0jlFnnnNt3+/Ki5UrRwHkD5r0ZBk1nRdLKKB
ieKNfzyGpgnT5EDaciSoex8UiQhU1mMX9QNpHBoFLKz4gwJE2tqYo/tiF+D92aYtgURN2
UznLWoq+SDzcsjEpRotMsVGI55EjKJ3wpRqJvK3S7RA0/BbIc9j7p8gyoDTdEZ2M5IxRZ
OA5NCV2jdbZVJ85ArUCCaSI+gFBP3cOzJooFnHxlGeKm91a8dEFDgOKVt4b36+hLQ1PUg
ZhIZuA8iLxb2PTV1BsB3f1G+NUFzS8obDF2e+OP1BSSpF/NdqVxN92rZmBt6Uatb68fLm
aEiZyid12k9QmktyaLabFXuABttvJ9xDmLxZlqkkHcFkC/avbRWFwnwqwlXmFU1jlAlgr
FMxbxU13PFw22wQlsex/OZb1TOKTwKKPzkYIChpYSo4UHo2Q3FuIzqc/BoeSwZL7riAp5
w/zeb1Vji9r+xWgxWe13tpFC/CtOtWxkH28COSpjPgdFOj6RU08ZTMyAkHtP8o=
- XmAtvtkHqu5qTwYGIN62GyyY5AqKg+dwD+iv29vCeOE4DE7o30v1fuPk0qBEfRtygohC0
dan+KeZMi+9SpohTK+EgEynb140jnW1WS635G+IrvU1XvKba+AyO6qebmoKvFaNLFJtw5
uNmnGAKQKlyG43UeVyPYyaVEpNhOvo+n1DxgdORTguCW64Fysq1SR4lswGBwpOdPRsq6c
qMY+7adnDEWwpR54BjevUGV45adLyRUIq563oc8vUXRy8JXbMiscFTgsEVf2C+GzYDhJU
06AV3ewAstKps2YHiePYocavLESL0+mLDNS90jIWYiRac0VRpUFuZ6v/RxlO+6zPNpRbm
lGlpG/MR823nmz0YnRw8Px/XflYF49+PDnRXrgRVD8CkM/pWmaFSHDClQElGVczsEJE8v
ieG0MPkCbp058WSQjBgSllLkiG7hvuOUu7PvgQDrC+VhEp54O7cjxQkTN5q+DXlkKZc16
WNWfC0qYhsIjKfYO6vCNzIbjPB0T84cDI1FYCVVVEzn+1YFiI2DyI4lTClt/QDLJGPFJT
xAz5fmUOOeR3bMPrsfCd1t3l6B5bDtPuLDoFIc7SeWB2uqo05FuKRNfgLb1oGC6JTouWW
uk5BHGqmM5TPdeXbLxF58fGDD61VWxzuFgL68CIZcFN9qk/VP1ab6ThSeNc6FM=

201
LICENSE
View File

@ -1,201 +0,0 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "{}"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright {yyyy} {name of copyright owner}
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

View File

@ -1,25 +0,0 @@
# Copyright 2018 AT&T Intellectual Property. All other rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
SHELL = /bin/bash
.PHONY: clean
clean:
rm -rf doc/build
.PHONY: docs
docs: clean build_docs
.PHONY: build_docs
build_docs:
tox -e docs

View File

@ -1,56 +1,13 @@
# Airship in a Bottle This project is no longer maintained.
Airship is a broad integration of several components The contents of this repository are still available in the Git source
enabling an automated, resilient Kubernetes-based infrastructure for hosting code management system. To see the contents of this repository before
Helm-deployed containerized workloads. it reached its end of life, please check out the previous commit with
"git checkout HEAD^1".
Airship is the name for the project formerly known as UCP or the Undercloud For replacement code, please, refer to https://docs.airshipit.org
Platform. (Airship Treasuremap), specifically to one of the sites: Airskiff,
Airsloop, Seaworthy and others.
Find more documentation for Airship in a Bottle on For any further questions, please email
[Read the Docs](https://airshipit.readthedocs.io/). airship-discuss@lists.airshipit.org or join #airshipit on Freenode.
To get started, run the following in a fresh Ubuntu 16.04 VM
(minimum 4vCPU/20GB RAM/32GB disk). This will deploy Airship and Openstack Helm
(OSH):
```
sudo -i
mkdir -p /root/deploy && cd "$_"
git clone https://opendev.org/airship/airship-in-a-bottle
cd /root/deploy/airship-in-a-bottle/manifests/dev_single_node
./airship-in-a-bottle.sh
```
Or, alternatively, if you have Vagrant installed, just run the following
(only libvirt/kvm hypervisor is tested, but vagrant box supports VMware
Desktop/Workstation/Fusion, Parallels, and Hyper-V):
```
curl -O https://opendev.org/airship/airship-in-a-bottle/raw/branch/master/Vagrantfile
vagrant up
```
## Components
### Shipyard
Platform orchestrator for initial deployment, platform updates, and server
redeployments
### Promenade
The bootstrapper for the Kubernetes control plane - both on an initial genesis node
to get a working Kubernetes cluster and for adding additional nodes to the existing
Kubernetes cluster.
### Armada
Provisioner for Helm charts. Provides the capability to override chart values.yaml
items.
### Drydock
The orchestrator for physical asset provisioning (e.g. server deployment).
### Deckhand
YAML design data manager.

87
Vagrantfile vendored
View File

@ -1,87 +0,0 @@
# -*- mode: ruby -*-
# vi: set ft=ruby :
# All Vagrant configuration is done below. The "2" in Vagrant.configure
# configures the configuration version (we support older styles for
# backwards compatibility). Please don't change it unless you know what
# you're doing.
Vagrant.configure("2") do |config|
# The most common configuration options are documented and commented below.
# For a complete reference, please see the online documentation at
# https://docs.vagrantup.com.
# Every Vagrant development environment requires a box. You can search for
# boxes at https://vagrantcloud.com/search.
config.vm.box = "generic/ubuntu1604"
# Disable automatic box update checking. If you disable this, then
# boxes will only be checked for updates when the user runs
# `vagrant box outdated`. This is not recommended.
# config.vm.box_check_update = false
# Create a forwarded port mapping which allows access to a specific port
# within the machine from a port on the host machine. In the example below,
# accessing "localhost:8080" will access port 80 on the guest machine.
# NOTE: This will enable public access to the opened port
# config.vm.network "forwarded_port", guest: 80, host: 8080
# Create a forwarded port mapping which allows access to a specific port
# within the machine from a port on the host machine and only allow access
# via 127.0.0.1 to disable public access
# config.vm.network "forwarded_port", guest: 80, host: 8080, host_ip: "127.0.0.1"
# Create a private network, which allows host-only access to the machine
# using a specific IP.
# config.vm.network "private_network", ip: "192.168.33.10"
# Create a public network, which generally matched to bridged network.
# Bridged networks make the machine appear as another physical device on
# your network.
# config.vm.network "public_network"
# Share an additional folder to the guest VM. The first argument is
# the path on the host to the actual folder. The second argument is
# the path on the guest to mount the folder. And the optional third
# argument is a set of non-required options.
# config.vm.synced_folder "../data", "/vagrant_data"
# Provider-specific configuration so you can fine-tune various
# backing providers for Vagrant. These expose provider-specific options.
# Example for VirtualBox:
#config.vm.provider "virtualbox" do |vb|
# # Display the VirtualBox GUI when booting the machine
# # vb.gui = true
#end
[:virtualbox, :parallels, :libvirt, :hyperv].each do |provider|
config.vm.provider provider do |vplh, override|
vplh.cpus = 4
vplh.memory = 20480
end
end
[:vmware_fusion, :vmware_workstation, :vmware_desktop].each do |provider|
config.vm.provider provider do |vmw, override|
vmw.vmx["memsize"] = "20480"
vmw.vmx["numvcpus"] = "4"
end
end
#
# View the documentation for the provider you are using for more
# information on available options.
# Enable provisioning with a shell script. Additional provisioners such as
# Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the
# documentation for more information about their specific syntax and use.
# config.vm.provision "shell", inline: <<-SHELL
# apt-get update
# apt-get install -y apache2
# SHELL
config.vm.define "n0" do |node|
node.vm.hostname = "n0"
node.vm.provision :shell, inline: <<-SHELL
mkdir /root/deploy
git clone https://opendev.org/airship/airship-in-a-bottle /root/deploy/airship-in-a-bottle
cd /root/deploy/airship-in-a-bottle/manifests/dev_single_node
./airship-in-a-bottle.sh -y
SHELL
end
end

View File

@ -1,10 +0,0 @@
---
schema: deckhand/LayeringPolicy/v1
metadata:
schema: metadata/Control/v1
name: layering-policy
data:
layerOrder:
- global
- type
- site

View File

@ -1,19 +0,0 @@
---
schema: deckhand/DataSchema/v1
metadata:
schema: metadata/Control/v1
name: pegleg/SiteDefinition/v1
data:
$schema: http://json-schema.org/schema#
type: object
properties:
revision:
type: string
pattern: '^v.+$'
site_type:
type: string
required:
- revision
- site_type
additionalProperties: false

View File

@ -1,31 +0,0 @@
---
schema: 'drydock/BootAction/v1'
metadata:
schema: 'metadata/Document/v1'
name: seccomp-profiles
storagePolicy: 'cleartext'
layeringDefinition:
abstract: false
layer: global
substitutions:
- src:
schema: pegleg/SeccompProfile/v1
name: seccomp-default
path: .savePath
dest:
path: .assets[0].path
- src:
schema: pegleg/SeccompProfile/v1
name: seccomp-default
path: .content
dest:
path: .assets[0].data
data:
signaling: false
assets:
- type: file
permissions: '600'
data_pipeline:
- utf8_decode
...

View File

@ -1,121 +0,0 @@
---
schema: promenade/Genesis/v1
metadata:
schema: metadata/Document/v1
name: genesis
labels:
genesis: enabled
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Software versions for bootstrapping phase
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.ucp.armada.api
dest:
path: .images.armada
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.ucp.armada.tiller
dest:
path: .images.helm.tiller
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.kubernetes.apiserver.apiserver
dest:
path: .images.kubernetes.apiserver
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.kubernetes.controller-manager.controller_manager
dest:
path: .images.kubernetes.controller-manager
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.kubernetes.etcd.etcd
dest:
path: .images.kubernetes.etcd
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.kubernetes.scheduler.scheduler
dest:
path: .images.kubernetes.scheduler
# Site-specific configuration
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .genesis.hostname
dest:
path: .hostname
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .genesis.ip
dest:
path: .ip
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .dns.node_domain
dest:
path: .domain
# Command prefix
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .kubernetes.service_cidr
dest:
path: .apiserver.command_prefix[1]
pattern: SERVICE_CIDR
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .kubernetes.service_node_port_range
dest:
path: .apiserver.command_prefix[2]
pattern: SERVICE_NODE_PORT_RANGE
data:
apiserver:
command_prefix:
- /apiserver
- --service-cluster-ip-range=SERVICE_CIDR
- --service-node-port-range=SERVICE_NODE_PORT_RANGE
- --authorization-mode=Node,RBAC
- --admission-control=NamespaceLifecycle,LimitRanger,ServiceAccount,PersistentVolumeLabel,DefaultStorageClass,ResourceQuota,DefaultTolerationSeconds
- --endpoint-reconciler-type=lease
armada:
target_manifest: cluster-bootstrap
labels:
dynamic:
- calico-etcd=enabled
- coredns=enabled
- kube-ingress=enabled
- kubernetes-apiserver=enabled
- kubernetes-controller-manager=enabled
- kubernetes-etcd=enabled
- kubernetes-scheduler=enabled
- openstack-compute-node=enabled
- openstack-control-plane=enabled
- openvswitch=enabled
- promenade-genesis=enabled
- ucp-control-plane=enabled
- ceph-mon=enabled
- ceph-mds=enabled
- ceph-osd=enabled
- ceph-rgw=enabled
- ceph-mgr=enabled
files:
- path: /var/lib/anchor/calico-etcd-bootstrap
content: "# placeholder for triggering calico etcd bootstrapping\n# this file will be deleted"
mode: 0644
...

View File

@ -1,127 +0,0 @@
---
schema: promenade/HostSystem/v1
metadata:
schema: metadata/Document/v1
name: host-system
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .files.kubelet
dest:
path: .files[0].tar_url
# Initial CoreDNS image (used during node Genesis and node join)
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.kubernetes.coredns.coredns
dest:
path: .images.coredns
# Initial CoreDNS image (used during node Genesis and node join)
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.kubernetes.haproxy.haproxy
dest:
path: .images.haproxy
# Operational tools
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.ucp.armada.helm
dest:
path: .images.helm.helm
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.kubernetes.kubectl
dest:
path: .images.kubernetes.kubectl
# System packages
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .packages.named.docker
dest:
path: .packages.required.docker
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .packages.named.socat
dest:
path: .packages.required.socat
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .packages.unnamed
dest:
path: .packages.additional
data:
files:
- path: /opt/kubernetes/bin/kubelet
tar_path: kubernetes/node/bin/kubelet
mode: 0555
- path: /etc/logrotate.d/json-logrotate
mode: 0444
content: |-
/var/lib/docker/containers/*/*-json.log
{
compress
copytruncate
create 0644 root root
daily
dateext
dateformat -%Y%m%d-%s
maxsize 10M
missingok
notifempty
su root root
rotate 1
}
packages:
# NOTE(mb874d): This method for specified repositories and keys will be
# change to align with Drydock's approach. Until then, we will specify
# it here.
repositories:
- deb http://apt.dockerproject.org/repo ubuntu-xenial main
keys:
- |-
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBFWln24BEADrBl5p99uKh8+rpvqJ48u4eTtjeXAWbslJotmC/CakbNSqOb9o
ddfzRvGVeJVERt/Q/mlvEqgnyTQy+e6oEYN2Y2kqXceUhXagThnqCoxcEJ3+KM4R
mYdoe/BJ/J/6rHOjq7Omk24z2qB3RU1uAv57iY5VGw5p45uZB4C4pNNsBJXoCvPn
TGAs/7IrekFZDDgVraPx/hdiwopQ8NltSfZCyu/jPpWFK28TR8yfVlzYFwibj5WK
dHM7ZTqlA1tHIG+agyPf3Rae0jPMsHR6q+arXVwMccyOi+ULU0z8mHUJ3iEMIrpT
X+80KaN/ZjibfsBOCjcfiJSB/acn4nxQQgNZigna32velafhQivsNREFeJpzENiG
HOoyC6qVeOgKrRiKxzymj0FIMLru/iFF5pSWcBQB7PYlt8J0G80lAcPr6VCiN+4c
NKv03SdvA69dCOj79PuO9IIvQsJXsSq96HB+TeEmmL+xSdpGtGdCJHHM1fDeCqkZ
hT+RtBGQL2SEdWjxbF43oQopocT8cHvyX6Zaltn0svoGs+wX3Z/H6/8P5anog43U
65c0A+64Jj00rNDr8j31izhtQMRo892kGeQAaaxg4Pz6HnS7hRC+cOMHUU4HA7iM
zHrouAdYeTZeZEQOA7SxtCME9ZnGwe2grxPXh/U/80WJGkzLFNcTKdv+rwARAQAB
tDdEb2NrZXIgUmVsZWFzZSBUb29sIChyZWxlYXNlZG9ja2VyKSA8ZG9ja2VyQGRv
Y2tlci5jb20+iQI4BBMBAgAiBQJVpZ9uAhsvBgsJCAcDAgYVCAIJCgsEFgIDAQIe
AQIXgAAKCRD3YiFXLFJgnbRfEAC9Uai7Rv20QIDlDogRzd+Vebg4ahyoUdj0CH+n
Ak40RIoq6G26u1e+sdgjpCa8jF6vrx+smpgd1HeJdmpahUX0XN3X9f9qU9oj9A4I
1WDalRWJh+tP5WNv2ySy6AwcP9QnjuBMRTnTK27pk1sEMg9oJHK5p+ts8hlSC4Sl
uyMKH5NMVy9c+A9yqq9NF6M6d6/ehKfBFFLG9BX+XLBATvf1ZemGVHQusCQebTGv
0C0V9yqtdPdRWVIEhHxyNHATaVYOafTj/EF0lDxLl6zDT6trRV5n9F1VCEh4Aal8
L5MxVPcIZVO7NHT2EkQgn8CvWjV3oKl2GopZF8V4XdJRl90U/WDv/6cmfI08GkzD
YBHhS8ULWRFwGKobsSTyIvnbk4NtKdnTGyTJCQ8+6i52s+C54PiNgfj2ieNn6oOR
7d+bNCcG1CdOYY+ZXVOcsjl73UYvtJrO0Rl/NpYERkZ5d/tzw4jZ6FCXgggA/Zxc
jk6Y1ZvIm8Mt8wLRFH9Nww+FVsCtaCXJLP8DlJLASMD9rl5QS9Ku3u7ZNrr5HWXP
HXITX660jglyshch6CWeiUATqjIAzkEQom/kEnOrvJAtkypRJ59vYQOedZ1sFVEL
MXg2UCkD/FwojfnVtjzYaTCeGwFQeqzHmM241iuOmBYPeyTY5veF49aBJA1gEJOQ
TvBR8Q==
=Fm3p
-----END PGP PUBLIC KEY BLOCK-----

View File

@ -1,787 +0,0 @@
---
# The data content of this file is referred from the Moby project as
# mentioned in the link below:
# https://github.com/moby/moby/blob/master/profiles/seccomp/default.json
schema: 'pegleg/SeccompProfile/v1'
metadata:
schema: 'metadata/Document/v1'
name: seccomp-default
storagePolicy: 'cleartext'
layeringDefinition:
abstract: false
layer: global
data:
# Path for seccomp profile root directory.
seccompDirPath: /var/lib/kubelet/seccomp
# Path to save seccomp profile as file.
# This should be same as seccompDirPath with file name.
savePath: /var/lib/kubelet/seccomp/seccomp_default
# Content of default seccomp profile file.
content: |
{
"defaultAction": "SCMP_ACT_ERRNO",
"archMap": [
{
"architecture": "SCMP_ARCH_X86_64",
"subArchitectures": [
"SCMP_ARCH_X86",
"SCMP_ARCH_X32"
]
},
{
"architecture": "SCMP_ARCH_AARCH64",
"subArchitectures": [
"SCMP_ARCH_ARM"
]
},
{
"architecture": "SCMP_ARCH_MIPS64",
"subArchitectures": [
"SCMP_ARCH_MIPS",
"SCMP_ARCH_MIPS64N32"
]
},
{
"architecture": "SCMP_ARCH_MIPS64N32",
"subArchitectures": [
"SCMP_ARCH_MIPS",
"SCMP_ARCH_MIPS64"
]
},
{
"architecture": "SCMP_ARCH_MIPSEL64",
"subArchitectures": [
"SCMP_ARCH_MIPSEL",
"SCMP_ARCH_MIPSEL64N32"
]
},
{
"architecture": "SCMP_ARCH_MIPSEL64N32",
"subArchitectures": [
"SCMP_ARCH_MIPSEL",
"SCMP_ARCH_MIPSEL64"
]
},
{
"architecture": "SCMP_ARCH_S390X",
"subArchitectures": [
"SCMP_ARCH_S390"
]
}
],
"syscalls": [
{
"names": [
"accept",
"accept4",
"access",
"adjtimex",
"alarm",
"bind",
"brk",
"capget",
"capset",
"chdir",
"chmod",
"chown",
"chown32",
"clock_getres",
"clock_gettime",
"clock_nanosleep",
"close",
"connect",
"copy_file_range",
"creat",
"dup",
"dup2",
"dup3",
"epoll_create",
"epoll_create1",
"epoll_ctl",
"epoll_ctl_old",
"epoll_pwait",
"epoll_wait",
"epoll_wait_old",
"eventfd",
"eventfd2",
"execve",
"execveat",
"exit",
"exit_group",
"faccessat",
"fadvise64",
"fadvise64_64",
"fallocate",
"fanotify_mark",
"fchdir",
"fchmod",
"fchmodat",
"fchown",
"fchown32",
"fchownat",
"fcntl",
"fcntl64",
"fdatasync",
"fgetxattr",
"flistxattr",
"flock",
"fork",
"fremovexattr",
"fsetxattr",
"fstat",
"fstat64",
"fstatat64",
"fstatfs",
"fstatfs64",
"fsync",
"ftruncate",
"ftruncate64",
"futex",
"futimesat",
"getcpu",
"getcwd",
"getdents",
"getdents64",
"getegid",
"getegid32",
"geteuid",
"geteuid32",
"getgid",
"getgid32",
"getgroups",
"getgroups32",
"getitimer",
"getpeername",
"getpgid",
"getpgrp",
"getpid",
"getppid",
"getpriority",
"getrandom",
"getresgid",
"getresgid32",
"getresuid",
"getresuid32",
"getrlimit",
"get_robust_list",
"getrusage",
"getsid",
"getsockname",
"getsockopt",
"get_thread_area",
"gettid",
"gettimeofday",
"getuid",
"getuid32",
"getxattr",
"inotify_add_watch",
"inotify_init",
"inotify_init1",
"inotify_rm_watch",
"io_cancel",
"ioctl",
"io_destroy",
"io_getevents",
"ioprio_get",
"ioprio_set",
"io_setup",
"io_submit",
"ipc",
"kill",
"lchown",
"lchown32",
"lgetxattr",
"link",
"linkat",
"listen",
"listxattr",
"llistxattr",
"_llseek",
"lremovexattr",
"lseek",
"lsetxattr",
"lstat",
"lstat64",
"madvise",
"memfd_create",
"mincore",
"mkdir",
"mkdirat",
"mknod",
"mknodat",
"mlock",
"mlock2",
"mlockall",
"mmap",
"mmap2",
"mprotect",
"mq_getsetattr",
"mq_notify",
"mq_open",
"mq_timedreceive",
"mq_timedsend",
"mq_unlink",
"mremap",
"msgctl",
"msgget",
"msgrcv",
"msgsnd",
"msync",
"munlock",
"munlockall",
"munmap",
"nanosleep",
"newfstatat",
"_newselect",
"open",
"openat",
"pause",
"pipe",
"pipe2",
"poll",
"ppoll",
"prctl",
"pread64",
"preadv",
"preadv2",
"prlimit64",
"pselect6",
"pwrite64",
"pwritev",
"pwritev2",
"read",
"readahead",
"readlink",
"readlinkat",
"readv",
"recv",
"recvfrom",
"recvmmsg",
"recvmsg",
"remap_file_pages",
"removexattr",
"rename",
"renameat",
"renameat2",
"restart_syscall",
"rmdir",
"rt_sigaction",
"rt_sigpending",
"rt_sigprocmask",
"rt_sigqueueinfo",
"rt_sigreturn",
"rt_sigsuspend",
"rt_sigtimedwait",
"rt_tgsigqueueinfo",
"sched_getaffinity",
"sched_getattr",
"sched_getparam",
"sched_get_priority_max",
"sched_get_priority_min",
"sched_getscheduler",
"sched_rr_get_interval",
"sched_setaffinity",
"sched_setattr",
"sched_setparam",
"sched_setscheduler",
"sched_yield",
"seccomp",
"select",
"semctl",
"semget",
"semop",
"semtimedop",
"send",
"sendfile",
"sendfile64",
"sendmmsg",
"sendmsg",
"sendto",
"setfsgid",
"setfsgid32",
"setfsuid",
"setfsuid32",
"setgid",
"setgid32",
"setgroups",
"setgroups32",
"setitimer",
"setpgid",
"setpriority",
"setregid",
"setregid32",
"setresgid",
"setresgid32",
"setresuid",
"setresuid32",
"setreuid",
"setreuid32",
"setrlimit",
"set_robust_list",
"setsid",
"setsockopt",
"set_thread_area",
"set_tid_address",
"setuid",
"setuid32",
"setxattr",
"shmat",
"shmctl",
"shmdt",
"shmget",
"shutdown",
"sigaltstack",
"signalfd",
"signalfd4",
"sigreturn",
"socket",
"socketcall",
"socketpair",
"splice",
"stat",
"stat64",
"statfs",
"statfs64",
"statx",
"symlink",
"symlinkat",
"sync",
"sync_file_range",
"syncfs",
"sysinfo",
"syslog",
"tee",
"tgkill",
"time",
"timer_create",
"timer_delete",
"timerfd_create",
"timerfd_gettime",
"timerfd_settime",
"timer_getoverrun",
"timer_gettime",
"timer_settime",
"times",
"tkill",
"truncate",
"truncate64",
"ugetrlimit",
"umask",
"uname",
"unlink",
"unlinkat",
"utime",
"utimensat",
"utimes",
"vfork",
"vmsplice",
"wait4",
"waitid",
"waitpid",
"write",
"writev"
],
"action": "SCMP_ACT_ALLOW",
"args": [],
"comment": "",
"includes": {},
"excludes": {}
},
{
"names": [
"personality"
],
"action": "SCMP_ACT_ALLOW",
"args": [
{
"index": 0,
"value": 0,
"valueTwo": 0,
"op": "SCMP_CMP_EQ"
}
],
"comment": "",
"includes": {},
"excludes": {}
},
{
"names": [
"personality"
],
"action": "SCMP_ACT_ALLOW",
"args": [
{
"index": 0,
"value": 8,
"valueTwo": 0,
"op": "SCMP_CMP_EQ"
}
],
"comment": "",
"includes": {},
"excludes": {}
},
{
"names": [
"personality"
],
"action": "SCMP_ACT_ALLOW",
"args": [
{
"index": 0,
"value": 131072,
"valueTwo": 0,
"op": "SCMP_CMP_EQ"
}
],
"comment": "",
"includes": {},
"excludes": {}
},
{
"names": [
"personality"
],
"action": "SCMP_ACT_ALLOW",
"args": [
{
"index": 0,
"value": 131080,
"valueTwo": 0,
"op": "SCMP_CMP_EQ"
}
],
"comment": "",
"includes": {},
"excludes": {}
},
{
"names": [
"personality"
],
"action": "SCMP_ACT_ALLOW",
"args": [
{
"index": 0,
"value": 4294967295,
"valueTwo": 0,
"op": "SCMP_CMP_EQ"
}
],
"comment": "",
"includes": {},
"excludes": {}
},
{
"names": [
"sync_file_range2"
],
"action": "SCMP_ACT_ALLOW",
"args": [],
"comment": "",
"includes": {
"arches": [
"ppc64le"
]
},
"excludes": {}
},
{
"names": [
"arm_fadvise64_64",
"arm_sync_file_range",
"sync_file_range2",
"breakpoint",
"cacheflush",
"set_tls"
],
"action": "SCMP_ACT_ALLOW",
"args": [],
"comment": "",
"includes": {
"arches": [
"arm",
"arm64"
]
},
"excludes": {}
},
{
"names": [
"arch_prctl"
],
"action": "SCMP_ACT_ALLOW",
"args": [],
"comment": "",
"includes": {
"arches": [
"amd64",
"x32"
]
},
"excludes": {}
},
{
"names": [
"modify_ldt"
],
"action": "SCMP_ACT_ALLOW",
"args": [],
"comment": "",
"includes": {
"arches": [
"amd64",
"x32",
"x86"
]
},
"excludes": {}
},
{
"names": [
"s390_pci_mmio_read",
"s390_pci_mmio_write",
"s390_runtime_instr"
],
"action": "SCMP_ACT_ALLOW",
"args": [],
"comment": "",
"includes": {
"arches": [
"s390",
"s390x"
]
},
"excludes": {}
},
{
"names": [
"open_by_handle_at"
],
"action": "SCMP_ACT_ALLOW",
"args": [],
"comment": "",
"includes": {
"caps": [
"CAP_DAC_READ_SEARCH"
]
},
"excludes": {}
},
{
"names": [
"bpf",
"clone",
"fanotify_init",
"lookup_dcookie",
"mount",
"name_to_handle_at",
"perf_event_open",
"quotactl",
"setdomainname",
"sethostname",
"setns",
"umount",
"umount2",
"unshare"
],
"action": "SCMP_ACT_ALLOW",
"args": [],
"comment": "",
"includes": {
"caps": [
"CAP_SYS_ADMIN"
]
},
"excludes": {}
},
{
"names": [
"clone"
],
"action": "SCMP_ACT_ALLOW",
"args": [
{
"index": 0,
"value": 2080505856,
"valueTwo": 0,
"op": "SCMP_CMP_MASKED_EQ"
}
],
"comment": "",
"includes": {},
"excludes": {
"caps": [
"CAP_SYS_ADMIN"
],
"arches": [
"s390",
"s390x"
]
}
},
{
"names": [
"clone"
],
"action": "SCMP_ACT_ALLOW",
"args": [
{
"index": 1,
"value": 2080505856,
"valueTwo": 0,
"op": "SCMP_CMP_MASKED_EQ"
}
],
"comment": "s390 parameter ordering for clone is different",
"includes": {
"arches": [
"s390",
"s390x"
]
},
"excludes": {
"caps": [
"CAP_SYS_ADMIN"
]
}
},
{
"names": [
"reboot"
],
"action": "SCMP_ACT_ALLOW",
"args": [],
"comment": "",
"includes": {
"caps": [
"CAP_SYS_BOOT"
]
},
"excludes": {}
},
{
"names": [
"chroot"
],
"action": "SCMP_ACT_ALLOW",
"args": [],
"comment": "",
"includes": {
"caps": [
"CAP_SYS_CHROOT"
]
},
"excludes": {}
},
{
"names": [
"delete_module",
"init_module",
"finit_module",
"query_module"
],
"action": "SCMP_ACT_ALLOW",
"args": [],
"comment": "",
"includes": {
"caps": [
"CAP_SYS_MODULE"
]
},
"excludes": {}
},
{
"names": [
"acct"
],
"action": "SCMP_ACT_ALLOW",
"args": [],
"comment": "",
"includes": {
"caps": [
"CAP_SYS_PACCT"
]
},
"excludes": {}
},
{
"names": [
"kcmp",
"process_vm_readv",
"process_vm_writev",
"ptrace"
],
"action": "SCMP_ACT_ALLOW",
"args": [],
"comment": "",
"includes": {
"caps": [
"CAP_SYS_PTRACE"
]
},
"excludes": {}
},
{
"names": [
"iopl",
"ioperm"
],
"action": "SCMP_ACT_ALLOW",
"args": [],
"comment": "",
"includes": {
"caps": [
"CAP_SYS_RAWIO"
]
},
"excludes": {}
},
{
"names": [
"settimeofday",
"stime",
"clock_settime"
],
"action": "SCMP_ACT_ALLOW",
"args": [],
"comment": "",
"includes": {
"caps": [
"CAP_SYS_TIME"
]
},
"excludes": {}
},
{
"names": [
"vhangup"
],
"action": "SCMP_ACT_ALLOW",
"args": [],
"comment": "",
"includes": {
"caps": [
"CAP_SYS_TTY_CONFIG"
]
},
"excludes": {}
},
{
"names": [
"get_mempolicy",
"mbind",
"set_mempolicy"
],
"action": "SCMP_ACT_ALLOW",
"args": [],
"comment": "",
"includes": {
"caps": [
"CAP_SYS_NICE"
]
},
"excludes": {}
}
]
}

View File

@ -1,12 +0,0 @@
---
schema: 'deckhand/DataSchema/v1'
metadata:
schema: metadata/Control/v1
name: armada/Chart/v1
labels:
application: armada
data:
$schema: 'http://json-schema.org/schema#'
type: 'object'
additionalProperties: true
...

View File

@ -1,12 +0,0 @@
---
schema: 'deckhand/DataSchema/v1'
metadata:
schema: metadata/Control/v1
name: armada/ChartGroup/v1
labels:
application: armada
data:
$schema: 'http://json-schema.org/schema#'
type: 'object'
additionalProperties: true
...

View File

@ -1,12 +0,0 @@
---
schema: 'deckhand/DataSchema/v1'
metadata:
schema: metadata/Control/v1
name: armada/Manifest/v1
labels:
application: armada
data:
$schema: 'http://json-schema.org/schema#'
type: 'object'
additionalProperties: true
...

View File

@ -1,164 +0,0 @@
---
schema: 'deckhand/DataSchema/v1'
metadata:
schema: metadata/Control/v1
name: drydock/BaremetalNode/v1
labels:
application: drydock
data:
$schema: 'http://json-schema.org/schema#'
id: 'http://att.com/att-comdev/drydock/baremetalNode.yaml'
type: 'object'
properties:
addressing:
type: 'array'
items:
type: 'object'
properties:
address:
type: 'string'
network:
type: 'string'
oob:
type: 'object'
properties:
type:
type: 'string'
network:
type: 'string'
account:
type: 'string'
credetial:
type: 'string'
additionalProperties: true
storage:
type: 'object'
properties:
physical_devices:
type: 'object'
additionalProperties:
type: 'object'
properties:
labels:
type: 'object'
additionalProperties:
type: 'string'
volume_group:
type: 'string'
partitions:
type: 'array'
items:
type: 'object'
properties:
name:
type: 'string'
size:
type: 'string'
part_uuid:
type: 'string'
volume_group:
type: 'string'
labels:
type: 'object'
additionalProperties:
type: 'string'
bootable:
type: 'boolean'
volume_group:
type: 'string'
filesystem:
type: 'object'
properties:
mountpoint:
type: 'string'
fstype:
type: 'string'
mount_options:
type: 'string'
fs_uuid:
type: 'string'
fs_label:
type: 'string'
additionalProperties: false
additionalProperties: false
volume_groups:
type: 'object'
additionalProperties:
type: 'object'
properties:
vg_uuid:
type: 'string'
logical_volumes:
type: 'array'
items:
type: 'object'
properties:
name:
type: 'string'
lv_uuid:
type: 'string'
size:
type: 'string'
filesystem:
type: 'object'
properties:
mountpoint:
type: 'string'
fstype:
type: 'string'
mount_options:
type: 'string'
fs_uuid:
type: 'string'
fs_label:
type: 'string'
platform:
type: 'object'
properties:
image:
type: 'string'
kernel:
type: 'string'
kernel_params:
type: 'object'
additionalProperties: true
additionalProperties: false
metadata:
type: 'object'
properties:
tags:
type: 'array'
items:
type: 'string'
owner_data:
type: 'object'
additionalProperties:
type: 'string'
rack:
type: 'string'
boot_mac:
type: 'string'
additionalProperties: false
host_profile:
type: 'string'
hardware_profile:
type: 'string'
primary_network:
type: 'string'
interfaces:
type: 'object'
additionalProperties:
type: 'object'
properties:
device_link:
type: 'string'
slaves:
type: 'array'
items:
type: 'string'
networks:
type: 'array'
items:
type: 'string'
additionalProperties: false
...

View File

@ -1,94 +0,0 @@
---
schema: 'deckhand/DataSchema/v1'
metadata:
schema: metadata/Control/v1
name: drydock/BootAction/v1
labels:
application: drydock
data:
$schema: 'http://json-schema.org/schema#'
id: 'http://att.com/att-comdev/drydock/bootaction.yaml'
type: 'object'
additionalProperties: false
properties:
signaling:
type: 'boolean'
assets:
type: 'array'
items:
type: 'object'
additionalProperties: false
properties:
path:
type: 'string'
pattern: '^/.+'
location:
type: 'string'
type:
type: 'string'
enum:
- 'unit'
- 'file'
- 'pkg_list'
data:
type: 'string'
location_pipeline:
type: 'array'
items:
type: 'string'
enum:
- 'template'
data_pipeline:
type: 'array'
items:
type: 'string'
enum:
- 'base64_encode'
- 'template'
- 'base64_decode'
- 'utf8_encode'
- 'utf8_decode'
permissions:
type: 'string'
pattern: '\d{3}'
required:
- 'type'
node_filter:
type: 'object'
additionalProperties: false
properties:
filter_set_type:
type: 'string'
enum:
- 'intersection'
- 'union'
filter_set:
type: 'array'
items:
type: 'object'
additionalProperties: false
properties:
filter_type:
type: 'string'
enum:
- 'intersection'
- 'union'
node_names:
type: 'array'
items:
type: 'string'
node_tags:
type: 'array'
items:
type: 'string'
node_labels:
type: 'object'
additionalProperties: true
rack_names:
type: 'array'
items:
type: 'string'
rack_labels:
type: 'object'
additionalProperties: true
...

View File

@ -1,49 +0,0 @@
---
schema: 'deckhand/DataSchema/v1'
metadata:
schema: metadata/Control/v1
name: drydock/HardwareProfile/v1
labels:
application: drydock
data:
$schema: 'http://json-schema.org/schema#'
type: 'object'
properties:
vendor:
type: 'string'
generation:
type: 'string'
hw_version:
type: 'string'
bios_version:
type: 'string'
boot_mode:
type: 'string'
enum:
- 'bios'
- 'uefi'
bootstrap_protocol:
type: 'string'
enum:
- 'pxe'
- 'usb'
- 'hdd'
pxe_interface:
type: 'number'
device_aliases:
type: 'object'
additionalProperties: true
cpu_sets:
type: 'object'
additionalProperties:
type: 'string'
hugepages:
type: 'object'
additionalProperties:
type: 'object'
propertes:
size:
type: 'string'
count:
type: 'number'
additionalProperties: false

View File

@ -1,155 +0,0 @@
---
schema: 'deckhand/DataSchema/v1'
metadata:
schema: metadata/Control/v1
name: drydock/HostProfile/v1
labels:
application: drydock
data:
$schema: 'http://json-schema.org/schema#'
id: 'http://att.com/att-comdev/drydock/hostProfile.yaml'
type: 'object'
properties:
oob:
type: 'object'
properties:
type:
type: 'string'
network:
type: 'string'
account:
type: 'string'
credetial:
type: 'string'
additionalProperties: true
storage:
type: 'object'
properties:
physical_devices:
type: 'object'
additionalProperties:
type: 'object'
properties:
labels:
type: 'object'
additionalProperties:
type: 'string'
volume_group:
type: 'string'
partitions:
type: 'array'
items:
type: 'object'
properties:
name:
type: 'string'
size:
type: 'string'
part_uuid:
type: 'string'
volume_group:
type: 'string'
labels:
type: 'object'
additionalProperties:
type: 'string'
bootable:
type: 'boolean'
volume_group:
type: 'string'
filesystem:
type: 'object'
properties:
mountpoint:
type: 'string'
fstype:
type: 'string'
mount_options:
type: 'string'
fs_uuid:
type: 'string'
fs_label:
type: 'string'
additionalProperties: false
additionalProperties: false
volume_groups:
type: 'object'
additionalProperties:
type: 'object'
properties:
vg_uuid:
type: 'string'
logical_volumes:
type: 'array'
items:
type: 'object'
properties:
name:
type: 'string'
lv_uuid:
type: 'string'
size:
type: 'string'
filesystem:
type: 'object'
properties:
mountpoint:
type: 'string'
fstype:
type: 'string'
mount_options:
type: 'string'
fs_uuid:
type: 'string'
fs_label:
type: 'string'
platform:
type: 'object'
properties:
image:
type: 'string'
kernel:
type: 'string'
kernel_params:
type: 'object'
additionalProperties: true
additionalProperties: false
metadata:
type: 'object'
properties:
tags:
type: 'array'
items:
type: 'string'
owner_data:
type: 'object'
additionalProperties:
type: 'string'
rack:
type: 'string'
boot_mac:
type: 'string'
additionalProperties: false
host_profile:
type: 'string'
hardware_profile:
type: 'string'
primary_network:
type: 'string'
interfaces:
type: 'object'
additionalProperties:
type: 'object'
properties:
device_link:
type: 'string'
slaves:
type: 'array'
items:
type: 'string'
networks:
type: 'array'
items:
type: 'string'
additionalProperties: false
...

View File

@ -1,71 +0,0 @@
---
schema: 'deckhand/DataSchema/v1'
metadata:
schema: metadata/Control/v1
name: drydock/Network/v1
labels:
application: drydock
data:
$schema: 'http://json-schema.org/schema#'
id: 'http://att.com/att-comdev/drydock/network.yaml'
type: 'object'
properties:
cidr:
type: 'string'
ranges:
type: 'array'
items:
type: 'object'
properties:
type:
type: 'string'
start:
type: 'string'
format: 'ipv4'
end:
type: 'string'
format: 'ipv4'
additionalProperties: false
dns:
type: 'object'
properties:
domain:
type: 'string'
servers:
type: 'string'
additionalProperties: false
dhcp_relay:
type: 'object'
properties:
self_ip:
type: 'string'
format: 'ipv4'
upstream_target:
type: 'string'
format: 'ipv4'
additionalProperties: false
mtu:
type: 'number'
vlan:
type: 'string'
routedomain:
type: 'string'
routes:
type: 'array'
items:
type: 'object'
properties:
subnet:
type: 'string'
gateway:
type: 'string'
format: 'ipv4'
metric:
type: 'number'
routedomain:
type: 'string'
additionalProperties: false
labels:
type: 'object'
additionalProperties: true
additionalProperties: false

View File

@ -1,48 +0,0 @@
---
schema: 'deckhand/DataSchema/v1'
metadata:
schema: metadata/Control/v1
name: drydock/NetworkLink/v1
labels:
application: drydock
data:
$schema: 'http://json-schema.org/schema#'
id: 'http://att.com/att-comdev/drydock/networkLink.yaml'
type: 'object'
properties:
bonding:
type: 'object'
properties:
mode:
type: 'string'
hash:
type: 'string'
peer_rate:
type: 'string'
mon_rate:
type: 'number'
up_delay:
type: 'number'
down_delay:
type: 'number'
additionalProperties: false
mtu:
type: 'number'
linkspeed:
type: 'string'
trunking:
type: 'object'
properties:
mode:
type: 'string'
default_network:
type: 'string'
additionalProperties: false
allowed_networks:
type: 'array'
items:
type: 'string'
labels:
type: 'object'
additionalProperties: true
additionalProperties: false

View File

@ -1,36 +0,0 @@
---
schema: 'deckhand/DataSchema/v1'
metadata:
schema: metadata/Control/v1
name: drydock/Rack/v1
labels:
application: drydock
data:
$schema: 'http://json-schema.org/schema#'
id: 'http://att.com/att-comdev/drydock/rack.yaml'
type: 'object'
properties:
tor_switches:
type: 'object'
properties:
mgmt_ip:
type: 'string'
format: 'ipv4'
sdn_api_uri:
type: 'string'
format: 'uri'
location:
type: 'object'
properties:
clli:
type: 'string'
grid:
type: 'string'
local_networks:
type: 'array'
items:
type: 'string'
labels:
type: 'object'
additionalProperties: true
additionalProperties: false

View File

@ -1,31 +0,0 @@
---
schema: 'deckhand/DataSchema/v1'
metadata:
schema: metadata/Control/v1
name: drydock/Region/v1
labels:
application: drydock
data:
$schema: 'http://json-schema.org/schema#'
id: 'http://att.com/att-comdev/drydock/region.yaml'
type: 'object'
properties:
tag_definitions:
type: 'array'
items:
type: 'object'
properties:
tag:
type: 'string'
definition_type:
type: 'string'
enum:
- 'lshw_xpath'
definition:
type: 'string'
additionalProperties: false
authorized_keys:
type: 'array'
items:
type: 'string'
additionalProperties: false

View File

@ -1,645 +0,0 @@
---
schema: 'deckhand/DataSchema/v1'
metadata:
schema: metadata/Control/v1
name: pegleg/AccountCatalogue/v1
data:
$schema: 'http://json-schema.org/schema#'
type: object
properties:
ucp:
type: object
properties:
postgres:
type: object
properties:
admin:
type: object
properties:
username:
type: string
oslo_db:
type: object
properties:
admin:
type: object
properties:
username:
type: string
oslo_messaging:
type: object
properties:
admin:
type: object
properties:
username:
type: string
keystone:
type: object
properties:
admin:
type: object
properties:
region_name:
type: string
username:
type: string
project_name:
type: string
user_domain_name:
type: string
project_domain_name:
type: string
oslo_messaging:
type: object
properties:
username:
type: string
oslo_db:
type: object
properties:
username:
type: string
database:
type: string
promenade:
type: object
properties:
keystone:
type: object
properties:
region_name:
type: string
role:
type: string
project_name:
type: string
project_domain_name:
type: string
user_domain_name:
type: string
username:
type: string
drydock:
type: object
properties:
keystone:
type: object
properties:
region_name:
type: string
role:
type: string
project_name:
type: string
project_domain_name:
type: string
user_domain_name:
type: string
username:
type: string
postgres:
type: object
properties:
username:
type: string
database:
type: string
shipyard:
type: object
properties:
keystone:
type: object
properties:
region_name:
type: string
role:
type: string
project_name:
type: string
project_domain_name:
type: string
user_domain_name:
type: string
username:
type: string
postgres:
type: object
properties:
username:
type: string
database:
type: string
airflow:
type: object
properties:
postgres:
type: object
properties:
username:
type: string
database:
type: string
oslo_messaging:
type: object
properties:
username:
type: string
maas:
type: object
properties:
admin:
type: object
properties:
username:
type: string
email:
type: string
postgres:
type: object
properties:
username:
type: string
database:
type: string
barbican:
type: object
properties:
keystone:
type: object
properties:
region_name:
type: string
role:
type: string
project_name:
type: string
project_domain_name:
type: string
user_domain_name:
type: string
username:
type: string
oslo_db:
type: object
properties:
username:
type: string
database:
type: string
oslo_messaging:
type: object
properties:
username:
type: string
armada:
type: object
properties:
keystone:
type: object
properties:
project_domain_name:
type: string
project_name:
type: string
region_name:
type: string
role:
type: string
user_domain_name:
type: string
username:
type: string
deckhand:
type: object
properties:
keystone:
type: object
properties:
region_name:
type: string
role:
type: string
project_name:
type: string
project_domain_name:
type: string
user_domain_name:
type: string
username:
type: string
postgres:
type: object
properties:
username:
type: string
database:
type: string
ceph:
type: object
properties:
swift:
type: object
properties:
keystone:
type: object
properties:
role:
type: string
region_name:
type: string
username:
type: string
project_name:
type: string
user_domain_name:
type: string
project_domain_name:
type: string
osh:
type: object
properties:
keystone:
type: object
properties:
admin:
type: object
properties:
region_name:
type: string
username:
type: string
project_name:
type: string
user_domain_name:
type: string
project_domain_name:
type: string
oslo_messaging:
type: object
properties:
admin:
type: object
properties:
username:
type: string
keystone:
type: object
properties:
username:
type: string
oslo_db:
type: object
properties:
username:
type: string
database:
type: string
cinder:
type: object
properties:
cinder:
type: object
properties:
role:
type: string
region_name:
type: string
username:
type: string
project_name:
type: string
user_domain_name:
type: string
project_domain_name:
type: string
oslo_messaging:
type: object
properties:
admin:
type: object
properties:
username:
type: string
cinder:
type: object
properties:
username:
type: string
oslo_db:
type: object
properties:
username:
type: string
database:
type: string
glance:
type: object
properties:
glance:
type: object
properties:
role:
type: string
region_name:
type: string
username:
type: string
project_name:
type: string
user_domain_name:
type: string
project_domain_name:
type: string
oslo_messaging:
type: object
properties:
admin:
type: object
properties:
username:
type: string
glance:
type: object
properties:
username:
type: string
oslo_db:
type: object
properties:
username:
type: string
database:
type: string
ceph_object_store:
type: object
properties:
username:
type: string
heat:
type: object
properties:
heat:
type: object
properties:
role:
type: string
region_name:
type: string
username:
type: string
project_name:
type: string
user_domain_name:
type: string
project_domain_name:
type: string
heat_trustee:
type: object
properties:
role:
type: string
region_name:
type: string
username:
type: string
project_name:
type: string
user_domain_name:
type: string
project_domain_name:
type: string
heat_stack_user:
type: object
properties:
role:
type: string
region_name:
type: string
username:
type: string
project_name:
type: string
user_domain_name:
type: string
project_domain_name:
type: string
oslo_db:
type: object
properties:
username:
type: string
database:
type: string
oslo_messaging:
type: object
properties:
admin:
type: object
properties:
username:
type: string
heat:
type: object
properties:
username:
type: string
swift:
type: object
properties:
swift:
type: object
properties:
role:
type: string
region_name:
type: string
username:
type: string
project_name:
type: string
user_domain_name:
type: string
project_domain_name:
type: string
oslo_db:
type: object
properties:
admin:
type: object
properties:
username:
type: string
neutron:
type: object
properties:
neutron:
type: object
properties:
role:
type: string
region_name:
type: string
username:
type: string
project_name:
type: string
user_domain_name:
type: string
project_domain_name:
type: string
oslo_messaging:
type: object
properties:
admin:
type: object
properties:
username:
type: string
neutron:
type: object
properties:
username:
type: string
oslo_db:
type: object
properties:
username:
type: string
database:
type: string
nova:
type: object
properties:
nova:
type: object
properties:
role:
type: string
region_name:
type: string
username:
type: string
project_name:
type: string
user_domain_name:
type: string
project_domain_name:
type: string
placement:
type: object
properties:
role:
type: string
region_name:
type: string
username:
type: string
project_name:
type: string
user_domain_name:
type: string
project_domain_name:
type: string
oslo_messaging:
type: object
properties:
admin:
type: object
properties:
username:
type: string
nova:
type: object
properties:
username:
type: string
oslo_db:
type: object
properties:
username:
type: string
database:
type: string
oslo_db_api:
type: object
properties:
username:
type: string
database:
type: string
oslo_db_cell0:
type: object
properties:
username:
type: string
database:
type: string
horizon:
type: object
properties:
oslo_db:
type: object
properties:
username:
type: string
database:
type: string
osh_infra:
type: object
properties:
grafana:
type: object
properties:
admin:
type: object
properties:
username:
type: string
oslo_db:
type: object
properties:
username:
type: string
database:
type: string
oslo_db_session:
type: object
properties:
username:
type: string
database:
type: string
elasticsearch:
type: object
properties:
admin:
type: object
properties:
username:
type: string
oslo_db:
type: object
properties:
admin:
type: object
properties:
username:
type: string
prometheus_openstack_exporter:
type: object
properties:
user:
type: object
properties:
username:
type: string
nagios:
type: object
properties:
admin:
type: object
properties:
username:
type: string
...

View File

@ -1,17 +0,0 @@
---
schema: 'deckhand/DataSchema/v1'
metadata:
schema: metadata/Control/v1
name: pegleg/AppArmorProfile/v1
labels:
application: pegleg
data:
$schema: 'http://json-schema.org/schema#'
type: 'object'
additionalProperties: false
properties:
savePath:
type: 'string'
content:
type: 'string'
required: ['savePath', 'content']

View File

@ -1,116 +0,0 @@
---
schema: 'deckhand/DataSchema/v1'
metadata:
schema: metadata/Control/v1
name: pegleg/CommonAddresses/v1
data:
$schema: 'http://json-schema.org/schema#'
type: object
properties:
calico:
type: object
properties:
ip_autodetection_method:
type: string
etcd:
type: object
properties:
service_ip:
type: string
dns:
type: object
properties:
cluster_domain:
type: string
service_ip:
type: string
upstream_servers:
type: array
items:
type: string
upstream_servers_joined:
type: string
genesis:
type: object
properties:
hostname:
type: string
ip:
type: string
bootstrap:
type: object
properties:
ip:
type: string
kubernetes:
type: object
properties:
api_service_ip:
type: string
etcd_service_ip:
type: string
pod_cidr:
type: string
service_cidr:
type: string
apiserver_port:
type: number
haproxy_port:
type: number
service_node_port_range:
type: string
etcd:
type: object
properties:
container_port:
type: number
haproxy_port:
type: number
masters:
type: array
items:
type: object
properties:
hostname:
type: string
node_ports:
type: object
properties:
drydock_api:
type: number
maas_api:
type: number
maas_proxy:
type: number
shipyard_api:
type: number
airflow_web:
type: number
ntp:
type: object
properties:
servers_joined:
type: string
storage:
type: object
properties:
ceph:
type: object
properties:
public_cidr:
type: string
cluster_cidr:
type: string
openvswitch:
type: object
properties:
external_iface:
type: string
neutron:
type: object
properties:
tunnel_device:
type: string
external_iface:
type: string
...

View File

@ -1,15 +0,0 @@
---
schema: 'deckhand/DataSchema/v1'
metadata:
schema: metadata/Control/v1
name: pegleg/CommonSoftwareConfig/v1
data:
$schema: 'http://json-schema.org/schema#'
type: object
properties:
osh:
type: object
properties:
region_name:
type: string
...

View File

@ -1,143 +0,0 @@
---
schema: 'deckhand/DataSchema/v1'
metadata:
schema: metadata/Control/v1
name: pegleg/EndpointCatalogue/v1
data:
$schema: 'http://json-schema.org/schema#'
type: 'object'
# Namespace the list of endpoints
additionalProperties:
type: 'object'
additionalProperties:
type: 'object'
properties:
namespace:
oneOf:
- type: string
- type: "null"
name:
type: string
auth:
type: object
hosts:
type: object
properties:
data:
type: string
default:
type: string
discovery:
type: string
public:
type: string
internal:
type: string
additionalProperties:
type: string
host_fqdn_override:
oneOf:
- type: object
properties:
default:
oneOf:
- type: string
- type: "null"
- type: object
properties:
host:
type: string
tls:
type: object
properties:
crt:
type: string
ca:
type: string
key:
type: string
additionalProperties:
type: string
public:
oneOf:
- type: string
- type: "null"
- type: object
properties:
host:
type: string
tls:
type: object
properties:
crt:
type: string
ca:
type: string
key:
type: string
additionalProperties:
type: string
internal:
oneOf:
- type: string
- type: "null"
- type: object
properties:
host:
type: string
tls:
type: object
properties:
crt:
type: string
ca:
type: string
key:
type: string
additionalProperties:
type: string
additionalProperties:
type: string
- type: "null"
path:
oneOf:
- type: object
properties:
default:
oneOf:
- type: string
- type: "null"
public:
type: string
internal:
type: string
additionalProperties:
type: string
- type: string
scheme:
oneOf:
- type: object
properties:
default:
type: string
public:
type: string
internal:
type: string
additionalProperties:
type: string
- type: string
port:
type: object
additionalProperties:
type: object
properties:
default:
type: number
public:
type: number
internal:
type: number
additionalProperties:
type: number
...

View File

@ -1,19 +0,0 @@
---
schema: 'deckhand/DataSchema/v1'
metadata:
schema: metadata/Control/v1
name: pegleg/SeccompProfile/v1
labels:
application: pegleg
data:
$schema: 'http://json-schema.org/schema#'
type: 'object'
additionalProperties: false
properties:
seccompDirPath:
type: 'string'
savePath:
type: 'string'
content:
type: 'string'
required: ['seccompDirPath', 'savePath', 'content']

View File

@ -1,16 +0,0 @@
---
schema: deckhand/DataSchema/v1
metadata:
schema: metadata/Control/v1
name: promenade/Docker/v1
labels:
application: promenade
data:
$schema: http://json-schema.org/schema#
type: object
properties:
config:
type: object
required:
- config
additionalProperties: false

View File

@ -1,144 +0,0 @@
---
schema: deckhand/DataSchema/v1
metadata:
schema: metadata/Control/v1
name: promenade/Genesis/v1
labels:
application: promenade
data:
$schema: http://json-schema.org/schema#
definitions:
abs_path:
type: string
pattern: '^/.+$'
hostname:
type: string
pattern: '^[a-z][a-z0-9-]+$'
file:
properties:
path:
$ref: '#/definitions/abs_path'
content:
type: string
mode:
type: integer
minimum: 0
tar_url:
$ref: '#/definitions/url'
tar_path:
$ref: '#/definitions/rel_path'
required:
- mode
- path
oneOf:
- type: object
required:
- content
- type: object
allOf:
- type: object
required:
- tar_url
- tar_path
additionalProperties: false
image:
type: string
# XXX add regex
ip_address:
type: string
pattern: '^(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))$'
kubernetes_label:
type: string
# XXX add regex
rel_path:
type: string
# XXX add regex
type: object
properties:
armada:
type: object
properties:
target_manifest:
type: string
additionalProperties: false
apiserver:
type: object
properties:
command_prefix:
type: array
items:
type: string
additionalProperties: false
files:
type: array
items:
$ref: '#/definitions/file'
hostname:
$ref: '#/definitions/hostname'
domain:
type: string
ip:
$ref: '#/definitions/ip_address'
labels:
properties:
static:
type: array
items:
$ref: '#/definitions/kubernetes_label'
dynamic:
type: array
items:
$ref: '#/definitions/kubernetes_label'
additionalProperties: false
images:
type: object
properties:
armada:
$ref: '#/definitions/image'
helm:
type: object
properties:
tiller:
$ref: '#/definitions/image'
required:
- tiller
additionalProperties: false
kubernetes:
type: object
properties:
apiserver:
$ref: '#/definitions/image'
controller-manager:
$ref: '#/definitions/image'
etcd:
$ref: '#/definitions/image'
scheduler:
$ref: '#/definitions/image'
required:
- apiserver
- controller-manager
- etcd
- scheduler
additionalProperties: false
required:
- armada
- helm
- kubernetes
additionalProperties: false
required:
- hostname
- ip
- images
- labels
additionalProperties: false
...

View File

@ -1,137 +0,0 @@
---
schema: deckhand/DataSchema/v1
metadata:
schema: metadata/Control/v1
name: promenade/HostSystem/v1
labels:
application: promenade
data:
$schema: http://json-schema.org/schema#
definitions:
abs_path:
type: string
pattern: '^/.+$'
apt_source_line:
type: string
# XXX add regex
file:
properties:
path:
$ref: '#/definitions/abs_path'
content:
type: string
mode:
type: integer
minimum: 0
tar_url:
$ref: '#/definitions/url'
tar_path:
$ref: '#/definitions/rel_path'
required:
- mode
- path
oneOf:
- type: object
required:
- content
- type: object
allOf:
- type: object
required:
- tar_url
- tar_path
additionalProperties: false
image:
type: string
# XXX add regex
package:
type: string
# XXX add regex
public_key:
type: string
# XXX add regex
rel_path:
type: string
# XXX add regex
url:
type: string
# XXX add regex
type: object
properties:
files:
type: array
items:
type: object
items:
$ref: '#/definitions/file'
images:
type: object
properties:
haproxy:
$ref: '#/definitions/image'
coredns:
$ref: '#/definitions/image'
helm:
type: object
properties:
helm:
$ref: '#/definitions/image'
required:
- helm
additionalProperties: false
kubernetes:
type: object
properties:
kubectl:
$ref: '#/definitions/image'
required:
- kubectl
additionalProperties: false
required:
- haproxy
- coredns
- helm
- kubernetes
additionalProperties: false
packages:
type: object
properties:
additional:
type: array
items:
$ref: '#/definitions/package'
keys:
type: array
items:
$ref: '#/definitions/public_key'
required:
type: object
properties:
docker:
$ref: '#/definitions/package'
socat:
$ref: '#/definitions/package'
required:
- docker
- socat
additionalProperties: false
repositories:
type: array
items:
$ref: '#/definitions/apt_source_line'
required:
- required
additionalProperties: false
required:
- images
- packages
additionalProperties: false

View File

@ -1,31 +0,0 @@
---
schema: deckhand/DataSchema/v1
metadata:
schema: metadata/Control/v1
name: promenade/Kubelet/v1
labels:
application: promenade
data:
$schema: http://json-schema.org/schema#
type: object
definitions:
image:
type: string
# XXX add regex
properties:
images:
type: object
properties:
pause:
$ref: '#/definitions/image'
required:
- pause
additionalProperties: false
arguments:
type: array
items:
type: string
required:
- images
additionalProperties: false

View File

@ -1,117 +0,0 @@
---
schema: deckhand/DataSchema/v1
metadata:
schema: metadata/Control/v1
name: promenade/KubernetesNetwork/v1
labels:
application: promenade
data:
$schema: http://json-schema.org/schema#
definitions:
cidr:
type: string
pattern: '^(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\/([0-9]|[1-2][0-9]|3[0-2])$'
domain_name:
type: string
pattern: '^([a-z][a-z0-9-]+\.)+[a-z]+\.?$'
hostname:
type: string
pattern: '^([a-z][a-z0-9-]+)(\.+[a-z]+\.)?$'
hostname_or_ip_address:
type: string
ip_address:
type: string
pattern: '^(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))$'
url:
type: string
# XXX add regex
type: object
properties:
dns:
type: object
properties:
bootstrap_validation_checks:
type: array
items:
$ref: '#/definitions/domain_name'
cluster_domain:
$ref: '#/definitions/domain_name'
service_ip:
$ref: '#/definitions/ip_address'
upstream_servers:
type: array
items:
$ref: '#/definitions/ip_address'
required:
- cluster_domain
- service_ip
additionalProperties: false
kubernetes:
type: object
properties:
pod_cidr:
$ref: '#/definitions/cidr'
service_ip:
$ref: '#/definitions/ip_address'
service_cidr:
$ref: '#/definitions/cidr'
apiserver_port:
type: number
minimum: 0
haproxy_port:
type: number
minimum: 0
required:
- pod_cidr
- service_cidr
- service_ip
- apiserver_port
- haproxy_port
additionalProperties: false
etcd:
type: object
properties:
service_ip:
$ref: '#/definitions/ip_address'
container_port:
type: number
minimum: 0
haproxy_port:
type: number
minimum: 0
required:
- service_ip
- container_port
- haproxy_port
additionalProperties: false
hosts_entries:
type: array
items:
type: object
properties:
ip:
$ref: '#/definitions/ip_address'
names:
type: array
items:
$ref: '#/definitions/hostname'
proxy:
type: object
properties:
additional_no_proxy:
type: array
items:
$ref: '#/definitions/hostname_or_ip_address'
url:
$ref: '#/definitions/url'
required:
- url
additionalFields: false
required:
- dns
- kubernetes
additionalProperties: false

View File

@ -1,47 +0,0 @@
---
schema: deckhand/DataSchema/v1
metadata:
schema: metadata/Control/v1
name: promenade/KubernetesNode/v1
labels:
application: promenade
data:
$schema: http://json-schema.org/schema#
definitions:
hostname:
type: string
pattern: '^[a-z][a-z0-9-]+$'
ip_address:
type: string
pattern: '^(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))$'
kubernetes_label:
type: string
# XXX add regex
type: object
properties:
hostname:
$ref: '#/definitions/hostname'
ip:
$ref: '#/definitions/ip_address'
join_ip:
$ref: '#/definitions/ip_address'
labels:
properties:
static:
type: array
items:
$ref: '#/definitions/kubernetes_label'
dynamic:
type: array
items:
$ref: '#/definitions/kubernetes_label'
additionalProperties: false
required:
- ip
- join_ip
additionalProperties: false

View File

@ -1,43 +0,0 @@
---
schema: deckhand/DataSchema/v1
metadata:
schema: metadata/Control/v1
name: promenade/PKICatalog/v1
labels:
application: promenade
data:
$schema: http://json-schema.org/schema#
certificate_authorities:
type: array
items:
type: object
properties:
description:
type: string
certificates:
type: array
items:
type: object
properties:
document_name:
type: string
description:
type: string
common_name:
type: string
hosts:
type: array
items: string
groups:
type: array
items: string
keypairs:
type: array
items:
type: object
properties:
name:
type: string
description:
type: string
...

View File

@ -1,81 +0,0 @@
---
schema: 'deckhand/DataSchema/v1'
metadata:
schema: metadata/Control/v1
name: shipyard/DeploymentConfiguration/v1
labels:
application: shipyard
data:
$schema: 'http://json-schema.org/schema#'
id: 'https://git.airshipit.org/cgit/airship-shipyard/tree/src/bin/shipyard_airflow/shipyard_airflow/schemas/deploymentConfiguration.yaml'
type: 'object'
properties:
physical_provisioner:
type: 'object'
properties:
deployment_strategy:
type: 'string'
deploy_interval:
type: 'integer'
deploy_timeout:
type: 'integer'
destroy_interval:
type: 'integer'
destroy_timeout:
type: 'integer'
join_wait:
type: 'integer'
prepare_node_interval:
type: 'integer'
prepare_node_timeout:
type: 'integer'
prepare_site_interval:
type: 'integer'
prepare_site_timeout:
type: 'integer'
verify_interval:
type: 'integer'
verify_timeout:
type: 'integer'
additionalProperties: false
kubernetes:
type: 'object'
properties:
node_status_interval:
type: 'integer'
node_status_timeout:
type: 'integer'
additionalProperties: false
kubernetes_provisioner:
type: 'object'
properties:
drain_timeout:
type: 'integer'
drain_grace_period:
type: 'integer'
clear_labels_timeout:
type: 'integer'
remove_etcd_timeout:
type: 'integer'
etcd_ready_timeout:
type: 'integer'
additionalProperties: false
armada:
type: 'object'
properties:
get_releases_timeout:
type: 'integer'
get_status_timeout:
type: 'integer'
manifest:
type: 'string'
post_apply_timeout:
type: 'integer'
validate_design_timeout:
type: 'integer'
additionalProperties: false
required:
- manifest
additionalProperties: false
required:
- armada

View File

@ -1,74 +0,0 @@
---
schema: 'deckhand/DataSchema/v1'
metadata:
schema: metadata/Control/v1
name: shipyard/DeploymentStrategy/v1
labels:
application: shipyard
data:
$schema: 'http://json-schema.org/schema#'
id: 'https://git.airshipit.org/cgit/airship-shipyard/tree/src/bin/shipyard_airflow/shipyard_airflow/schemas/deploymentStrategy.yaml'
type: 'object'
required:
- groups
properties:
groups:
type: 'array'
minItems: 0
items:
type: 'object'
required:
- name
- critical
- depends_on
- selectors
properties:
name:
type: 'string'
minLength: 1
critical:
type: 'boolean'
depends_on:
type: 'array'
minItems: 0
items:
type: 'string'
selectors:
type: 'array'
minItems: 0
items:
type: 'object'
minProperties: 1
properties:
node_names:
type: 'array'
items:
type: 'string'
node_labels:
type: 'array'
items:
type: 'string'
node_tags:
type: 'array'
items:
type: 'string'
rack_names:
type: 'array'
items:
type: 'string'
additionalProperties: false
success_criteria:
type: 'object'
minProperties: 1
properties:
percent_successful_nodes:
type: 'integer'
minimum: 0
maximum: 100
minimum_successful_nodes:
type: 'integer'
minimum: 0
maximum_failed_nodes:
type: 'integer'
minimum: 0
additionalProperties: false

View File

@ -1,170 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: kubernetes-calico
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.kubernetes.calico.calico
dest:
path: .source
# Image versions
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.calico.calico
dest:
path: .values.images
# IP addresses
-
src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .kubernetes.api_service_ip
dest:
path: .values.conf.controllers.K8S_API
pattern: KUBERNETES_IP
-
src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .calico.etcd.service_ip
dest:
path: .values.endpoints.etcd.host_fqdn_override.default
-
src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .kubernetes.pod_cidr
dest:
path: .values.networking.podSubnet
# Other site-specific configuration
-
src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .calico.ip_autodetection_method
dest:
path: .values.conf.node.IP_AUTODETECTION_METHOD
# Certificates
-
src:
schema: deckhand/CertificateAuthority/v1
name: calico-etcd
path: .
dest:
path: .values.endpoints.etcd.auth.client.tls.ca
-
src:
schema: deckhand/Certificate/v1
name: calico-node
path: .
dest:
path: .values.endpoints.etcd.auth.client.tls.crt
-
src:
schema: deckhand/CertificateKey/v1
name: calico-node
path: .
dest:
path: .values.endpoints.etcd.auth.client.tls.key
data:
chart_name: calico
release: kubernetes-calico
namespace: kube-system
protected:
continue_processing: false
wait:
timeout: 600
labels:
release_group: airship-kubernetes-calico
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: airship-kubernetes-calico
values:
conf:
cni_network_config:
name: k8s-pod-network
cniVersion: 0.3.0
plugins:
- type: calico
etcd_endpoints: __ETCD_ENDPOINTS__
etcd_ca_cert_file: /etc/calico/pki/ca
etcd_cert_file: /etc/calico/pki/crt
etcd_key_file: /etc/calico/pki/key
log_level: debug
ipam:
type: calico-ipam
policy:
type: k8s
kubernetes:
kubeconfig: __KUBECONFIG_FILEPATH__
- type: portmap
snat: true
capabilities:
portMappings: true
controllers:
K8S_API: "https://KUBERNETES_IP:443"
node:
CALICO_STARTUP_LOGLEVEL: INFO
CLUSTER_TYPE: "k8s,bgp"
ETCD_CA_CERT_FILE: /etc/calico/pki/ca
ETCD_CERT_FILE: /etc/calico/pki/crt
ETCD_KEY_FILE: /etc/calico/pki/key
IP_AUTODETECTION_METHOD: interface=ens3
WAIT_FOR_STORAGE: "true"
endpoints:
etcd:
hosts:
default: calico-etcd
scheme:
default: https
networking:
mtu: 1500
manifests:
daemonset_calico_etcd: false
job_image_repo_sync: false
service_calico_etcd: false
dependencies:
- calico-htk
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: calico-htk
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.kubernetes.calico.calico-htk
dest:
path: .source
data:
chart_name: calico-htk
release: calico-htk
namespace: calico-htk
values: {}
dependencies: []

View File

@ -1,15 +0,0 @@
---
schema: armada/ChartGroup/v1
metadata:
schema: metadata/Document/v1
name: kubernetes-container-networking
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
data:
description: Container networking via Calico
sequenced: true
chart_group:
- kubernetes-calico-etcd
- kubernetes-calico

View File

@ -1,142 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: kubernetes-calico-etcd-global
layeringDefinition:
abstract: true
layer: global
labels:
name: kubernetes-calico-etcd-global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.kubernetes.calico.etcd
dest:
path: .source
# Image versions
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.calico.etcd
dest:
path: .values.images.tags
# IP addresses
-
src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .calico.etcd.service_ip
dest:
path: .values.service.ip
-
src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .calico.etcd.service_ip
dest:
path: .values.anchor.etcdctl_endpoint
# CAs
-
src:
schema: deckhand/CertificateAuthority/v1
name: calico-etcd
path: .
dest:
path: .values.secrets.tls.client.ca
-
src:
schema: deckhand/CertificateAuthority/v1
name: calico-etcd-peer
path: .
dest:
path: .values.secrets.tls.peer.ca
# Anchor client cert
-
src:
schema: deckhand/Certificate/v1
name: calico-etcd-anchor
path: .
dest:
path: .values.secrets.anchor.tls.cert
-
src:
schema: deckhand/CertificateKey/v1
name: calico-etcd-anchor
path: .
dest:
path: .values.secrets.anchor.tls.key
data:
chart_name: etcd
release: kubernetes-calico-etcd
namespace: kube-system
protected:
continue_processing: false
wait:
timeout: 600
labels:
release_group: airship-kubernetes-calico-etcd
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: airship-kubernetes-calico-etcd
values:
labels:
anchor:
node_selector_key: calico-etcd
node_selector_value: enabled
etcd:
host_data_path: /var/lib/etcd/calico
host_etc_path: /etc/etcd/calico
bootstrapping:
enabled: true
host_directory: /var/lib/anchor
filename: calico-etcd-bootstrap
service:
name: calico-etcd
network:
service_client:
name: service_client
port: 6666
target_port: 6666
service_peer:
name: service_peer
port: 6667
target_port: 6667
dependencies:
- kubernetes-calico-etcd-htk
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: kubernetes-calico-etcd-htk
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.kubernetes.calico.etcd-htk
dest:
path: .source
data:
chart_name: kubernetes-calico-etcd-htk
release: kubernetes-calico-etcd-htk
namespace: kubernetes-calico-etcd-htk
values: {}
dependencies: []
...

View File

@ -1,169 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: kubernetes-apiserver
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.kubernetes.apiserver
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.kubernetes.apiserver
dest:
path: .values.images.tags
# IP addresses
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .kubernetes.api_service_ip
dest:
path: .values.network.kubernetes_service_ip
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .kubernetes.pod_cidr
dest:
path: .values.network.pod_cidr
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .kubernetes.service_cidr
dest:
path: .values.network.service_cidr
# CA
-
src:
schema: deckhand/CertificateAuthority/v1
name: kubernetes
path: .
dest:
path: .values.secrets.tls.ca
# Certificates
-
src:
schema: deckhand/Certificate/v1
name: apiserver
path: .
dest:
path: .values.secrets.tls.cert
-
src:
schema: deckhand/CertificateKey/v1
name: apiserver
path: .
dest:
path: .values.secrets.tls.key
-
src:
schema: deckhand/CertificateAuthority/v1
name: kubernetes-etcd
path: .
dest:
path: .values.secrets.etcd.tls.ca
-
src:
schema: deckhand/Certificate/v1
name: apiserver-etcd
path: .
dest:
path: .values.secrets.etcd.tls.cert
-
src:
schema: deckhand/CertificateKey/v1
name: apiserver-etcd
path: .
dest:
path: .values.secrets.etcd.tls.key
-
src:
schema: deckhand/PublicKey/v1
name: service-account
path: .
dest:
path: .values.secrets.service_account.public_key
# Command prefix
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .kubernetes.service_cidr
dest:
path: .values.command_prefix[1]
pattern: SERVICE_CIDR
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .kubernetes.service_node_port_range
dest:
path: .values.command_prefix[2]
pattern: SERVICE_NODE_PORT_RANGE
data:
chart_name: apiserver
release: kubernetes-apiserver
namespace: kube-system
protected:
continue_processing: false
wait:
timeout: 600
labels:
release_group: airship-kubernetes-apiserver
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: airship-kubernetes-apiserver
values:
apiserver:
etcd:
endpoints: https://127.0.0.1:2378
command_prefix:
- /apiserver
- --service-cluster-ip-range=SERVICE_CIDR
- --service-node-port-range=SERVICE_NODE_PORT_RANGE
- --authorization-mode=Node,RBAC
- --admission-control=NamespaceLifecycle,LimitRanger,ServiceAccount,PersistentVolumeLabel,DefaultStorageClass,ResourceQuota,DefaultTolerationSeconds
- --endpoint-reconciler-type=lease
dependencies:
- kubernetes-apiserver-htk
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: kubernetes-apiserver-htk
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.kubernetes.apiserver-htk
dest:
path: .source
data:
chart_name: kubernetes-apiserver-htk
release: kubernetes-apiserver-htk
namespace: kubernetes-apiserver-htk
values: {}
dependencies: []
...

View File

@ -1,15 +0,0 @@
---
schema: armada/ChartGroup/v1
metadata:
schema: metadata/Document/v1
name: kubernetes-core
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
data:
description: Kubernetes components
chart_group:
- kubernetes-apiserver
- kubernetes-controller-manager
- kubernetes-scheduler

View File

@ -1,119 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: kubernetes-controller-manager
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.kubernetes.controller-manager
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.kubernetes.controller-manager
dest:
path: .values.images.tags
# IP addresses
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .kubernetes.pod_cidr
dest:
path: .values.network.pod_cidr
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .kubernetes.service_cidr
dest:
path: .values.network.service_cidr
# CA
-
src:
schema: deckhand/CertificateAuthority/v1
name: kubernetes
path: .
dest:
path: .values.secrets.tls.ca
# Certificates
-
src:
schema: deckhand/Certificate/v1
name: controller-manager
path: .
dest:
path: .values.secrets.tls.cert
-
src:
schema: deckhand/CertificateKey/v1
name: controller-manager
path: .
dest:
path: .values.secrets.tls.key
# Private key for Kubernetes service account token signing
-
src:
schema: deckhand/PrivateKey/v1
name: service-account
path: .
dest:
path: .values.secrets.service_account.private_key
data:
chart_name: controller-manager
release: kubernetes-controller-manager
namespace: kube-system
protected:
continue_processing: false
wait:
timeout: 600
labels:
release_group: airship-kubernetes-controller-manager
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: airship-kubernetes-controller-manager
values:
network:
kubernetes_netloc: 127.0.0.1:6553
dependencies:
- kubernetes-controller-manager-htk
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: kubernetes-controller-manager-htk
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.kubernetes.controller-manager-htk
dest:
path: .source
data:
chart_name: kubernetes-controller-manager-htk
release: kubernetes-controller-manager-htk
namespace: kubernetes-controller-manager-htk
values: {}
dependencies: []
...

View File

@ -1,96 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: kubernetes-scheduler
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.kubernetes.scheduler
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.kubernetes.scheduler
dest:
path: .values.images.tags
# CA
-
src:
schema: deckhand/CertificateAuthority/v1
name: kubernetes
path: .
dest:
path: .values.secrets.tls.ca
# Certificates
-
src:
schema: deckhand/Certificate/v1
name: scheduler
path: .
dest:
path: .values.secrets.tls.cert
-
src:
schema: deckhand/CertificateKey/v1
name: scheduler
path: .
dest:
path: .values.secrets.tls.key
data:
chart_name: scheduler
release: kubernetes-scheduler
namespace: kube-system
protected:
continue_processing: false
wait:
timeout: 600
labels:
release_group: airship-kubernetes-scheduler
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: airship-kubernetes-scheduler
values:
network:
kubernetes_netloc: 127.0.0.1:6553
dependencies:
- kubernetes-scheduler-htk
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: kubernetes-scheduler-htk
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.kubernetes.scheduler-htk
dest:
path: .source
data:
chart_name: kubernetes-scheduler-htk
release: kubernetes-scheduler-htk
namespace: kubernetes-scheduler-htk
values: {}
dependencies: []
...

View File

@ -1,13 +0,0 @@
---
schema: armada/ChartGroup/v1
metadata:
schema: metadata/Document/v1
name: kubernetes-dns
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
data:
description: Cluster DNS
chart_group:
- coredns

View File

@ -1,120 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: coredns
layeringDefinition:
abstract: false
layer: global
labels:
name: coredns
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.kubernetes.coredns
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.kubernetes.coredns
dest:
path: .values.images
# Zones
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .dns.cluster_domain
dest:
path: .values.conf.coredns.corefile
pattern: 'CLUSTER_DOMAIN'
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .kubernetes.service_cidr
dest:
path: .values.conf.coredns.corefile
pattern: 'SERVICE_CIDR'
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .kubernetes.pod_cidr
dest:
path: .values.conf.coredns.corefile
pattern: 'POD_CIDR'
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .dns.upstream_servers[0]
dest:
path: .values.conf.coredns.corefile
pattern: 'UPSTREAM1'
data:
chart_name: coredns
release: coredns
namespace: kube-system
wait:
timeout: 600
labels:
release_group: airship-coredns
test:
enabled: true
options:
cleanup: true
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: airship-coredns
values:
conf:
coredns:
# TODO(alanmeadows) this needs to be adjusted to use substition
corefile: |
.:53 {
errors
health
autopath @kubernetes
kubernetes CLUSTER_DOMAIN SERVICE_CIDR POD_CIDR {
pods insecure
fallthrough in-addr.arpa ip6.arpa
upstream UPSTREAM1
}
prometheus :9153
proxy . UPSTREAM1
cache 30
}
dependencies:
- coredns-htk
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: coredns-htk
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.kubernetes.coredns-htk
dest:
path: .source
data:
chart_name: coredns-htk
release: coredns-htk
namespace: coredns-htk
values: {}
dependencies: []
...

View File

@ -1,13 +0,0 @@
---
schema: armada/ChartGroup/v1
metadata:
schema: metadata/Document/v1
name: kubernetes-etcd
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
data:
description: Kubernetes etcd
chart_group:
- kubernetes-etcd

View File

@ -1,136 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: kubernetes-etcd-global
layeringDefinition:
abstract: true
layer: global
labels:
name: kubernetes-etcd-global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.kubernetes.etcd
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.kubernetes.etcd
dest:
path: .values.images.tags
# IP addresses
-
src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .kubernetes.etcd_service_ip
dest:
path: .values.service.ip
# CAs
-
src:
schema: deckhand/CertificateAuthority/v1
name: kubernetes-etcd
path: .
dest:
path: .values.secrets.tls.client.ca
-
src:
schema: deckhand/CertificateAuthority/v1
name: kubernetes-etcd-peer
path: .
dest:
path: .values.secrets.tls.peer.ca
-
src:
schema: deckhand/Certificate/v1
name: kubernetes-etcd-anchor
path: .
dest:
path: .values.secrets.anchor.tls.cert
-
src:
schema: deckhand/CertificateKey/v1
name: kubernetes-etcd-anchor
path: .
dest:
path: .values.secrets.anchor.tls.key
data:
chart_name: etcd
release: kubernetes-etcd
namespace: kube-system
protected:
continue_processing: false
wait:
timeout: 600
labels:
release_group: airship-kubernetes-etcd
test:
enabled: true
options:
cleanup: true
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: airship-kubernetes-etcd
values:
anchor:
etcdctl_endpoint: kubernetes-etcd.kube-system.svc.cluster.local
labels:
anchor:
node_selector_key: kubernetes-etcd
node_selector_value: enabled
etcd:
host_data_path: /var/lib/etcd/kubernetes
host_etc_path: /etc/etcd/kubernetes
service:
name: kubernetes-etcd
network:
service_client:
name: service_client
port: 2379
target_port: 2379
service_peer:
name: service_peer
port: 2380
target_port: 2380
dependencies:
- kubernetes-etcd-htk
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: kubernetes-etcd-htk
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.kubernetes.etcd-htk
dest:
path: .source
data:
chart_name: kubernetes-etcd-htk
release: kubernetes-etcd-htk
namespace: kubernetes-etcd-htk
values: {}
dependencies: []
...

View File

@ -1,13 +0,0 @@
---
schema: armada/ChartGroup/v1
metadata:
schema: metadata/Document/v1
name: kubernetes-haproxy
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
data:
description: HAProxy for Kubernetes
chart_group:
- haproxy

View File

@ -1,101 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: haproxy
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.kubernetes.haproxy
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.kubernetes.haproxy
dest:
path: .values.images
data:
chart_name: haproxy
release: haproxy
namespace: kube-system
protected:
continue_processing: false
wait:
timeout: 600
labels:
release_group: airship-haproxy
test:
enabled: true
options:
cleanup: true
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: airship-haproxy
values:
conf:
anchor:
# TODO(alanmeadows) this should be substituted
kubernetes_url: https://10.96.0.1:443
services:
default:
kubernetes:
server_opts: "check"
conf_parts:
frontend:
- mode tcp
- option tcpka
- bind *:6553
backend:
- mode tcp
- option tcpka
kube-system:
kubernetes-etcd:
server_opts: "check"
conf_parts:
frontend:
- mode tcp
- option tcpka
- bind *:2378
backend:
- mode tcp
- option tcpka
dependencies:
- haproxy-htk
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: haproxy-htk
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.kubernetes.haproxy-htk
dest:
path: .source
data:
chart_name: haproxy-htk
release: haproxy-htk
namespace: haproxy-htk
values: {}
dependencies: []
...

View File

@ -1,13 +0,0 @@
---
schema: armada/ChartGroup/v1
metadata:
schema: metadata/Document/v1
name: ingress-kube-system
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
data:
description: Ingress for the site
chart_group:
- ingress-kube-system

View File

@ -1,86 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: ingress-kube-system
layeringDefinition:
abstract: false
layer: global
labels:
name: ingress-kube-system
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.kubernetes.ingress
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.osh.ingress
dest:
path: .values.images.tags
data:
chart_name: ingress-kube-system
release: ingress-kube-system
namespace: kube-system
wait:
timeout: 300
labels:
release_group: airship-ingress-kube-system
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: airship-ingress-kube-system
values:
labels:
server:
node_selector_key: kube-ingress
node_selector_value: enabled
error_server:
node_selector_key: kube-ingress
node_selector_value: enabled
deployment:
mode: cluster
type: DaemonSet
network:
host_namespace: true
ingress:
annotations:
nginx.ingress.kubernetes.io/proxy-read-timeout: "603"
pod:
replicas:
error_page: 1
dependencies:
- ingress-kube-system-htk
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: ingress-kube-system-htk
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.kubernetes.ingress-htk
dest:
path: .source
data:
chart_name: ingress-kube-system-htk
release: ingress-kube-system-htk
namespace: ingress-kube-system-htk
values: {}
dependencies: []

View File

@ -1,14 +0,0 @@
---
schema: armada/ChartGroup/v1
metadata:
schema: metadata/Document/v1
name: kubernetes-proxy
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
data:
description: Kubernetes proxy
sequenced: true
chart_group:
- kubernetes-proxy

View File

@ -1,68 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: kubernetes-proxy
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.kubernetes.proxy
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.kubernetes.proxy
dest:
path: .values.images.tags
data:
chart_name: proxy
release: kubernetes-proxy
namespace: kube-system
wait:
timeout: 600
labels:
release_group: airship-kubernetes-proxy
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: airship-kubernetes-proxy
values:
network:
kubernetes_netloc: 127.0.0.1:6553
dependencies:
- kubernetes-proxy-htk
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: kubernetes-proxy-htk
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.kubernetes.proxy-htk
dest:
path: .source
data:
chart_name: kubernetes-proxy-htk
release: kubernetes-proxy-htk
namespace: kubernetes-proxy-htk
values: {}
dependencies: []
...

View File

@ -1,16 +0,0 @@
---
schema: armada/ChartGroup/v1
metadata:
schema: metadata/Document/v1
name: openstack-component-infrastructure
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
data:
description: "OpenStack Component Infrastructure"
sequenced: False
chart_group:
- openstack-mariadb
- rabbitmq
- memcached

View File

@ -1,17 +0,0 @@
---
schema: armada/ChartGroup/v1
metadata:
schema: metadata/Document/v1
name: openstack-component-shared
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
data:
description: "OpenStack Shared and Common components"
sequenced: False
chart_group:
- keystone
- glance
- heat
- horizon

View File

@ -1,99 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: glance
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.openstack.glance
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.osh.glance
dest:
path: .values.images.tags
data:
chart_name: glance
release: glance
namespace: openstack
wait:
timeout: 1800
labels:
release_group: airship-glance
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
application: glance
component: db-init
- type: job
labels:
application: glance
component: db-sync
- type: job
labels:
application: glance
component: ks-user
- type: job
labels:
application: glance
component: ks-service
- type: job
labels:
application: glance
component: ks-endpoints
- type: job
labels:
application: glance
component: storage-init
values:
labels:
api:
node_selector_key: openstack-control-plane
node_selector_value: enabled
job:
node_selector_key: openstack-control-plane
node_selector_value: enabled
registry:
node_selector_key: openstack-control-plane
node_selector_value: enabled
storage: pvc
dependencies:
- openstack-glance-helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-glance-helm-toolkit
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.openstack.glance-htk
dest:
path: .source
data:
chart_name: openstack-glance-helm-toolkit
release: openstack-glance-helm-toolkit
namespace: helm-toolkit
values: {}
dependencies: []

View File

@ -1,108 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: heat
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.openstack.heat
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.osh.heat
dest:
path: .values.images.tags
data:
chart_name: heat
release: heat
namespace: openstack
wait:
timeout: 1800
labels:
release_group: airship-heat
test:
enabled: true
options:
cleanup: false
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
application: heat
component: db-init
- type: job
labels:
application: heat
component: db-sync
- type: job
labels:
application: heat
component: ks-user
- type: job
labels:
application: heat
component: ks-service
- type: job
labels:
application: heat
component: ks-endpoints
- type: cronjob
labels:
application: heat
component: engine-cleaner
values:
labels:
api:
node_selector_key: openstack-control-plane
node_selector_value: enabled
cfn:
node_selector_key: openstack-control-plane
node_selector_value: enabled
cloudwatch:
node_selector_key: openstack-control-plane
node_selector_value: enabled
engine:
node_selector_key: openstack-control-plane
node_selector_value: enabled
job:
node_selector_key: openstack-control-plane
node_selector_value: enabled
dependencies:
- openstack-heat-helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-heat-helm-toolkit
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.openstack.heat-htk
dest:
path: .source
data:
chart_name: openstack-heat-helm-toolkit
release: openstack-heat-helm-toolkit
namespace: helm-toolkit
values: {}
dependencies: []

View File

@ -1,79 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: horizon
labels:
component: horizon
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.openstack.horizon
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.osh.horizon
dest:
path: .values.images.tags
data:
chart_name: horizon
release: horizon
namespace: openstack
wait:
timeout: 1800
labels:
release_group: airship-horizon
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
application: horizon
component: db-init
- type: job
labels:
application: horizon
component: db-sync
post:
create: []
values:
labels:
node_selector_key: openstack-control-plane
node_selector_value: enabled
dependencies:
- openstack-horizon-helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-horizon-helm-toolkit
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.openstack.horizon-htk
dest:
path: .source
data:
chart_name: openstack-horizon-helm-toolkit
release: openstack-horizon-helm-toolkit
namespace: helm-toolkit
values: {}
dependencies: []

View File

@ -1,104 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: keystone
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.openstack.keystone
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.osh.keystone
dest:
path: .values.images.tags
data:
chart_name: keystone
release: openstack-keystone
namespace: openstack
wait:
timeout: 1800
labels:
release_group: airship-openstack-keystone
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
application: keystone
component: bootstrap
- type: job
labels:
application: keystone
component: credential-setup
- type: job
labels:
application: keystone
component: db-init
- type: job
labels:
application: keystone
component: db-sync
- type: job
labels:
application: keystone
component: fernet-setup
- type: job
labels:
application: keystone
component: domain-manage
- type: cronjob
labels:
application: keystone
component: credential-rotate
- type: cronjob
labels:
application: keystone
component: fernet-rotate
values:
labels:
api:
node_selector_key: openstack-control-plane
node_selector_value: enabled
job:
node_selector_key: openstack-control-plane
node_selector_value: enabled
dependencies:
- openstack-keystone-helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-keystone-helm-toolkit
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.openstack.keystone-htk
dest:
path: .source
data:
chart_name: openstack-keystone-helm-toolkit
release: openstack-keystone-helm-toolkit
namespace: helm-toolkit
values: {}
dependencies: []

View File

@ -1,72 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-mariadb
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.openstack.mariadb
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.osh.mariadb
dest:
path: .values.images.tags
data:
chart_name: mariadb
release: openstack-mariadb
namespace: openstack
wait:
timeout: 1800
labels:
release_group: airship-openstack-mariadb
install:
no_hooks: false
upgrade:
no_hooks: false
values:
volume:
enabled: false
labels:
server:
node_selector_key: openstack-control-plane
node_selector_value: enabled
prometheus_mysql_exporter:
node_selector_key: openstack-control-plane
node_selector_value: enabled
dependencies:
- openstack-mariadb-helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-mariadb-helm-toolkit
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.openstack.mariadb-htk
dest:
path: .source
data:
chart_name: openstack-mariadb-helm-toolkit
release: openstack-mariadb-helm-toolkit
namespace: helm-toolkit
values: {}
dependencies: []

View File

@ -1,67 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: memcached
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.openstack.memcached
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.osh.memcached
dest:
path: .values.images.tags
data:
chart_name: memcached
release: openstack-memcached
namespace: openstack
wait:
timeout: 1800
labels:
release_group: airship-openstack-memcached
install:
no_hooks: false
upgrade:
no_hooks: false
values:
labels:
server:
node_selector_key: openstack-control-plane
node_selector_value: enabled
dependencies:
- openstack-memcached-helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-memcached-helm-toolkit
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.openstack.memcached-htk
dest:
path: .source
data:
chart_name: openstack-memcached-helm-toolkit
release: openstack-memcached-helm-toolkit
namespace: helm-toolkit
values: {}
dependencies: []

View File

@ -1,69 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: rabbitmq
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.openstack.rabbitmq
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.osh.rabbitmq
dest:
path: .values.images.tags
data:
chart_name: rabbitmq
release: rabbitmq
namespace: openstack
wait:
timeout: 1800
labels:
release_group: airship-rabbitmq
install:
no_hooks: false
upgrade:
no_hooks: false
values:
labels:
server:
node_selector_key: openstack-control-plane
node_selector_value: enabled
pod:
replicas:
server: 1
dependencies:
- openstack-rabbitmq-helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-rabbitmq-helm-toolkit
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.openstack.rabbitmq-htk
dest:
path: .source
data:
chart_name: openstack-rabbitmq-helm-toolkit
release: openstack-rabbitmq-helm-toolkit
namespace: helm-toolkit
values: {}
dependencies: []

View File

@ -1,17 +0,0 @@
---
schema: armada/ChartGroup/v1
metadata:
schema: metadata/Document/v1
name: openstack-compute-kit
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
data:
description: "Deploy nova and neutron, and backend services"
sequenced: False
chart_group:
- libvirt
- openvswitch
- nova
- neutron

View File

@ -1,66 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: libvirt
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.openstack.libvirt
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.osh.libvirt
dest:
path: .values.images.tags
data:
chart_name: libvirt
release: openstack-libvirt
namespace: openstack
install:
no_hooks: false
upgrade:
no_hooks: false
values:
labels:
agent:
libvirt:
node_selector_key: openstack-compute-node
node_selector_value: enabled
conf:
ceph:
enabled: false
dependencies:
- openstack-libvirt-helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-libvirt-helm-toolkit
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.openstack.libvirt-htk
dest:
path: .source
data:
chart_name: openstack-libvirt-helm-toolkit
release: openstack-libvirt-helm-toolkit
namespace: helm-toolkit
values: {}
dependencies: []

View File

@ -1,130 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: neutron
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.openstack.neutron
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.osh.neutron
dest:
path: .values.images.tags
data:
chart_name: neutron
release: neutron
namespace: openstack
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
application: neutron
component: db-init
- type: job
labels:
application: neutron
component: db-sync
- type: job
labels:
application: neutron
component: ks-user
- type: job
labels:
application: neutron
component: ks-service
- type: job
labels:
application: neutron
component: ks-endpoints
wait:
timeout: 1800
values:
labels:
agent:
dhcp:
node_selector_key: openstack-control-plane
node_selector_value: enabled
l3:
node_selector_key: openstack-control-plane
node_selector_value: enabled
metadata:
node_selector_key: openstack-control-plane
node_selector_value: enabled
job:
node_selector_key: openstack-control-plane
node_selector_value: enabled
lb:
node_selector_key: linuxbridge
node_selector_value: enabled
ovs:
node_selector_key: openvswitch
node_selector_value: enabled
server:
node_selector_key: openstack-control-plane
node_selector_value: enabled
test:
node_selector_key: openstack-control-plane
node_selector_value: enabled
network:
interface:
tunnel: docker0
conf:
neutron:
DEFAULT:
l3_ha: False
max_l3_agents_per_router: 1
l3_ha_network_type: vxlan
dhcp_agents_per_network: 1
plugins:
ml2_conf:
ml2_type_flat:
flat_networks: public
openvswitch_agent:
agent:
tunnel_types: vxlan
ovs:
bridge_mappings: public:br-ex
linuxbridge_agent:
linux_bridge:
bridge_mappings: public:br-ex
dependencies:
- openstack-neutron-helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-neutron-helm-toolkit
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.openstack.neutron-htk
dest:
path: .source
data:
chart_name: openstack-neutron-helm-toolkit
release: openstack-neutron-helm-toolkit
namespace: helm-toolkit
values: {}
dependencies: []

View File

@ -1,144 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: nova
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.openstack.nova
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.osh.nova
dest:
path: .values.images.tags
data:
chart_name: nova
release: nova
namespace: openstack
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
application: nova
component: db-init
- type: job
labels:
application: nova
component: db-sync
- type: job
labels:
application: nova
component: ks-user
- type: job
labels:
application: nova
component: ks-service
- type: job
labels:
application: nova
component: ks-endpoints
- type: job
labels:
application: placement
component: ks-user
- type: job
labels:
application: placement
component: ks-service
- type: job
labels:
application: placement
component: ks-endpoints
- type: job
labels:
application: nova
component: cell-setup
- type: cronjob
labels:
application: nova
component: cell-setup
values:
labels:
agent:
compute:
node_selector_key: openstack-compute-node
node_selector_value: enabled
compute_ironic:
node_selector_key: openstack-compute-node
node_selector_value: enabled
api_metadata:
node_selector_key: openstack-control-plane
node_selector_value: enabled
conductor:
node_selector_key: openstack-control-plane
node_selector_value: enabled
consoleauth:
node_selector_key: openstack-control-plane
node_selector_value: enabled
job:
node_selector_key: openstack-control-plane
node_selector_value: enabled
novncproxy:
node_selector_key: openstack-control-plane
node_selector_value: enabled
osapi:
node_selector_key: openstack-control-plane
node_selector_value: enabled
placement:
node_selector_key: openstack-control-plane
node_selector_value: enabled
scheduler:
node_selector_key: openstack-control-plane
node_selector_value: enabled
spiceproxy:
node_selector_key: openstack-control-plane
node_selector_value: enabled
test:
node_selector_key: openstack-control-plane
node_selector_value: enabled
conf:
ceph:
enabled: false
nova:
libvirt:
virt_type: qemu
dependencies:
- openstack-nova-helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-nova-helm-toolkit
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.openstack.nova-htk
dest:
path: .source
data:
chart_name: openstack-nova-helm-toolkit
release: openstack-nova-helm-toolkit
namespace: helm-toolkit
values: {}
dependencies: []

View File

@ -1,67 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openvswitch
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.openstack.openvswitch
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.osh.openvswitch
dest:
path: .values.images.tags
data:
chart_name: openvswitch
release: openvswitch
namespace: openstack
wait:
timeout: 1800
labels:
release_group: airship-openvswitch
install:
no_hooks: false
upgrade:
no_hooks: false
values:
labels:
ovs:
node_selector_key: openvswitch
node_selector_value: enabled
dependencies:
- openstack-openvswitch-helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-openvswitch-helm-toolkit
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.openstack.openvswitch-htk
dest:
path: .source
data:
chart_name: openstack-openvswitch-helm-toolkit
release: openstack-openvswitch-helm-toolkit
namespace: helm-toolkit
values: {}
dependencies: []

View File

@ -1,14 +0,0 @@
---
schema: armada/ChartGroup/v1
metadata:
schema: metadata/Document/v1
name: openstack-ingress-controller
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
data:
description: "OpenStack Ingress Controller"
sequenced: False
chart_group:
- openstack-ingress-controller

View File

@ -1,62 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-ingress-controller
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.openstack.ingress
dest:
path: .source
data:
chart_name: openstack-ingress-controller
release: openstack-ingress-controller
namespace: openstack
wait:
timeout: 300
labels:
release_group: airship-openstack-ingress-controller
install:
no_hooks: false
upgrade:
no_hooks: false
values:
labels:
server:
node_selector_key: openstack-control-plane
node_selector_value: enabled
error_server:
node_selector_key: openstack-control-plane
node_selector_value: enabled
dependencies:
- openstack-ingress-helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-ingress-helm-toolkit
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.openstack.ingress-htk
dest:
path: .source
data:
chart_name: openstack-ingress-helm-toolkit
release: openstack-ingress-helm-toolkit
namespace: helm-toolkit
values: {}
dependencies: []

View File

@ -1,123 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: ucp-armada
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.armada
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.ucp.armada
dest:
path: .values.images.tags
# Endpoints
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.identity
dest:
path: .values.endpoints.identity
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.armada
dest:
path: .values.endpoints.armada
# Credentials
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.keystone.admin
dest:
path: .values.endpoints.identity.auth.admin
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.armada.keystone
dest:
path: .values.endpoints.identity.auth.user
# Secrets
- dest:
path: .values.endpoints.identity.auth.admin.password
src:
schema: deckhand/Passphrase/v1
name: ucp_keystone_admin_password
path: .
- dest:
path: .values.endpoints.identity.auth.user.password
src:
schema: deckhand/Passphrase/v1
name: ucp_armada_keystone_password
path: .
data:
chart_name: armada
release: ucp-armada
namespace: ucp
wait:
timeout: 100
labels:
release_group: airship-ucp-armada
test:
enabled: true
options:
cleanup: true
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: airship-ucp-armada
values:
replicas:
api: 1
armada:
DEFAULT:
debug: true
manifests:
deployment_tiller: false
service_tiller: false
dependencies:
- armada-htk
...
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: armada-htk
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.armada-htk
dest:
path: .source
data:
chart_name: armada-htk
release: armada-htk
namespace: armada-htk
values: {}
dependencies: []
...

View File

@ -1,15 +0,0 @@
---
schema: armada/ChartGroup/v1
metadata:
schema: metadata/Document/v1
name: ucp-armada
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
data:
description: Armada
sequenced: true
chart_group:
- ucp-tiller
- ucp-armada

View File

@ -1,70 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: ucp-tiller
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.tiller
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.ucp.tiller
dest:
path: .values.images.tags
data:
chart_name: tiller
release: ucp-tiller
namespace: kube-system
wait:
timeout: 100
labels:
release_group: airship-ucp-tiller
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: airship-ucp-tiller
values: {}
dependencies:
- tiller-htk
...
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: tiller-htk
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.tiller-htk
dest:
path: .source
data:
chart_name: tiller-htk
release: tiller-htk
namespace: tiller-htk
values: {}
dependencies: []
...

View File

@ -1,17 +0,0 @@
---
schema: armada/ChartGroup/v1
metadata:
schema: metadata/Document/v1
name: ucp-core
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
data:
description: Common Airship Components
chart_group:
- ucp-ingress
- ucp-mariadb
- ucp-rabbitmq
- ucp-postgresql
...

View File

@ -1,76 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: ucp-ingress
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
labels:
name: ucp-ingress
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.ingress
dest:
path: .source
data:
chart_name: ingress
release: ingress
namespace: ucp
wait:
timeout: 600
labels:
release_group: airship-ingress
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: airship-ingress
values:
labels:
server:
node_selector_key: ucp-control-plane
node_selector_value: enabled
error_server:
node_selector_key: ucp-control-plane
node_selector_value: enabled
pod:
replicas:
ingress: 1
error_page: 1
network:
ingress:
annotations:
nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
dependencies:
- ucp-ingress-htk
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: ucp-ingress-htk
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.ingress-htk
dest:
path: .source
data:
chart_name: ucp-ingress-htk
release: ucp-ingress-htk
namespace: ucp-ingress-htk
values: {}
dependencies: []

View File

@ -1,109 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: ucp-mariadb
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.mariadb
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.ucp.mariadb
dest:
path: .values.images.tags
# Endpoints
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.oslo_db
dest:
path: .values.endpoints.oslo_db
# Accounts
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.oslo_db.admin
dest:
path: .values.endpoints.oslo_db.auth.admin
# Secrets
- dest:
path: .values.endpoints.oslo_db.auth.admin.password
src:
schema: deckhand/Passphrase/v1
name: ucp_oslo_db_admin_password
path: .
data:
chart_name: ucp-mariadb
release: ucp-mariadb
namespace: ucp
wait:
timeout: 600
labels:
release_group: airship-ucp-mariadb
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: airship-ucp-mariadb
values:
labels:
server:
node_selector_key: ucp-control-plane
node_selector_value: enabled
prometheus_mysql_exporter:
node_selector_key: ucp-control-plane
node_selector_value: enabled
ingress:
node_selector_key: ucp-control-plane
node_selector_value: enabled
error_server:
node_selector_key: ucp-control-plane
node_selector_value: enabled
pod:
replicas:
server: 1
dependencies:
- mariadb-htk
...
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: mariadb-htk
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.mariadb-htk
dest:
path: .source
data:
chart_name: mariadb-htk
release: mariadb-htk
namespace: mariadb-htk
values: {}
dependencies: []
...

View File

@ -1,101 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: ucp-postgresql
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.postgresql
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.ucp.postgresql
dest:
path: .values.images.tags
# Endpoints
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.postgresql
dest:
path: .values.endpoints.postgresql
# Credentials
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.postgres.admin
dest:
path: .values.endpoints.postgresql.auth.admin
# Secrets
- dest:
path: .values.endpoints.postgresql.auth.admin.password
src:
schema: deckhand/Passphrase/v1
name: ucp_postgres_admin_password
path: .
data:
chart_name: ucp-postgresql
release: ucp-postgresql
namespace: ucp
wait:
timeout: 600
labels:
release_group: airship-ucp-postgresql
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: airship-ucp-postgresql
create: []
post:
create: []
values:
development:
enabled: false
labels:
server:
node_selector_key: ucp-control-plane
node_selector_value: enabled
dependencies:
- postgres-htk
...
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: postgres-htk
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.postgresql-htk
dest:
path: .source
data:
chart_name: postgres-htk
release: postgres-htk
namespace: postgres-htk
values: {}
dependencies: []
...

View File

@ -1,114 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: ucp-rabbitmq
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.rabbitmq
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.ucp.rabbitmq
dest:
path: .values.images.tags
# Endpoints
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.oslo_messaging
dest:
path: .values.endpoints.oslo_messaging
# Credentials
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.oslo_messaging.admin
dest:
path: .values.endpoints.oslo_messaging.auth.user
# Secrets
- src:
schema: deckhand/Passphrase/v1
name: ucp_rabbitmq_erlang_cookie
path: .
dest:
path: .values.endpoints.oslo_messaging.auth.erlang_cookie
- src:
schema: deckhand/Passphrase/v1
name: ucp_oslo_messaging_password
path: .
dest:
path: .values.endpoints.oslo_messaging.auth.user.password
data:
chart_name: ucp-rabbitmq
release: ucp-rabbitmq
namespace: ucp
wait:
timeout: 600
labels:
release_group: airship-ucp-rabbitmq
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: airship-ucp-rabbitmq
- type: pod
labels:
release_group: airship-ucp-rabbitmq
component: test
values:
pod:
replicas:
server: 1
labels:
server:
node_selector_key: ucp-control-plane
node_selector_value: enabled
prometheus_rabbitmq_exporter:
node_selector_key: ucp-control-plane
node_selector_value: enabled
dependencies:
- ucp-rabbitmq-htk
...
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: ucp-rabbitmq-htk
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.rabbitmq-htk
dest:
path: .source
data:
chart_name: ucp-rabbitmq-htk
release: ucp-rabbitmq-htk
namespace: ucp-rabbitmq-htk
values: {}
dependencies: []
...

View File

@ -1,188 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: ucp-barbican
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.barbican
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.ucp.barbican
dest:
path: .values.images.tags
# Endpoints
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.identity
dest:
path: .values.endpoints.identity
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.key_manager
dest:
path: .values.endpoints.key_manager
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.oslo_db
dest:
path: .values.endpoints.oslo_db
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.oslo_cache
dest:
path: .values.endpoints.oslo_cache
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.oslo_messaging
dest:
path: .values.endpoints.oslo_messaging
# Credentials
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.barbican.keystone
dest:
path: .values.endpoints.identity.auth.barbican
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.keystone.admin
dest:
path: .values.endpoints.identity.auth.admin
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.barbican.oslo_db
dest:
path: .values.endpoints.oslo_db.auth.barbican
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.barbican.oslo_db.database
dest:
path: .values.endpoints.oslo_db.path
pattern: DB_NAME
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.barbican.oslo_messaging
dest:
path: .values.endpoints.oslo_messaging.auth
# Secrets
- dest:
path: .values.endpoints.identity.auth.admin.password
src:
schema: deckhand/Passphrase/v1
name: ucp_keystone_admin_password
path: .
- dest:
path: .values.endpoints.oslo_db.auth.admin.password
src:
schema: deckhand/Passphrase/v1
name: ucp_oslo_db_admin_password
path: .
- dest:
path: .values.endpoints.identity.auth.barbican.password
src:
schema: deckhand/Passphrase/v1
name: ucp_barbican_keystone_password
path: .
- dest:
path: .values.endpoints.oslo_db.auth.barbican.password
src:
schema: deckhand/Passphrase/v1
name: ucp_barbican_oslo_db_password
path: .
- dest:
path: .values.endpoints.oslo_messaging.auth.admin.password
src:
schema: deckhand/Passphrase/v1
name: ucp_oslo_messaging_password
path: .
- dest:
path: .values.endpoints.oslo_messaging.auth.barbican.password
src:
schema: deckhand/Passphrase/v1
name: ucp_oslo_messaging_password
path: .
data:
chart_name: ucp-barbican
release: ucp-barbican
namespace: ucp
wait:
timeout: 600
labels:
release_group: airship-ucp-barbican
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: airship-ucp-barbican
create: []
post:
create: []
values:
labels:
api:
node_selector_key: ucp-control-plane
node_selector_value: enabled
job:
node_selector_key: ucp-control-plane
node_selector_value: enabled
test:
node_selector_key: ucp-control-plane
node_selector_value: enabled
pod:
replicas:
api: 1
dependencies:
- ucp-barbican-htk
...
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: ucp-barbican-htk
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.barbican-htk
dest:
path: .source
data:
chart_name: ucp-barbican-htk
release: ucp-barbican-htk
namespace: ucp-barbican-htk
values: {}
dependencies: []
...

View File

@ -1,16 +0,0 @@
---
schema: armada/ChartGroup/v1
metadata:
schema: metadata/Document/v1
name: ucp-deckhand
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
data:
description: Deckhand
chart_group:
# NOTE(mb874d): Find and add the dogtag chart
# - ucp-dogtag
- ucp-barbican
- ucp-deckhand

View File

@ -1,178 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: ucp-deckhand
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.deckhand
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.ucp.deckhand
dest:
path: .values.images.tags
# Endpoints
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.identity
dest:
path: .values.endpoints.identity
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.postgresql
dest:
path: .values.endpoints.postgresql
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.deckhand
dest:
path: .values.endpoints.deckhand
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.key_manager
dest:
path: .values.endpoints.key_manager
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.oslo_cache
dest:
path: .values.endpoints.oslo_cache
# Credentials
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.postgres.admin
dest:
path: .values.endpoints.postgresql.auth.admin
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.deckhand.postgres
dest:
path: .values.endpoints.postgresql.auth.user
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.deckhand.postgres.database
dest:
path: .values.endpoints.postgresql.path
pattern: DB_NAME
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.deckhand.keystone
dest:
path: .values.endpoints.identity.auth.user
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.keystone.admin
dest:
path: .values.endpoints.identity.auth.admin
# Secrets
- dest:
path: .values.endpoints.identity.auth.admin.password
src:
schema: deckhand/Passphrase/v1
name: ucp_keystone_admin_password
path: .
- dest:
path: .values.endpoints.postgresql.auth.admin.password
src:
schema: deckhand/Passphrase/v1
name: ucp_postgres_admin_password
path: .
- dest:
path: .values.endpoints.identity.auth.user.password
src:
schema: deckhand/Passphrase/v1
name: ucp_deckhand_keystone_password
path: .
- dest:
path: .values.endpoints.postgresql.auth.user.password
src:
schema: deckhand/Passphrase/v1
name: ucp_deckhand_postgres_password
path: .
data:
chart_name: ucp-deckhand
release: ucp-deckhand
namespace: ucp
wait:
timeout: 600
labels:
release_group: airship-ucp-deckhand
test:
enabled: true
options:
cleanup: true
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: airship-ucp-deckhand
create: []
post:
create: []
values:
pod:
replicas:
api: 1
conf:
deckhand:
DEFAULT:
debug: true
use_stderr: true
use_syslog: true
keystone_authtoken:
memcache_security_strategy: None
dependencies:
- deckhand-htk
...
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: deckhand-htk
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.deckhand-htk
dest:
path: .source
data:
chart_name: deckhand-htk
release: deckhand-htk
namespace: deckhand-htk
values: {}
dependencies: []
...

View File

@ -1,13 +0,0 @@
---
schema: armada/ChartGroup/v1
metadata:
schema: metadata/Document/v1
name: ucp-divingbell
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
data:
description: Divingbell
chart_group:
- ucp-divingbell

View File

@ -1,93 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: ucp-divingbell
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.divingbell
dest:
path: .source
data:
chart_name: divingbell
release: divingbell
namespace: ucp
wait:
timeout: 300
labels:
release_group: airship-divingbell
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: airship-divingbell
values:
conf:
sysctl:
net.nf_conntrack_max: '1048576'
kernel.panic: '60'
net.ipv4.conf.default.arp_accept: '1'
net.core.netdev_max_backlog: '261144'
net.ipv4.tcp_keepalive_intvl: '3'
net.ipv4.tcp_keepalive_time: '30'
net.ipv4.tcp_keepalive_probes: '8'
net.ipv4.conf.all.arp_accept: '1'
net.ipv4.tcp_retries2: '5'
net.ipv4.neigh.default.gc_thresh1: '4096'
net.ipv4.neigh.default.gc_thresh2: '8192'
net.ipv4.neigh.default.gc_thresh3: '16384'
net.bridge.bridge-nf-call-iptables: '1'
net.bridge.bridge-nf-call-arptables: '1'
net.bridge.bridge-nf-call-ip6tables: '1'
net.ipv4.conf.default.rp_filter: '0'
net.netfilter.nf_conntrack_acct: '1'
overrides:
divingbell_mounts:
labels:
- label:
key: hosttype
values:
- "nd-global"
- "nv-global"
conf:
mounts:
mnt1:
mnt_tgt: /run/hugepages/kvm
device: hugetlbfs-kvm
type: hugetlbfs
options: 'mode=775'
dependencies:
- ucp-divingbell-htk
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: ucp-divingbell-htk
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.divingbell-htk
dest:
path: .source
data:
chart_name: ucp-divingbell-htk
release: ucp-divingbell-htk
namespace: ucp-divingbell-htk
values: {}
dependencies: []

View File

@ -1,14 +0,0 @@
---
schema: armada/ChartGroup/v1
metadata:
schema: metadata/Document/v1
name: ucp-drydock
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
data:
description: Drydock
chart_group:
- ucp-maas
- ucp-drydock

View File

@ -1,180 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: ucp-drydock
labels:
name: ucp-drydock
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.drydock
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.ucp.drydock
dest:
path: .values.images.tags
# Endpoints
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.identity
dest:
path: .values.endpoints.identity
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.postgresql
dest:
path: .values.endpoints.postgresql
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.physicalprovisioner
dest:
path: .values.endpoints.physicalprovisioner
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.maas_region
dest:
path: .values.endpoints.maas_region
# Credentials
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.postgres.admin
dest:
path: .values.endpoints.postgresql.auth.admin
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.drydock.postgres
dest:
path: .values.endpoints.postgresql.auth.user
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.drydock.postgres.database
dest:
path: .values.endpoints.postgresql.path
pattern: DB_NAME
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.keystone.admin
dest:
path: .values.endpoints.identity.auth.admin
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.drydock.keystone
dest:
path: .values.endpoints.identity.auth.drydock
# Secrets
- dest:
path: .values.endpoints.identity.auth.admin.password
src:
schema: deckhand/Passphrase/v1
name: ucp_keystone_admin_password
path: .
- dest:
path: .values.endpoints.postgresql.auth.admin.password
src:
schema: deckhand/Passphrase/v1
name: ucp_postgres_admin_password
path: .
- dest:
path: .values.endpoints.identity.auth.drydock.password
src:
schema: deckhand/Passphrase/v1
name: ucp_drydock_keystone_password
path: .
- dest:
path: .values.endpoints.postgresql.auth.user.password
src:
schema: deckhand/Passphrase/v1
name: ucp_drydock_postgres_password
path: .
data:
chart_name: drydock
release: drydock
namespace: ucp
wait:
timeout: 600
labels:
release_group: airship-drydock
test:
enabled: true
options:
cleanup: true
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: airship-drydock
values:
replicas:
drydock: 1
labels:
node_selector_key: ucp-control-plane
node_selector_value: enabled
network:
drydock:
node_port:
enabled: true
conf:
drydock:
plugins:
ingester: drydock_provisioner.ingester.plugins.deckhand.DeckhandIngester
oob_driver:
- 'drydock_provisioner.drivers.oob.pyghmi_driver.driver.PyghmiDriver'
- 'drydock_provisioner.drivers.oob.manual_driver.driver.ManualDriver'
dependencies:
- drydock-htk
...
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: drydock-htk
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.drydock-htk
dest:
path: .source
data:
chart_name: drydock-htk
release: drydock-htk
namespace: drydock-htk
values: {}
dependencies: []
...

View File

@ -1,196 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: ucp-maas
layeringDefinition:
abstract: false
layer: global
labels:
name: ucp-maas
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.maas
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.ucp.maas
dest:
path: .values.images.tags
# MaaS Config
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .dns.upstream_servers_joined
dest:
path: .values.conf.maas.dns.dns_servers
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .ntp.servers_joined
dest:
path: .values.conf.maas.ntp.ntp_servers
- src:
schema: deckhand/Passphrase/v1
name: maas-region-key
path: .
dest:
path: .values.secrets.maas_region.value
# Endpoint substitutions
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.postgresql
dest:
path: .values.endpoints.maas_db
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.maas_region
dest:
path: .values.endpoints.maas_region
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.physicalprovisioner
dest:
path: .values.endpoints.physicalprovisioner
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.maas_ingress
dest:
path: .values.endpoints.maas_ingress
# Account and credential substitutions
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.postgres.admin
dest:
path: .values.endpoints.maas_db.auth.admin
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.maas.postgres
dest:
path: .values.endpoints.maas_db.auth.user
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.maas.postgres.database
dest:
path: .values.endpoints.maas_db.path
pattern: DB_NAME
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.maas.admin
dest:
path: .values.endpoints.maas_region.auth.admin
# Secrets
- dest:
path: .values.endpoints.maas_region_ui.auth.admin.password
src:
schema: deckhand/Passphrase/v1
name: ucp_maas_admin_password
path: .
- dest:
path: .values.endpoints.maas_db.auth.admin.password
src:
schema: deckhand/Passphrase/v1
name: ucp_postgres_admin_password
path: .
- dest:
path: .values.endpoints.maas_db.auth.user.password
src:
schema: deckhand/Passphrase/v1
name: ucp_maas_postgres_password
path: .
data:
chart_name: maas
release: maas
namespace: ucp
wait:
timeout: 1800
labels:
release_group: airship-maas
test:
enabled: true
options:
cleanup: true
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: airship-maas
values:
pod:
replicas:
rack: 1
region: 1
labels:
rack:
node_selector_key: ucp-control-plane
node_selector_value: enabled
region:
node_selector_key: ucp-control-plane
node_selector_value: enabled
network:
proxy:
node_port:
enabled: false
conf:
cache:
enabled: false
maas:
credentials:
secret:
namespace: ucp
proxy:
proxy_enabled: 'true'
ntp:
use_external_only: 'false'
dns:
require_dnssec: 'no'
dependencies:
- maas-htk
...
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: maas-htk
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.maas-htk
dest:
path: .source
data:
chart_name: maas-htk
release: maas-htk
namespace: maas-htk
values: {}
dependencies: []
...

View File

@ -1,14 +0,0 @@
---
schema: armada/ChartGroup/v1
metadata:
schema: metadata/Document/v1
name: ucp-keystone
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
data:
description: Airship Keystone components
chart_group:
- ucp-keystone-memcached
- ucp-keystone

View File

@ -1,168 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: ucp-keystone
labels:
component: keystone
configuration: ldap-backed
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.keystone
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.ucp.keystone
dest:
path: .values.images.tags
# Endpoints
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.identity
dest:
path: .values.endpoints.identity
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.oslo_db
dest:
path: .values.endpoints.oslo_db
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.oslo_messaging
dest:
path: .values.endpoints.oslo_messaging
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.oslo_cache
dest:
path: .values.endpoints.oslo_cache
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.keystone.admin
dest:
path: .values.endpoints.identity.auth.admin
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.keystone.oslo_messaging
dest:
path: .values.endpoints.oslo_messaging.auth
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.keystone.oslo_db
dest:
path: .values.endpoints.oslo_db.auth.keystone
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.keystone.oslo_db.database
dest:
path: .values.endpoints.oslo_db.path
pattern: DB_NAME
# Secrets
- dest:
path: .values.endpoints.identity.auth.admin.password
src:
schema: deckhand/Passphrase/v1
name: ucp_keystone_admin_password
path: .
- dest:
path: .values.endpoints.oslo_messaging.auth.keystone.password
src:
schema: deckhand/Passphrase/v1
name: ucp_oslo_messaging_password
path: .
- dest:
path: .values.endpoints.oslo_messaging.auth.admin.password
src:
schema: deckhand/Passphrase/v1
name: ucp_oslo_messaging_password
path: .
- dest:
path: .values.endpoints.oslo_db.auth.keystone.password
src:
schema: deckhand/Passphrase/v1
name: ucp_keystone_oslo_db_password
path: .
- dest:
path: .values.endpoints.oslo_db.auth.admin.password
src:
schema: deckhand/Passphrase/v1
name: ucp_oslo_db_admin_password
path: .
data:
chart_name: ucp-keystone
release: ucp-keystone
namespace: ucp
wait:
timeout: 600
labels:
release_group: airship-ucp-keystone
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: airship-ucp-keystone
- type: pod
labels:
release_group: airship-ucp-keystone
component: test
post:
create: []
values:
pods:
replicas:
api: 1
labels:
api:
node_selector_key: ucp-control-plane
node_selector_value: enabled
job:
node_selector_key: ucp-control-plane
node_selector_value: enabled
dependencies:
- ucp-keystone-htk
...
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: ucp-keystone-htk
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.keystone-htk
dest:
path: .source
data:
chart_name: ucp-keystone-htk
release: ucp-keystone-htk
namespace: ucp-keystone-htk
values: {}
dependencies: []
...

View File

@ -1,80 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: ucp-keystone-memcached
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.memcached
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.ucp.memcached
dest:
path: .values.images.tags
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.oslo_cache
dest:
path: .values.endpoints.oslo_cache
data:
chart_name: ucp-keystone-memcached
release: ucp-keystone-memcached
namespace: ucp
wait:
timeout: 600
labels:
release_group: airship-ucp-keystone-memcached
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: airship-ucp-keystone-memcached
values:
labels:
server:
node_selector_key: ucp-control-plane
node_selector_value: enabled
dependencies:
- ucp-memcached-htk
...
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: ucp-memcached-htk
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.memcached-htk
dest:
path: .source
data:
chart_name: ucp-memcached-htk
release: ucp-memcached-htk
namespace: ucp-memcached-htk
values: {}
dependencies: []
...

View File

@ -1,13 +0,0 @@
---
schema: armada/ChartGroup/v1
metadata:
schema: metadata/Document/v1
name: ucp-promenade
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
data:
description: Promenade
chart_group:
- ucp-promenade

View File

@ -1,130 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: ucp-promenade
layeringDefinition:
abstract: false
layer: global
labels:
name: ucp-promenade
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.promenade
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.ucp.promenade
dest:
path: .values.images.tags
# Endpoints
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.identity
dest:
path: .values.endpoints.identity
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.kubernetesprovisioner
dest:
path: .values.endpoints.kubernetesprovisioner
# Credentials
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.keystone.admin
dest:
path: .values.endpoints.identity.auth.admin
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.promenade.keystone
dest:
path: .values.endpoints.identity.auth.user
# Secrets
- dest:
path: .values.endpoints.identity.auth.admin.password
src:
schema: deckhand/Passphrase/v1
name: ucp_keystone_admin_password
path: .
- dest:
path: .values.endpoints.identity.auth.user.password
src:
schema: deckhand/Passphrase/v1
name: ucp_promenade_keystone_password
path: .
data:
chart_name: promenade
release: ucp-promenade
namespace: ucp
wait:
timeout: 600
labels:
release_group: airship-ucp-promenade
test:
enabled: true
options:
cleanup: true
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: airship-ucp-promenade
values:
conf:
paste:
filter:authtoken:
paste.filter_factory: keystonemiddleware.auth_token:filter_factory
admin_tenant_name: service
admin_user: promenade
delay_auth_decision: true
identity_uri: http://keystone-api.ucp.svc.cluster.local/
service_token_roles_required: true
dependencies:
- promenade-htk
...
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: promenade-htk
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.promenade-htk
dest:
path: .source
data:
chart_name: promenade-htk
release: promenade-htk
namespace: promenade-htk
values: {}
dependencies: []
...

View File

@ -1,21 +0,0 @@
---
schema: armada/ChartGroup/v1
metadata:
schema: metadata/Document/v1
name: ucp-services
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
data:
description: Airship Services
sequenced: true
chart_group:
- ucp-tiller
- ucp-maas
- ucp-armada
- ucp-barbican
- ucp-deckhand
- ucp-promenade
- ucp-shipyard
- ucp-drydock

View File

@ -1,13 +0,0 @@
---
schema: armada/ChartGroup/v1
metadata:
schema: metadata/Document/v1
name: ucp-shipyard
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
data:
description: Shipyard
chart_group:
- ucp-shipyard

View File

@ -1,306 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: ucp-shipyard
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.shipyard
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.ucp.shipyard
dest:
path: .values.images.tags
# Node ports
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .node_ports.shipyard_api
dest:
path: .values.network.shipyard.node_port
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .node_ports.airflow_web
dest:
path: .values.network.airflow.web.node_port
# Endpoints
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.identity
dest:
path: .values.endpoints.identity
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.postgresql
dest:
path: .values.endpoints.postgresql_shipyard_db
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.postgresql
dest:
path: .values.endpoints.postgresql_airflow_db
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.shipyard
dest:
path: .values.endpoints.shipyard
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.airflow_web
dest:
path: .values.endpoints.airflow_web
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.airflow_flower
dest:
path: .values.endpoints.airflow_flower
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.airflow_oslo_messaging
dest:
path: .values.endpoints.oslo_messaging
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.oslo_cache
dest:
path: .values.endpoints.oslo_cache
# Database path
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.shipyard.postgres.database
dest:
path: .values.endpoints.postgresql_shipyard_db.path
pattern: 'DB_NAME'
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.airflow.postgres.database
dest:
path: .values.endpoints.postgresql_airflow_db.path
pattern: 'DB_NAME'
# Credentials
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.postgres.admin
dest:
path: .values.endpoints.postgresql_shipyard_db.auth.admin
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.postgres.admin
dest:
path: .values.endpoints.postgresql_airflow_db.auth.admin
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.keystone.admin
dest:
path: .values.endpoints.identity.auth.admin
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.shipyard.postgres
dest:
path: .values.endpoints.postgresql_shipyard_db.auth.user
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.airflow.postgres
dest:
path: .values.endpoints.postgresql_airflow_db.auth.user
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.airflow.oslo_messaging.user
dest:
path: .values.endpoints.oslo_messaging.auth.user
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.airflow.oslo_messaging.admin
dest:
path: .values.endpoints.oslo_messaging.auth.admin
# Secrets
- dest:
path: .values.endpoints.identity.auth.admin.password
src:
schema: deckhand/Passphrase/v1
name: ucp_keystone_admin_password
path: .
- dest:
path: .values.endpoints.postgresql_shipyard_db.auth.admin.password
src:
schema: deckhand/Passphrase/v1
name: ucp_postgres_admin_password
path: .
- dest:
path: .values.endpoints.postgresql_airflow_db.auth.admin.password
src:
schema: deckhand/Passphrase/v1
name: ucp_postgres_admin_password
path: .
- dest:
path: .values.endpoints.postgresql_airflow_celery_db.auth.admin.password
src:
schema: deckhand/Passphrase/v1
name: ucp_postgres_admin_password
path: .
- dest:
path: .values.endpoints.identity.auth.shipyard.password
src:
schema: deckhand/Passphrase/v1
name: ucp_shipyard_keystone_password
path: .
- dest:
path: .values.endpoints.postgresql_shipyard_db.auth.user.password
src:
schema: deckhand/Passphrase/v1
name: ucp_shipyard_postgres_password
path: .
- dest:
path: .values.endpoints.postgresql_airflow_db.auth.user.password
src:
schema: deckhand/Passphrase/v1
name: ucp_airflow_postgres_password
path: .
- dest:
path: .values.endpoints.postgresql_airflow_celery_db.auth.user.password
src:
schema: deckhand/Passphrase/v1
name: ucp_airflow_postgres_password
path: .
- src:
schema: deckhand/Passphrase/v1
name: ucp_airflow_oslo_messaging_password
path: .
dest:
path: .values.endpoints.oslo_messaging.auth.user.password
- src:
schema: deckhand/Passphrase/v1
name: ucp_oslo_messaging_password
path: .
dest:
path: .values.endpoints.oslo_messaging.auth.admin.password
data:
chart_name: shipyard
release: ucp-shipyard
namespace: ucp
wait:
timeout: 600
labels:
release_group: airship-ucp-shipyard
test:
enabled: true
options:
cleanup: true
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: airship-ucp-shipyard
values:
endpoints:
postgresql_airflow_db:
name: postgresql
hosts:
default: postgresql
path: /DB_NAME
scheme: postgresql+psycopg2
port:
postgresql:
default: 5432
host_fqdn_override:
default: null
postgresql_shipyard_db:
name: postgresql
hosts:
default: postgresql
path: /DB_NAME
scheme: postgresql+psycopg2
port:
postgresql:
default: 5432
host_fqdn_override:
default: null
prod_environment: true
pod:
replicas:
shipyard:
api: 1
airflow:
web: 1
worker: 1
flower: 1
scheduler: 1
labels:
job:
node_selector_key: ucp-control-plane
node_selector_value: enabled
network:
shipyard:
enable_node_port: true
airflow:
web:
enable_node_port: true
conf:
shipyard:
keystone_authtoken:
memcache_security_strategy: None
dependencies:
- shipyard-htk
...
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: shipyard-htk
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.shipyard-htk
dest:
path: .source
data:
chart_name: shipyard-htk
release: shipyard-htk
namespace: shipyard-htk
values: {}
dependencies: []
...

View File

@ -1,18 +0,0 @@
---
schema: armada/ChartGroup/v1
metadata:
schema: metadata/Document/v1
name: ucp-storage-provisioner
labels:
name: ucp-storage-provisioner
group: ucp
service: k8_storage_provisioning
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
data:
description: Kubernetes Storage Provisioner
sequenced: true
chart_group:
- nfs_provisioner

View File

@ -1,85 +0,0 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: nfs_provisioner
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.nfs_provisioner
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.storage.nfs_provisioner
dest:
path: .values.images.tags
data:
chart_name: nfs-provisioner
release: nfs-provisioner
namespace: kube-system
protected:
continue_processing: false
wait:
timeout: 900
labels:
release_group: airship-nfs-provisioner
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: airship-nfs-provisioner
values:
labels:
nfs:
node_selector_key: ucp-control-plane
node_selector_value: enabled
job:
node_selector_key: ucp-control-plane
node_selector_value: enabled
storage:
hostPath:
path: /var/lib/airship/nfs
persistentVolumeClaim:
size: '30Gi'
storageclass:
name: general
dependencies:
- nfs_htk
...
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: nfs_htk
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.nfs_htk
dest:
path: .source
data:
chart_name: nfs_htk
release: nfs_htk
namespace: nfs_htk
values: {}
dependencies: []
...

View File

@ -1,16 +0,0 @@
---
schema: promenade/Docker/v1
metadata:
schema: metadata/Document/v1
name: docker-global
labels:
promenade: enabled
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
data:
config:
live-restore: true
max-concurrent-downloads: 10
storage-driver: overlay2

Some files were not shown because too many files have changed in this diff Show More