A configuration management service with support for secrets.
Go to file
Kumar, Nishant (nk613n) a2606e75b1 Remove unused code for policy validation as feature not implemented
Policy validation in Deckhand was not implemented completely. Refer link
below:
https://airshipit.readthedocs.io/projects/deckhand/en/latest/users/validation.html#policy-validations

This PS removes some of the code related to the feature which was being
used in a code path when a set of documents are uploaded to Deckhand.
In standard Airship deployments the number of documents could be quite
high and this leads to significant delay (more than 300seconds in some
cases). As there are no plans to implement the policy validation feature,
it makes sense to remove it from code path which could cause delay and
sometimes timeouts while uploading documents.

This has been tested on a Baremetal lab: GF and BF.

Change-Id: I2ff3f40a7fe37bed5a589fab00d829db726604fe
2020-05-14 00:34:42 +00:00
.github Add SECURITY.md 2020-03-02 16:32:42 +00:00
alembic Fix typo 2018-09-09 23:02:08 -04:00
charts/deckhand Add Docker default AppArmor profile to deckhand 2020-02-12 22:09:01 +00:00
deckhand Remove unused code for policy validation as feature not implemented 2020-05-14 00:34:42 +00:00
doc Remove unused code for policy validation as feature not implemented 2020-05-14 00:34:42 +00:00
etc/deckhand Redacts Raw Documents 2018-10-19 23:56:12 -05:00
images/deckhand (fix) Address uwsgi and other gating issues 2020-02-28 21:28:56 +00:00
releasenotes style(pep8): remove identation ignores 2018-06-01 22:08:42 +00:00
tools (fix) Address uwsgi and other gating issues 2020-02-28 21:28:56 +00:00
.coveragerc Add Deckhand coverage job 2017-08-15 16:11:35 -04:00
.dockerignore Collect profile data on DH requests 2018-02-15 13:09:16 -05:00
.gitignore docs: Use sphinx-apidoc library for autodoc compatibility 2018-10-27 22:52:39 +01:00
.gitreview OpenDev Migration Patch 2019-04-19 19:52:20 +00:00
.stestr.conf Switch to stestr 2018-03-28 13:06:46 -04:00
.zuul.yaml Re-enable all Zuul CI tests 2020-03-06 18:07:03 +01:00
alembic.ini [396582] Add alembic support to Deckhand 2018-04-06 23:30:16 -04:00
bindep.txt Embed UML generated diagrams into docs, fix docs build 2019-02-14 13:55:44 +01:00
entrypoint.sh [fix] Drop deckhand.conf from default DECKHAND_CONF_DIR path 2018-04-07 00:20:47 -04:00
HACKING.rst Update url in HACKING.rst 2018-11-15 00:22:41 +08:00
LICENSE Update Apache LICENSE 2018-05-10 22:25:14 +01:00
Makefile Add support for Ubuntu bionic base image 2020-02-06 17:42:33 -06:00
README.rst Merge "docs: Reorganize documentation structure" 2018-10-05 20:49:07 +00:00
requirements.txt (fix) Address uwsgi and other gating issues 2020-02-28 21:28:56 +00:00
REVIEWING.rst docs: Add developer overview documentation 2018-06-20 15:00:46 -04:00
setup.cfg Remove Python 2.x support 2019-10-08 12:41:12 +00:00
setup.py Oslo config integration (#1) 2017-06-26 16:57:50 -07:00
test-requirements.txt Gate fixes: pin amqp, use barbican deploy script 2020-01-22 01:56:05 +00:00
tox.ini Remove Python 2.x support 2019-10-08 12:41:12 +00:00

Deckhand

Docker Repository on Quay Doc Status

Deckhand provides document revision management, storage and mutation functionality upon which the rest of the Airship components rely for orchestration of infrastructure provisioning. Deckhand understands declarative YAML documents that define, end-to-end, the configuration of sites: from the hardware -- encompassing network topology and hardware and host profile information -- up to the software level that comprises the overcloud.

Core Responsibilities

  • layering - helps reduce duplication in configuration by applying the notion of inheritance to documents
  • substitution - provides separation between secret data and other configuration data for security purposes and reduces data duplication by allowing common data to be defined once and substituted elsewhere dynamically
  • revision history - maintains well-defined collections of documents within immutable revisions that are meant to operate together, while providing the ability to rollback to previous revisions
  • validation - allows services to implement and register different kinds of validations and report errors
  • secret management - leverages existing OpenStack APIs -- namely Barbican -- to reliably and securely store sensitive data

Getting Started

For more detailed installation and setup information, please refer to the Getting Started guide.

Integration Points

Deckhand has the following integration points:

Note

Currently, other database back-ends are not supported.

Though, being a low-level service, has many other Airship services that integrate with it, including:

  • Drydock is orchestrated by Shipyard to perform bare metal node provisioning.
  • Promenade is indirectly orchestrated by Shipyard to configure and join Kubernetes nodes.
  • Armada is orchestrated by Shipyard to deploy and test Kubernetes workloads.

Further Reading

Airship.