Sloop type and Airsloop site
Sloop type/site is a minimalistic approach to Airship with reduced requirements towards hardware and external dependencies while keeping all the functional features. Major differences compared to reference site airship-seaworthy - Two bare-metal server setup with 1 control, and 1 compute. Most components are scaled to a single replica and doesn't carry any HA as there is only a single control plane host. - No requirements for DNS/certificates. HTTP and internal cluster DNS is used. - Ceph set to use the single (root) disk. This generally provides minimalistic no-touch ceph deployment. No replication of ceph data (single copy). - Simplified networking (no bonding). Two network interfaces are used by default (flat PXE, and DATA network with VLANs for OAM, Calico, Storage, and OpenStack Overlay) - Generic hostnames used (airsloop-control-1, airsloop-compute-1) that simplifies generation of k8s certificates - Usage of standard Ubuntu 16.04 GA kernel (as oppose to HWE) Change-Id: I4944fcae7d29ed8799d810c93efb0120b6b3a105
This commit is contained in:
parent
f28a3a7849
commit
06ffeec6b1
|
@ -6,6 +6,8 @@ metadata:
|
||||||
layeringDefinition:
|
layeringDefinition:
|
||||||
abstract: false
|
abstract: false
|
||||||
layer: global
|
layer: global
|
||||||
|
labels:
|
||||||
|
name: grafana-global
|
||||||
storagePolicy: cleartext
|
storagePolicy: cleartext
|
||||||
substitutions:
|
substitutions:
|
||||||
# Chart source
|
# Chart source
|
||||||
|
|
|
@ -3,6 +3,8 @@ schema: armada/Chart/v1
|
||||||
metadata:
|
metadata:
|
||||||
schema: metadata/Document/v1
|
schema: metadata/Document/v1
|
||||||
name: osh-infra-ingress-controller
|
name: osh-infra-ingress-controller
|
||||||
|
labels:
|
||||||
|
name: osh-infra-ingress-controller-global
|
||||||
layeringDefinition:
|
layeringDefinition:
|
||||||
abstract: false
|
abstract: false
|
||||||
layer: global
|
layer: global
|
||||||
|
|
|
@ -3,6 +3,8 @@ schema: armada/Chart/v1
|
||||||
metadata:
|
metadata:
|
||||||
schema: metadata/Document/v1
|
schema: metadata/Document/v1
|
||||||
name: osh-infra-mariadb
|
name: osh-infra-mariadb
|
||||||
|
labels:
|
||||||
|
name: osh-infra-mariadb-global
|
||||||
layeringDefinition:
|
layeringDefinition:
|
||||||
abstract: false
|
abstract: false
|
||||||
layer: global
|
layer: global
|
||||||
|
|
|
@ -3,6 +3,8 @@ schema: armada/Chart/v1
|
||||||
metadata:
|
metadata:
|
||||||
schema: metadata/Document/v1
|
schema: metadata/Document/v1
|
||||||
name: prometheus
|
name: prometheus
|
||||||
|
labels:
|
||||||
|
name: prometheus-global
|
||||||
layeringDefinition:
|
layeringDefinition:
|
||||||
abstract: false
|
abstract: false
|
||||||
layer: global
|
layer: global
|
||||||
|
|
|
@ -3,6 +3,8 @@ schema: armada/Chart/v1
|
||||||
metadata:
|
metadata:
|
||||||
schema: metadata/Document/v1
|
schema: metadata/Document/v1
|
||||||
name: tenant-ceph-ingress
|
name: tenant-ceph-ingress
|
||||||
|
labels:
|
||||||
|
name: tenant-ceph-ingress-global
|
||||||
layeringDefinition:
|
layeringDefinition:
|
||||||
abstract: false
|
abstract: false
|
||||||
layer: global
|
layer: global
|
||||||
|
|
|
@ -6,6 +6,8 @@ metadata:
|
||||||
layeringDefinition:
|
layeringDefinition:
|
||||||
abstract: false
|
abstract: false
|
||||||
layer: global
|
layer: global
|
||||||
|
labels:
|
||||||
|
name: ucp-ceph-ingress-global
|
||||||
storagePolicy: cleartext
|
storagePolicy: cleartext
|
||||||
substitutions:
|
substitutions:
|
||||||
# Chart source
|
# Chart source
|
||||||
|
|
|
@ -6,6 +6,8 @@ metadata:
|
||||||
layeringDefinition:
|
layeringDefinition:
|
||||||
abstract: false
|
abstract: false
|
||||||
layer: global
|
layer: global
|
||||||
|
labels:
|
||||||
|
name: cluster-bootstrap-global
|
||||||
storagePolicy: cleartext
|
storagePolicy: cleartext
|
||||||
data:
|
data:
|
||||||
release_prefix: airship
|
release_prefix: airship
|
||||||
|
@ -28,3 +30,4 @@ data:
|
||||||
- ucp-drydock
|
- ucp-drydock
|
||||||
- ucp-promenade
|
- ucp-promenade
|
||||||
- ucp-shipyard
|
- ucp-shipyard
|
||||||
|
...
|
||||||
|
|
|
@ -0,0 +1,32 @@
|
||||||
|
---
|
||||||
|
# This file defines a boot action which is responsible for fetching the node's
|
||||||
|
# promjoin script from the promenade API. This is the script responsible for
|
||||||
|
# installing kubernetes on the node and joining the kubernetes cluster.
|
||||||
|
# #GLOBAL-CANDIDATE#
|
||||||
|
schema: 'drydock/BootAction/v1'
|
||||||
|
metadata:
|
||||||
|
schema: 'metadata/Document/v1'
|
||||||
|
name: promjoin
|
||||||
|
storagePolicy: 'cleartext'
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
labels:
|
||||||
|
application: 'drydock'
|
||||||
|
data:
|
||||||
|
signaling: false
|
||||||
|
# TODO(alanmeadows) move what is global about this document
|
||||||
|
assets:
|
||||||
|
- path: /opt/promjoin.sh
|
||||||
|
type: file
|
||||||
|
permissions: '555'
|
||||||
|
# The ip= parameter must match the MaaS network name of the network used
|
||||||
|
# to contact kubernetes. With a standard, reference Airship deployment where
|
||||||
|
# L2 networks are shared between all racks, the network name (i.e. calico)
|
||||||
|
# should be correct.
|
||||||
|
location: promenade+http://promenade-api.ucp.svc.cluster.local/api/v1.0/join-scripts?design_ref={{ action.design_ref | urlencode }}&hostname={{ node.hostname }}&ip={{ node.network.calico.ip }}{% for k, v in node.labels.items() %}&labels.dynamic={{ k }}={{ v }}{% endfor %}
|
||||||
|
location_pipeline:
|
||||||
|
- template
|
||||||
|
data_pipeline:
|
||||||
|
- utf8_decode
|
||||||
|
...
|
|
@ -0,0 +1,65 @@
|
||||||
|
---
|
||||||
|
# Drydock BaremetalNode resources for a specific rack are stored in this file.
|
||||||
|
#
|
||||||
|
# NOTE: For new sites, you should complete the networks/physical/networks.yaml
|
||||||
|
# file before working on this file.
|
||||||
|
#
|
||||||
|
# In this file, you should make the number of `drydock/BaremetalNode/v1`
|
||||||
|
# resources equal the number of bare metal nodes you have, either by deleting
|
||||||
|
# excess BaremetalNode definitions (if there are too many), or by copying and
|
||||||
|
# pasting the last BaremetalNode in the file until you have the correct number
|
||||||
|
# of baremetal nodes (if there are too few).
|
||||||
|
#
|
||||||
|
# Then in each file, address all additional NEWSITE-CHANGEME markers to update
|
||||||
|
# the data in these files with the right values for your new site.
|
||||||
|
#
|
||||||
|
# *NOTE: The Genesis node is counted as one of the control plane nodes. Note
|
||||||
|
# that the Genesis node does not appear on this bare metal list, because the
|
||||||
|
# procedure to reprovision the Genesis host with MaaS has not yet been
|
||||||
|
# implemented. Therefore there will be only three bare metal nodes in this file
|
||||||
|
# with the 'masters' tag, as the genesis roles are assigned in a difference
|
||||||
|
# place (profiles/genesis.yaml).
|
||||||
|
# NOTE: The host profiles for the control plane are further divided into two
|
||||||
|
# variants: primary and secondary. The only significance this has is that the
|
||||||
|
# "primary" nodes are active Ceph nodes, whereas the "secondary" nodes are Ceph
|
||||||
|
# standby nodes. For Ceph quorum, this means that the control plane split will
|
||||||
|
# be 3 primary + 1 standby host profile, and the Genesis node counts toward one
|
||||||
|
# of the 3 primary profiles. Other control plane services are not affected by
|
||||||
|
# primary vs secondary designation.
|
||||||
|
#
|
||||||
|
# TODO: Include the hostname naming convention
|
||||||
|
#
|
||||||
|
schema: 'drydock/BaremetalNode/v1'
|
||||||
|
metadata:
|
||||||
|
schema: 'metadata/Document/v1'
|
||||||
|
# NEWSITE-CHANGEME: The next node's hostname
|
||||||
|
name: airsloop-compute-1
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data:
|
||||||
|
# NEWSITE-CHANGEME: The next node's IPv4 addressing
|
||||||
|
addressing:
|
||||||
|
- network: oob
|
||||||
|
address: 10.22.104.22
|
||||||
|
- network: pxe
|
||||||
|
address: 10.22.70.22
|
||||||
|
- network: oam
|
||||||
|
address: 10.22.71.22
|
||||||
|
- network: calico
|
||||||
|
address: 10.22.72.22
|
||||||
|
- network: storage
|
||||||
|
address: 10.22.73.22
|
||||||
|
- network: overlay
|
||||||
|
address: 10.22.74.22
|
||||||
|
# NEWSITE-CHANGEME: The next node's host profile
|
||||||
|
# This is the third "primary" control plane profile after genesis
|
||||||
|
host_profile: compute_r720xd
|
||||||
|
metadata:
|
||||||
|
# NEWSITE-CHANGEME: The next node's rack designation
|
||||||
|
rack: cab22
|
||||||
|
# NEWSITE-CHANGEME: The next node's role desigatnion
|
||||||
|
tags:
|
||||||
|
- 'workers'
|
||||||
|
...
|
|
@ -0,0 +1,41 @@
|
||||||
|
---
|
||||||
|
# The purpose of this file is to provide shipyard related deployment config
|
||||||
|
# parameters. This should not require modification for a new site. However,
|
||||||
|
# shipyard deployment strategies can be very useful in getting around certain
|
||||||
|
# failures, like misbehaving nodes that hold up the deployment. See more at
|
||||||
|
# https://github.com/openstack/airship-shipyard/blob/master/docs/source/site-definition-documents.rst#using-a-deployment-strategy
|
||||||
|
schema: shipyard/DeploymentConfiguration/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: deployment-configuration
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data:
|
||||||
|
physical_provisioner:
|
||||||
|
deployment_strategy: deployment-strategy
|
||||||
|
deploy_interval: 30
|
||||||
|
deploy_timeout: 3600
|
||||||
|
destroy_interval: 30
|
||||||
|
destroy_timeout: 900
|
||||||
|
join_wait: 0
|
||||||
|
prepare_node_interval: 30
|
||||||
|
prepare_node_timeout: 1800
|
||||||
|
prepare_site_interval: 10
|
||||||
|
prepare_site_timeout: 300
|
||||||
|
verify_interval: 10
|
||||||
|
verify_timeout: 60
|
||||||
|
kubernetes_provisioner:
|
||||||
|
drain_timeout: 3600
|
||||||
|
drain_grace_period: 1800
|
||||||
|
clear_labels_timeout: 1800
|
||||||
|
remove_etcd_timeout: 1800
|
||||||
|
etcd_ready_timeout: 600
|
||||||
|
armada:
|
||||||
|
get_releases_timeout: 300
|
||||||
|
get_status_timeout: 300
|
||||||
|
manifest: 'full-site'
|
||||||
|
post_apply_timeout: 7200
|
||||||
|
validate_design_timeout: 600
|
||||||
|
...
|
|
@ -0,0 +1,154 @@
|
||||||
|
---
|
||||||
|
# The purpose of this file is to define network related paramters that are
|
||||||
|
# referenced elsewhere in the manifests for this site.
|
||||||
|
#
|
||||||
|
# TODO: Include bare metal host FQDN naming standards
|
||||||
|
# TODO: Include ingress FQDN naming standards
|
||||||
|
schema: pegleg/CommonAddresses/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: common-addresses
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data:
|
||||||
|
calico:
|
||||||
|
# NEWSITE-CHANGEME: The interface that calico will use. Update if your
|
||||||
|
# logical bond interface name or calico VLAN have changed from the reference
|
||||||
|
# site design.
|
||||||
|
# This should be whichever
|
||||||
|
# bond and VLAN number specified in networks/physical/networks.yaml for the Calico
|
||||||
|
# network. E.g. VLAN 22 for the calico network as a member of bond0, you
|
||||||
|
# would set "interface=bond0.22" as shown here.
|
||||||
|
ip_autodetection_method: interface=enp67s0f0.72
|
||||||
|
etcd:
|
||||||
|
# etcd service IP address
|
||||||
|
service_ip: 10.96.232.136
|
||||||
|
|
||||||
|
dns:
|
||||||
|
# Kubernetes cluster domain. Do not change. This is internal to the cluster.
|
||||||
|
cluster_domain: cluster.local
|
||||||
|
# DNS service ip
|
||||||
|
service_ip: 10.96.0.10
|
||||||
|
# List of upstream DNS forwards. Verify you can reach them from your
|
||||||
|
# environment. If so, you should not need to change them.
|
||||||
|
upstream_servers:
|
||||||
|
- 8.8.8.8
|
||||||
|
- 8.8.4.4
|
||||||
|
- 208.67.222.222
|
||||||
|
# Repeat the same values as above, but formatted as a common separated
|
||||||
|
# string
|
||||||
|
upstream_servers_joined: 8.8.8.8,8.8.4.4,208.67.222.222
|
||||||
|
# NEWSITE-CHANGEME: FQDN for ingress (i.e. "publicly facing" access point)
|
||||||
|
# Choose FQDN according to the ingress/public FQDN naming conventions at
|
||||||
|
# the top of this document.
|
||||||
|
ingress_domain: atlantafoundry.com
|
||||||
|
|
||||||
|
genesis:
|
||||||
|
# NEWSITE-CHANGEME: Update with the hostname for the node which will take on
|
||||||
|
# the Genesis role. Refer to the hostname naming stardards in
|
||||||
|
# networks/physical/networks.yaml
|
||||||
|
# NOTE: Ensure that the genesis node is manually configured with this
|
||||||
|
# hostname before running `genesis.sh` on the node.
|
||||||
|
hostname: airsloop-control-1
|
||||||
|
# NEWSITE-CHANGEME: Calico IP of the Genesis node. Use the "start" value for
|
||||||
|
# the calico network defined in networks/physical/networks.yaml for this IP.
|
||||||
|
ip: 10.22.72.21
|
||||||
|
|
||||||
|
bootstrap:
|
||||||
|
# NEWSITE-CHANGEME: Update with the "start" value/IP of the static range
|
||||||
|
# defined for the pxe network in networks/physical/networks.yaml
|
||||||
|
ip: 10.22.70.21
|
||||||
|
|
||||||
|
kubernetes:
|
||||||
|
# K8s API service IP
|
||||||
|
api_service_ip: 10.96.0.1
|
||||||
|
# etcd service IP
|
||||||
|
etcd_service_ip: 10.96.0.2
|
||||||
|
# k8s pod CIDR (network which pod traffic will traverse)
|
||||||
|
pod_cidr: 10.97.0.0/16
|
||||||
|
# k8s service CIDR (network which k8s API traffic will traverse)
|
||||||
|
service_cidr: 10.96.0.0/16
|
||||||
|
# misc k8s port settings
|
||||||
|
apiserver_port: 6443
|
||||||
|
haproxy_port: 6553
|
||||||
|
service_node_port_range: 30000-32767
|
||||||
|
|
||||||
|
# etcd port settings
|
||||||
|
etcd:
|
||||||
|
container_port: 2379
|
||||||
|
haproxy_port: 2378
|
||||||
|
|
||||||
|
# NEWSITE-CHANGEME: A list of nodes (apart from Genesis) which act as the
|
||||||
|
# control plane servers. Ensure that this matches the nodes with the 'masters'
|
||||||
|
# tags applied in baremetal/nodes.yaml
|
||||||
|
masters:
|
||||||
|
- hostname: airsloop-control-2
|
||||||
|
- hostname: airsloop-control-3
|
||||||
|
|
||||||
|
# NEWSITE-CHANGEME: Environment proxy information.
|
||||||
|
# NOTE: Reference Airship sites do not deploy behind a proxy, so this proxy section
|
||||||
|
# should be commented out.
|
||||||
|
# However if you are in a lab that requires proxy, ensure that these proxy
|
||||||
|
# settings are correct and reachable in your environment; otherwise update
|
||||||
|
# them with the correct values for your environment.
|
||||||
|
proxy:
|
||||||
|
http: ""
|
||||||
|
https: ""
|
||||||
|
no_proxy: []
|
||||||
|
|
||||||
|
node_ports:
|
||||||
|
drydock_api: 30000
|
||||||
|
maas_api: 30001
|
||||||
|
maas_proxy: 31800 # hardcoded in MAAS
|
||||||
|
|
||||||
|
ntp:
|
||||||
|
# comma separated NTP server list. Verify that these upstream NTP servers are
|
||||||
|
# reachable in your environment; otherwise update them with the correct
|
||||||
|
# values for your environment.
|
||||||
|
servers_joined: '0.ubuntu.pool.ntp.org,1.ubuntu.pool.ntp.org,2.ubuntu.pool.ntp.org,4.ubuntu.pool.ntp.org'
|
||||||
|
|
||||||
|
# NOTE: This will be updated soon
|
||||||
|
ldap:
|
||||||
|
# NEWSITE-CHANGEME: FQDN for LDAP. Update to the FQDN that is
|
||||||
|
# relevant for your type of deployment (test vs prod values, etc).
|
||||||
|
base_url: 'ldap.example.com'
|
||||||
|
# NEWSITE-CHANGEME: As above, with the protocol included to create a full URI
|
||||||
|
url: 'ldap://ldap.example.com'
|
||||||
|
# NEWSITE-CHANGEME: Update to the correct expression relevant for this
|
||||||
|
# deployment (test vs prod values, etc)
|
||||||
|
auth_path: DC=test,DC=test,DC=com?sAMAccountName?sub?memberof=CN=test,OU=Application,OU=Groups,DC=test,DC=test,DC=com
|
||||||
|
# NEWSITE-CHANGEME: Update to the correct AD group that contains the users
|
||||||
|
# relevant for this deployment (test users vs prod users/values, etc)
|
||||||
|
common_name: test
|
||||||
|
# NEWSITE-CHANGEME: Update to the correct subdomain for your type of
|
||||||
|
# deployment (test vs prod values, etc)
|
||||||
|
subdomain: test
|
||||||
|
# NEWSITE-CHANGEME: Update to the correct domain for your type of
|
||||||
|
# deployment (test vs prod values, etc)
|
||||||
|
domain: example
|
||||||
|
|
||||||
|
storage:
|
||||||
|
ceph:
|
||||||
|
# NEWSITE-CHANGEME: CIDRs for Ceph. Update to match the network CIDR
|
||||||
|
# used for the `storage` network in networks/physical/networks.yaml
|
||||||
|
public_cidr: '10.22.73.0/24'
|
||||||
|
cluster_cidr: '10.22.73.0/24'
|
||||||
|
|
||||||
|
neutron:
|
||||||
|
# NEWSITE-CHANGEME: Overlay network for VM traffic. Ensure the bond name and
|
||||||
|
# VLAN number are consistent with what's defined for the bond and the overlay
|
||||||
|
# network in networks/physical/networks.yaml
|
||||||
|
tunnel_device: 'enp67s0f0.74'
|
||||||
|
# bond which the overlay is a member of. Ensure the bond name is consistent
|
||||||
|
# with the bond assigned to the overlay network in
|
||||||
|
# networks/physical/networks.yaml
|
||||||
|
external_iface: 'enp67s0f0'
|
||||||
|
|
||||||
|
openvswitch:
|
||||||
|
# bond which the overlay is a member of. Ensure the bond name is consistent
|
||||||
|
# with the bond assigned to the overlay network in
|
||||||
|
# networks/physical/networks.yaml
|
||||||
|
external_iface: 'enp67s0f0'
|
||||||
|
...
|
|
@ -0,0 +1,290 @@
|
||||||
|
---
|
||||||
|
# The purpose of this file is to define all of the NetworkLinks (i.e. layer 1
|
||||||
|
# devices) and Networks (i.e. layer 3 configurations). The following is standard
|
||||||
|
# for the logical networks in Airship:
|
||||||
|
#
|
||||||
|
# +----------+-----------------------------------+----------------+--------------+----------------------------------------------------+-----------------+
|
||||||
|
# | Network | | Per-rack or | | | VLAN tagged |
|
||||||
|
# | Name | Purpose | per-site CIDR? | Has gateway? | Bond | or untagged? |
|
||||||
|
# +----------+-----------------------------------+----------------+--------------+----------------------------------------------------+-----------------+
|
||||||
|
# | oob | Out of Band devices (iDrac/iLo) | per-site CIDR | Has gateway | No bond, N/A | Untagged/Native |
|
||||||
|
# | pxe | PXE boot network | per-site CIDR | No gateway | No bond, no LACP fallback. Dedicated PXE interface | Untagged/Native |
|
||||||
|
# | oam | management network | per-site CIDR | Has gateway | member of bond0 | tagged |
|
||||||
|
# | storage | storage network | per-site CIDR | No gateway | member of bond0 | tagged |
|
||||||
|
# | calico | underlay calico net; k8s traffic | per-site CIDR | No gateway | member of bond0 | tagged |
|
||||||
|
# | overlay | overlay network for openstack SDN | per-site CIDR | No gateway | member of bond0 | tagged |
|
||||||
|
# +----------+-----------------------------------+----------------+--------------+----------------------------------------------------+-----------------+
|
||||||
|
#
|
||||||
|
# For standard Airship deployments, you should not need to modify the number of
|
||||||
|
# NetworkLinks and Networks in this file. Only the IP addresses and CIDRs should
|
||||||
|
# need editing.
|
||||||
|
#
|
||||||
|
# TODO: Given that we expect all network broadcast domains to span all racks in
|
||||||
|
# Airship, we should choose network names that do not include the rack number.
|
||||||
|
#
|
||||||
|
# TODO: FQDN naming standards for hosts
|
||||||
|
#
|
||||||
|
schema: 'drydock/NetworkLink/v1'
|
||||||
|
metadata:
|
||||||
|
schema: 'metadata/Document/v1'
|
||||||
|
name: oob
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data:
|
||||||
|
# MaaS doesnt own this network like it does the others, so the noconfig label
|
||||||
|
# is specified.
|
||||||
|
labels:
|
||||||
|
noconfig: enabled
|
||||||
|
bonding:
|
||||||
|
mode: disabled
|
||||||
|
mtu: 1500
|
||||||
|
linkspeed: auto
|
||||||
|
trunking:
|
||||||
|
mode: disabled
|
||||||
|
default_network: oob
|
||||||
|
allowed_networks:
|
||||||
|
- oob
|
||||||
|
...
|
||||||
|
---
|
||||||
|
schema: 'drydock/Network/v1'
|
||||||
|
metadata:
|
||||||
|
schema: 'metadata/Document/v1'
|
||||||
|
name: oob
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data:
|
||||||
|
# NEWSITE-CHANGEME: Update with the site's out-of-band CIDR
|
||||||
|
cidr: 10.22.104.0/24
|
||||||
|
routes:
|
||||||
|
# NEWSITE-CHANGEME: Update with the site's out-of-band gateway IP
|
||||||
|
- subnet: '0.0.0.0/0'
|
||||||
|
gateway: 10.22.104.1
|
||||||
|
metric: 100
|
||||||
|
# NEWSITE-CHANGEME: Update with the site's out-of-band IP allocation range
|
||||||
|
# FIXME: Is this IP range actually used/allocated for anything? The HW already
|
||||||
|
# has its OOB IPs assigned. None of the Ubuntu OS's should need IPs on OOB
|
||||||
|
# network either, as they should be routable via the default gw on OAM network
|
||||||
|
ranges:
|
||||||
|
- type: static
|
||||||
|
start: 10.22.104.21
|
||||||
|
end: 10.22.104.22
|
||||||
|
...
|
||||||
|
---
|
||||||
|
schema: 'drydock/NetworkLink/v1'
|
||||||
|
metadata:
|
||||||
|
schema: 'metadata/Document/v1'
|
||||||
|
name: pxe
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data:
|
||||||
|
bonding:
|
||||||
|
mode: disabled
|
||||||
|
mtu: 1500
|
||||||
|
linkspeed: auto
|
||||||
|
trunking:
|
||||||
|
mode: disabled
|
||||||
|
default_network: pxe
|
||||||
|
allowed_networks:
|
||||||
|
- pxe
|
||||||
|
...
|
||||||
|
---
|
||||||
|
schema: 'drydock/Network/v1'
|
||||||
|
metadata:
|
||||||
|
schema: 'metadata/Document/v1'
|
||||||
|
name: pxe
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data:
|
||||||
|
# NEWSITE-CHANGEME: Update with the site's PXE network CIDR
|
||||||
|
# NOTE: The CIDR minimum size = (number of nodes * 2) + 10
|
||||||
|
cidr: 10.22.70.0/24
|
||||||
|
routes:
|
||||||
|
- subnet: 0.0.0.0/0
|
||||||
|
# NEWSITE-CHANGEME: Set the OAM network gateway IP address
|
||||||
|
gateway: 10.22.70.1
|
||||||
|
metric: 100
|
||||||
|
# NOTE: The first 10 IPs in the subnet are reserved for network infrastructure.
|
||||||
|
# The remainder of the range is divided between two subnets of equal size:
|
||||||
|
# one static, and one DHCP.
|
||||||
|
# The DHCP addresses are used when nodes perform a PXE boot (DHCP address gets
|
||||||
|
# assigned), and when a node is commissioning in MaaS (also uses DHCP to get
|
||||||
|
# its IP address). However, when MaaS installs the operating system
|
||||||
|
# ("Deploying/Deployed" states), it will write a static IP assignment to
|
||||||
|
# /etc/network/interfaces[.d] with IPs from the "static" subnet defined here.
|
||||||
|
ranges:
|
||||||
|
# NEWSITE-CHANGEME: Update to the first 10 IPs in the CIDR
|
||||||
|
- type: reserved
|
||||||
|
start: 10.22.70.1
|
||||||
|
end: 10.22.70.10
|
||||||
|
# NEWSITE-CHANGEME: Update to the first half of the remaining range after
|
||||||
|
# excluding the 10 reserved IPs.
|
||||||
|
- type: static
|
||||||
|
start: 10.22.70.21
|
||||||
|
end: 10.22.70.31
|
||||||
|
# NEWSITE-CHANGEME: Update to the second half of the remaining range after
|
||||||
|
# excluding the 10 reserved IPs.
|
||||||
|
- type: dhcp
|
||||||
|
start: 10.22.70.40
|
||||||
|
end: 10.22.70.80
|
||||||
|
dns:
|
||||||
|
# NEWSITE-CHANGEME: FQDN for bare metal nodes.
|
||||||
|
# Choose FQDN according to the node FQDN naming conventions at the top of
|
||||||
|
# this document.
|
||||||
|
domain: atlantafoundry.com
|
||||||
|
# List of upstream DNS forwards. Verify you can reach them from your
|
||||||
|
# environment. If so, you should not need to change them.
|
||||||
|
# TODO: This should be populated via substitution from common-addresses
|
||||||
|
servers: '8.8.8.8,8.8.4.4,208.67.222.222'
|
||||||
|
...
|
||||||
|
---
|
||||||
|
schema: 'drydock/NetworkLink/v1'
|
||||||
|
metadata:
|
||||||
|
schema: 'metadata/Document/v1'
|
||||||
|
name: data
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data:
|
||||||
|
bonding:
|
||||||
|
mode: disabled
|
||||||
|
mtu: 1500
|
||||||
|
linkspeed: auto
|
||||||
|
trunking:
|
||||||
|
mode: 802.1q
|
||||||
|
allowed_networks:
|
||||||
|
- oam
|
||||||
|
- storage
|
||||||
|
- overlay
|
||||||
|
- calico
|
||||||
|
...
|
||||||
|
---
|
||||||
|
schema: 'drydock/Network/v1'
|
||||||
|
metadata:
|
||||||
|
schema: 'metadata/Document/v1'
|
||||||
|
name: oam
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data:
|
||||||
|
# NEWSITE-CHANGEME: Set the VLAN ID which the OAM network is on
|
||||||
|
vlan: '71'
|
||||||
|
mtu: 1500
|
||||||
|
# NEWSITE-CHANGEME: Set the CIDR for the OAM network
|
||||||
|
# NOTE: The CIDR minimum size = number of nodes + 10
|
||||||
|
cidr: 10.22.71.0/24
|
||||||
|
routes:
|
||||||
|
- subnet: 0.0.0.0/0
|
||||||
|
# NEWSITE-CHANGEME: Set the OAM network gateway IP address
|
||||||
|
gateway: 10.22.71.1
|
||||||
|
metric: 100
|
||||||
|
ranges:
|
||||||
|
# NEWSITE-CHANGEME: Update to the first 10 IPs in the CIDR
|
||||||
|
- type: reserved
|
||||||
|
start: 10.22.71.1
|
||||||
|
end: 10.22.71.10
|
||||||
|
# NEWSITE-CHANGEME: Update to the remaining range after excluding the 10
|
||||||
|
# 10 reserved IPs.
|
||||||
|
- type: static
|
||||||
|
start: 10.22.71.21
|
||||||
|
end: 10.22.71.31
|
||||||
|
dns:
|
||||||
|
# NEWSITE-CHANGEME: FQDN for bare metal nodes.
|
||||||
|
# Choose FQDN according to the node FQDN naming conventions at the top of
|
||||||
|
# this document.
|
||||||
|
domain: atlantafoundry.com
|
||||||
|
# List of upstream DNS forwards. Verify you can reach them from your
|
||||||
|
# environment. If so, you should not need to change them.
|
||||||
|
# TODO: This should be populated via substitution from common-addresses
|
||||||
|
servers: '8.8.8.8,8.8.4.4'
|
||||||
|
...
|
||||||
|
---
|
||||||
|
schema: 'drydock/Network/v1'
|
||||||
|
metadata:
|
||||||
|
schema: 'metadata/Document/v1'
|
||||||
|
name: calico
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data:
|
||||||
|
# NEWSITE-CHANGEME: Set the VLAN ID which the calico network is on
|
||||||
|
vlan: '72'
|
||||||
|
mtu: 1500
|
||||||
|
# NEWSITE-CHANGEME: Set the CIDR for the calico network
|
||||||
|
# NOTE: The CIDR minimum size = number of nodes + 10
|
||||||
|
cidr: 10.22.72.0/24
|
||||||
|
ranges:
|
||||||
|
# NEWSITE-CHANGEME: Update to the first 10 IPs in the CIDR
|
||||||
|
- type: reserved
|
||||||
|
start: 10.22.72.1
|
||||||
|
end: 10.22.72.10
|
||||||
|
# NEWSITE-CHANGEME: Update to the remaining range after excluding the 10
|
||||||
|
# 10 reserved IPs.
|
||||||
|
- type: static
|
||||||
|
start: 10.22.72.21
|
||||||
|
end: 10.22.72.31
|
||||||
|
...
|
||||||
|
---
|
||||||
|
schema: 'drydock/Network/v1'
|
||||||
|
metadata:
|
||||||
|
schema: 'metadata/Document/v1'
|
||||||
|
name: storage
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data:
|
||||||
|
# NEWSITE-CHANGEME: Set the VLAN ID which the storage network is on
|
||||||
|
vlan: '73'
|
||||||
|
mtu: 1500
|
||||||
|
# NEWSITE-CHANGEME: Set the CIDR for the storage network
|
||||||
|
# NOTE: The CIDR minimum size = number of nodes + 10
|
||||||
|
cidr: 10.22.73.0/24
|
||||||
|
ranges:
|
||||||
|
# NEWSITE-CHANGEME: Update to the first 10 IPs in the CIDR
|
||||||
|
- type: reserved
|
||||||
|
start: 10.22.73.1
|
||||||
|
end: 10.22.73.10
|
||||||
|
# NEWSITE-CHANGEME: Update to the remaining range after excluding the 10
|
||||||
|
# 10 reserved IPs.
|
||||||
|
- type: static
|
||||||
|
start: 10.22.73.21
|
||||||
|
end: 10.22.73.31
|
||||||
|
...
|
||||||
|
---
|
||||||
|
schema: 'drydock/Network/v1'
|
||||||
|
metadata:
|
||||||
|
schema: 'metadata/Document/v1'
|
||||||
|
name: overlay
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data:
|
||||||
|
# NEWSITE-CHANGEME: Set the VLAN ID which the overlay network is on
|
||||||
|
vlan: '74'
|
||||||
|
mtu: 1500
|
||||||
|
# NEWSITE-CHANGEME: Set the CIDR for the overlay network
|
||||||
|
# NOTE: The CIDR minimum size = number of nodes + 10
|
||||||
|
cidr: 10.22.74.0/24
|
||||||
|
ranges:
|
||||||
|
# NEWSITE-CHANGEME: Update to the first 10 IPs in the CIDR
|
||||||
|
- type: reserved
|
||||||
|
start: 10.22.74.1
|
||||||
|
end: 10.22.74.10
|
||||||
|
# NEWSITE-CHANGEME: Update to the remaining range after excluding the 10
|
||||||
|
# 10 reserved IPs.
|
||||||
|
- type: static
|
||||||
|
start: 10.22.74.21
|
||||||
|
end: 10.22.74.31
|
||||||
|
...
|
|
@ -0,0 +1,285 @@
|
||||||
|
---
|
||||||
|
# The purpose of this file is to define the PKI certificates for the environment
|
||||||
|
#
|
||||||
|
# NOTE: When deploying a new site, this file should not be configured until
|
||||||
|
# baremetal/nodes.yaml is complete.
|
||||||
|
#
|
||||||
|
schema: promenade/PKICatalog/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: cluster-certificates
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data:
|
||||||
|
certificate_authorities:
|
||||||
|
kubernetes:
|
||||||
|
description: CA for Kubernetes components
|
||||||
|
certificates:
|
||||||
|
- document_name: apiserver
|
||||||
|
description: Service certificate for Kubernetes apiserver
|
||||||
|
common_name: apiserver
|
||||||
|
hosts:
|
||||||
|
- localhost
|
||||||
|
- 127.0.0.1
|
||||||
|
# FIXME: Repetition of api_service_ip in common-addresses; use
|
||||||
|
# substitution
|
||||||
|
- 10.96.0.1
|
||||||
|
kubernetes_service_names:
|
||||||
|
- kubernetes.default.svc.cluster.local
|
||||||
|
|
||||||
|
# NEWSITE-CHANGEME: The following should be a list of all the nodes in
|
||||||
|
# the environment (genesis, control plane, data plane, everything).
|
||||||
|
# Add/delete from this list as necessary until all nodes are listed.
|
||||||
|
# For each node, the `hosts` list should be comprised of:
|
||||||
|
# 1. The node's hostname, as already defined in baremetal/nodes.yaml
|
||||||
|
# 2. The node's oam IP address, as already defined in baremetal/nodes.yaml
|
||||||
|
# 3. The node's Calico IP address, as already defined in baremetal/nodes.yaml
|
||||||
|
# NOTE: This list also needs to include the Genesis node, which is not
|
||||||
|
# listed in baremetal/nodes.yaml, but by convention should be allocated
|
||||||
|
# the first non-reserved IP in each logical network allocation range
|
||||||
|
# defined in networks/physical/networks.yaml
|
||||||
|
# NOTE: The genesis node needs to be defined twice (the first two entries
|
||||||
|
# on this list) with all of the same paramters except the document_name.
|
||||||
|
# In the first case the document_name is `kubelet-genesis`, and in the
|
||||||
|
# second case the document_name format is `kubelete-YOUR_GENESIS_HOSTNAME`.
|
||||||
|
- document_name: kubelet-genesis
|
||||||
|
common_name: system:node:airsloop-control-1
|
||||||
|
hosts:
|
||||||
|
- airsloop-control-1
|
||||||
|
- 10.22.72.21
|
||||||
|
groups:
|
||||||
|
- system:nodes
|
||||||
|
- document_name: kubelet-airsloop-control-1
|
||||||
|
common_name: system:node:airsloop-control-1
|
||||||
|
hosts:
|
||||||
|
- airsloop-control-1
|
||||||
|
- 10.22.72.21
|
||||||
|
groups:
|
||||||
|
- system:nodes
|
||||||
|
- document_name: kubelet-airsloop-control-2
|
||||||
|
common_name: system:node:airsloop-control-2
|
||||||
|
hosts:
|
||||||
|
- airsloop-control-2
|
||||||
|
- 10.23.22.12
|
||||||
|
groups:
|
||||||
|
- system:nodes
|
||||||
|
- document_name: kubelet-airsloop-control-3
|
||||||
|
common_name: system:node:airsloop-control-3
|
||||||
|
hosts:
|
||||||
|
- airsloop-control-3
|
||||||
|
- 10.23.22.13
|
||||||
|
groups:
|
||||||
|
- system:nodes
|
||||||
|
- document_name: kubelet-airsloop-compute-1
|
||||||
|
common_name: system:node:airsloop-compute-1
|
||||||
|
hosts:
|
||||||
|
- airsloop-compute-1
|
||||||
|
- 10.23.22.14
|
||||||
|
groups:
|
||||||
|
- system:nodes
|
||||||
|
# End node list
|
||||||
|
- document_name: scheduler
|
||||||
|
description: Service certificate for Kubernetes scheduler
|
||||||
|
common_name: system:kube-scheduler
|
||||||
|
- document_name: controller-manager
|
||||||
|
description: certificate for controller-manager
|
||||||
|
common_name: system:kube-controller-manager
|
||||||
|
- document_name: admin
|
||||||
|
common_name: admin
|
||||||
|
groups:
|
||||||
|
- system:masters
|
||||||
|
- document_name: armada
|
||||||
|
common_name: armada
|
||||||
|
groups:
|
||||||
|
- system:masters
|
||||||
|
kubernetes-etcd:
|
||||||
|
description: Certificates for Kubernetes's etcd servers
|
||||||
|
certificates:
|
||||||
|
- document_name: apiserver-etcd
|
||||||
|
description: etcd client certificate for use by Kubernetes apiserver
|
||||||
|
common_name: apiserver
|
||||||
|
# NOTE(mark-burnett): hosts not required for client certificates
|
||||||
|
- document_name: kubernetes-etcd-anchor
|
||||||
|
description: anchor
|
||||||
|
common_name: anchor
|
||||||
|
# NEWSITE-CHANGEME: The following should be a list of the control plane
|
||||||
|
# nodes in the environment, including genesis.
|
||||||
|
# For each node, the `hosts` list should be comprised of:
|
||||||
|
# 1. The node's hostname, as already defined in baremetal/nodes.yaml
|
||||||
|
# 2. The node's oam IP address, as already defined in baremetal/nodes.yaml
|
||||||
|
# 3. The node's Calico IP address, as already defined in baremetal/nodes.yaml
|
||||||
|
# 4. 127.0.0.1
|
||||||
|
# 5. localhost
|
||||||
|
# 6. kubernetes-etcd.kube-system.svc.cluster.local
|
||||||
|
# NOTE: This list also needs to include the Genesis node, which is not
|
||||||
|
# listed in baremetal/nodes.yaml, but by convention should be allocated
|
||||||
|
# the first non-reserved IP in each logical network allocation range
|
||||||
|
# defined in networks/physical/networks.yaml, except for the kubernetes
|
||||||
|
# service_cidr where it should start with the second IP in the range.
|
||||||
|
# NOTE: The genesis node is defined twice with the same `hosts` data:
|
||||||
|
# Once with its hostname in the common/document name, and once with
|
||||||
|
# `genesis` defined instead of the host. For now, this duplicated
|
||||||
|
# genesis definition is required. FIXME: Remove duplicate definition
|
||||||
|
# after Promenade addresses this issue.
|
||||||
|
- document_name: kubernetes-etcd-genesis
|
||||||
|
common_name: kubernetes-etcd-genesis
|
||||||
|
hosts:
|
||||||
|
- airsloop-control-1
|
||||||
|
- 10.22.72.21
|
||||||
|
- 127.0.0.1
|
||||||
|
- localhost
|
||||||
|
- kubernetes-etcd.kube-system.svc.cluster.local
|
||||||
|
- 10.96.0.2
|
||||||
|
- document_name: kubernetes-etcd-airsloop-control-1
|
||||||
|
common_name: kubernetes-etcd-airsloop-control-1
|
||||||
|
hosts:
|
||||||
|
- airsloop-control-1
|
||||||
|
- 10.22.72.21
|
||||||
|
- 127.0.0.1
|
||||||
|
- localhost
|
||||||
|
- kubernetes-etcd.kube-system.svc.cluster.local
|
||||||
|
- 10.96.0.2
|
||||||
|
- document_name: kubernetes-etcd-airsloop-control-2
|
||||||
|
common_name: kubernetes-etcd-airsloop-control-2
|
||||||
|
hosts:
|
||||||
|
- airsloop-control-2
|
||||||
|
- 10.23.22.12
|
||||||
|
- 127.0.0.1
|
||||||
|
- localhost
|
||||||
|
- kubernetes-etcd.kube-system.svc.cluster.local
|
||||||
|
- 10.96.0.2
|
||||||
|
- document_name: kubernetes-etcd-airsloop-control-3
|
||||||
|
common_name: kubernetes-etcd-airsloop-control-3
|
||||||
|
hosts:
|
||||||
|
- airsloop-control-3
|
||||||
|
- 10.23.22.13
|
||||||
|
- 127.0.0.1
|
||||||
|
- localhost
|
||||||
|
- kubernetes-etcd.kube-system.svc.cluster.local
|
||||||
|
- 10.96.0.2
|
||||||
|
# End node list
|
||||||
|
kubernetes-etcd-peer:
|
||||||
|
certificates:
|
||||||
|
# NEWSITE-CHANGEME: This list should be identical to the previous list,
|
||||||
|
# except that `-peer` has been appended to the document/common names.
|
||||||
|
- document_name: kubernetes-etcd-genesis-peer
|
||||||
|
common_name: kubernetes-etcd-genesis-peer
|
||||||
|
hosts:
|
||||||
|
- airsloop-control-1
|
||||||
|
- 10.22.72.21
|
||||||
|
- 127.0.0.1
|
||||||
|
- localhost
|
||||||
|
- kubernetes-etcd.kube-system.svc.cluster.local
|
||||||
|
- 10.96.0.2
|
||||||
|
- document_name: kubernetes-etcd-airsloop-control-1-peer
|
||||||
|
common_name: kubernetes-etcd-airsloop-control-1-peer
|
||||||
|
hosts:
|
||||||
|
- airsloop-control-1
|
||||||
|
- 10.22.72.21
|
||||||
|
- 127.0.0.1
|
||||||
|
- localhost
|
||||||
|
- kubernetes-etcd.kube-system.svc.cluster.local
|
||||||
|
- 10.96.0.2
|
||||||
|
- document_name: kubernetes-etcd-airsloop-control-2-peer
|
||||||
|
common_name: kubernetes-etcd-airsloop-control-2-peer
|
||||||
|
hosts:
|
||||||
|
- airsloop-control-2
|
||||||
|
- 10.23.22.12
|
||||||
|
- 127.0.0.1
|
||||||
|
- localhost
|
||||||
|
- kubernetes-etcd.kube-system.svc.cluster.local
|
||||||
|
- 10.96.0.2
|
||||||
|
- document_name: kubernetes-etcd-airsloop-control-3-peer
|
||||||
|
common_name: kubernetes-etcd-airsloop-control-3-peer
|
||||||
|
hosts:
|
||||||
|
- airsloop-control-3
|
||||||
|
- 10.23.22.13
|
||||||
|
- 127.0.0.1
|
||||||
|
- localhost
|
||||||
|
- kubernetes-etcd.kube-system.svc.cluster.local
|
||||||
|
- 10.96.0.2
|
||||||
|
# End node list
|
||||||
|
calico-etcd:
|
||||||
|
description: Certificates for Calico etcd client traffic
|
||||||
|
certificates:
|
||||||
|
- document_name: calico-etcd-anchor
|
||||||
|
description: anchor
|
||||||
|
common_name: anchor
|
||||||
|
# NEWSITE-CHANGEME: The following should be a list of the control plane
|
||||||
|
# nodes in the environment, including genesis.
|
||||||
|
# For each node, the `hosts` list should be comprised of:
|
||||||
|
# 1. The node's hostname, as already defined in baremetal/nodes.yaml
|
||||||
|
# 2. The node's oam IP address, as already defined in baremetal/nodes.yaml
|
||||||
|
# 3. The node's Calico IP address, as already defined in baremetal/nodes.yaml
|
||||||
|
# 4. 127.0.0.1
|
||||||
|
# 5. localhost
|
||||||
|
# 6. The calico/etcd/service_ip defined in networks/common-addresses.yaml
|
||||||
|
# NOTE: This list also needs to include the Genesis node, which is not
|
||||||
|
# listed in baremetal/nodes.yaml, but by convention should be allocated
|
||||||
|
# the first non-reserved IP in each logical network allocation range
|
||||||
|
# defined in networks/physical/networks.yaml
|
||||||
|
- document_name: calico-etcd-airsloop-control-1
|
||||||
|
common_name: calico-etcd-airsloop-control-1
|
||||||
|
hosts:
|
||||||
|
- airsloop-control-1
|
||||||
|
- 10.22.72.21
|
||||||
|
- 127.0.0.1
|
||||||
|
- localhost
|
||||||
|
- 10.96.232.136
|
||||||
|
- document_name: calico-etcd-airsloop-control-2
|
||||||
|
common_name: calico-etcd-airsloop-control-2
|
||||||
|
hosts:
|
||||||
|
- airsloop-control-2
|
||||||
|
- 10.23.22.12
|
||||||
|
- 127.0.0.1
|
||||||
|
- localhost
|
||||||
|
- 10.96.232.136
|
||||||
|
- document_name: calico-etcd-airsloop-control-3
|
||||||
|
common_name: calico-etcd-airsloop-control-3
|
||||||
|
hosts:
|
||||||
|
- airsloop-control-3
|
||||||
|
- 10.23.22.13
|
||||||
|
- 127.0.0.1
|
||||||
|
- localhost
|
||||||
|
- 10.96.232.136
|
||||||
|
- document_name: calico-node
|
||||||
|
common_name: calcico-node
|
||||||
|
# End node list
|
||||||
|
calico-etcd-peer:
|
||||||
|
description: Certificates for Calico etcd clients
|
||||||
|
certificates:
|
||||||
|
# NEWSITE-CHANGEME: This list should be identical to the previous list,
|
||||||
|
# except that `-peer` has been appended to the document/common names.
|
||||||
|
- document_name: calico-etcd-airsloop-control-1-peer
|
||||||
|
common_name: calico-etcd-airsloop-control-1-peer
|
||||||
|
hosts:
|
||||||
|
- airsloop-control-1
|
||||||
|
- 10.22.72.21
|
||||||
|
- 127.0.0.1
|
||||||
|
- localhost
|
||||||
|
- 10.96.232.136
|
||||||
|
- document_name: calico-etcd-airsloop-control-2-peer
|
||||||
|
common_name: calico-etcd-airsloop-control-2-peer
|
||||||
|
hosts:
|
||||||
|
- airsloop-control-2
|
||||||
|
- 10.23.22.12
|
||||||
|
- 127.0.0.1
|
||||||
|
- localhost
|
||||||
|
- 10.96.232.136
|
||||||
|
- document_name: calico-etcd-airsloop-control-3-peer
|
||||||
|
common_name: calico-etcd-airsloop-control-3-peer
|
||||||
|
hosts:
|
||||||
|
- airsloop-control-3
|
||||||
|
- 10.23.22.13
|
||||||
|
- 127.0.0.1
|
||||||
|
- localhost
|
||||||
|
- 10.96.232.136
|
||||||
|
- document_name: calico-node-peer
|
||||||
|
common_name: calcico-node-peer
|
||||||
|
# End node list
|
||||||
|
keypairs:
|
||||||
|
- name: service-account
|
||||||
|
description: Service account signing key for use by Kubernetes controller-manager.
|
||||||
|
...
|
|
@ -0,0 +1,49 @@
|
||||||
|
---
|
||||||
|
# The purpose of this file is to apply proper labels to Genesis node so the
|
||||||
|
# proper services are installed and proper configuration applied. This should
|
||||||
|
# not need to be changed for a new site.
|
||||||
|
# #GLOBAL-CANDIDATE#
|
||||||
|
schema: promenade/Genesis/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: genesis-site
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
parentSelector:
|
||||||
|
name: genesis-global
|
||||||
|
actions:
|
||||||
|
- method: merge
|
||||||
|
path: .
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data:
|
||||||
|
labels:
|
||||||
|
dynamic:
|
||||||
|
- beta.kubernetes.io/fluentd-ds-ready=true
|
||||||
|
- calico-etcd=enabled
|
||||||
|
- ceph-mds=enabled
|
||||||
|
- ceph-mon=enabled
|
||||||
|
- ceph-osd=enabled
|
||||||
|
- ceph-rgw=enabled
|
||||||
|
- ceph-mgr=enabled
|
||||||
|
- ceph-bootstrap=enabled
|
||||||
|
- tenant-ceph-control-plane=enabled
|
||||||
|
- tenant-ceph-mon=enabled
|
||||||
|
- tenant-ceph-rgw=enabled
|
||||||
|
- tenant-ceph-mgr=enabled
|
||||||
|
- kube-dns=enabled
|
||||||
|
- kube-ingress=enabled
|
||||||
|
- kubernetes-apiserver=enabled
|
||||||
|
- kubernetes-controller-manager=enabled
|
||||||
|
- kubernetes-etcd=enabled
|
||||||
|
- kubernetes-scheduler=enabled
|
||||||
|
- promenade-genesis=enabled
|
||||||
|
- ucp-control-plane=enabled
|
||||||
|
- maas-control-plane=enabled
|
||||||
|
- ceph-osd-bootstrap=enabled
|
||||||
|
- openstack-control-plane=enabled
|
||||||
|
- openvswitch=enabled
|
||||||
|
- openstack-l3-agent=enabled
|
||||||
|
- node-exporter=enabled
|
||||||
|
- fluentd=enabled
|
||||||
|
...
|
|
@ -0,0 +1,49 @@
|
||||||
|
---
|
||||||
|
schema: 'drydock/HardwareProfile/v1'
|
||||||
|
metadata:
|
||||||
|
schema: 'metadata/Document/v1'
|
||||||
|
name: dell_r720xd
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data:
|
||||||
|
# Vendor of the server chassis
|
||||||
|
vendor: DELL
|
||||||
|
# Generation of the chassis model
|
||||||
|
generation: '8'
|
||||||
|
# Version of the chassis model within its generation - not version of the hardware definition
|
||||||
|
hw_version: '3'
|
||||||
|
# The certified version of the chassis BIOS
|
||||||
|
bios_version: '2.2.3'
|
||||||
|
# Mode of the default boot of hardware - bios, uefi
|
||||||
|
boot_mode: bios
|
||||||
|
# Protocol of boot of the hardware - pxe, usb, hdd
|
||||||
|
bootstrap_protocol: pxe
|
||||||
|
# Which interface to use for network booting within the OOB manager, not OS device
|
||||||
|
pxe_interface: 0
|
||||||
|
# Map hardware addresses to aliases/roles to allow a mix of hardware configs
|
||||||
|
# in a site to result in a consistent configuration
|
||||||
|
device_aliases:
|
||||||
|
|
||||||
|
## network
|
||||||
|
# eno1
|
||||||
|
pxe_nic01:
|
||||||
|
address: '0000:01:00.0'
|
||||||
|
# type could identify expected hardware - used for hardware manifest validation
|
||||||
|
dev_type: 'I350 Gigabit Network Connection'
|
||||||
|
bus_type: 'pci'
|
||||||
|
# enp67s0f0
|
||||||
|
data_nic01:
|
||||||
|
address: '0000:43:00.0'
|
||||||
|
dev_type: 'Ethernet 10G 2P X520 Adapter'
|
||||||
|
bus_type: 'pci'
|
||||||
|
# enp67s0f1
|
||||||
|
|
||||||
|
## storage
|
||||||
|
# /dev/sda
|
||||||
|
bootdisk:
|
||||||
|
address: '0:2.0.0'
|
||||||
|
dev_type: 'PERC H710P'
|
||||||
|
bus_type: 'scsi'
|
||||||
|
...
|
|
@ -0,0 +1,80 @@
|
||||||
|
---
|
||||||
|
# The data plane host profile for Airship for DELL R720s, and should
|
||||||
|
# not need to be altered if you are using matching HW. The host profile is setup
|
||||||
|
# for cpu isolation (for nova pinning), hugepages, and sr-iov.
|
||||||
|
schema: drydock/HostProfile/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: compute_r720xd
|
||||||
|
storagePolicy: cleartext
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
parentSelector:
|
||||||
|
hosttype: dp-global
|
||||||
|
actions:
|
||||||
|
- method: replace
|
||||||
|
path: .interfaces
|
||||||
|
- method: replace
|
||||||
|
path: .storage
|
||||||
|
- method: merge
|
||||||
|
path: .
|
||||||
|
data:
|
||||||
|
hardware_profile: dell_r720xd
|
||||||
|
|
||||||
|
primary_network: oam
|
||||||
|
interfaces:
|
||||||
|
pxe:
|
||||||
|
device_link: pxe
|
||||||
|
slaves:
|
||||||
|
- pxe_nic01
|
||||||
|
networks:
|
||||||
|
- pxe
|
||||||
|
data:
|
||||||
|
device_link: data
|
||||||
|
slaves:
|
||||||
|
- data_nic01
|
||||||
|
networks:
|
||||||
|
- oam
|
||||||
|
- storage
|
||||||
|
- overlay
|
||||||
|
- calico
|
||||||
|
|
||||||
|
storage:
|
||||||
|
physical_devices:
|
||||||
|
bootdisk:
|
||||||
|
labels:
|
||||||
|
bootdrive: 'true'
|
||||||
|
partitions:
|
||||||
|
- name: 'root'
|
||||||
|
size: '30g'
|
||||||
|
bootable: true
|
||||||
|
filesystem:
|
||||||
|
mountpoint: '/'
|
||||||
|
fstype: 'ext4'
|
||||||
|
mount_options: 'defaults'
|
||||||
|
- name: 'boot'
|
||||||
|
size: '1g'
|
||||||
|
filesystem:
|
||||||
|
mountpoint: '/boot'
|
||||||
|
fstype: 'ext4'
|
||||||
|
mount_options: 'defaults'
|
||||||
|
- name: 'var_log'
|
||||||
|
size: '100g'
|
||||||
|
filesystem:
|
||||||
|
mountpoint: '/var/log'
|
||||||
|
fstype: 'ext4'
|
||||||
|
mount_options: 'defaults'
|
||||||
|
- name: 'var'
|
||||||
|
size: '>100g'
|
||||||
|
filesystem:
|
||||||
|
mountpoint: '/var'
|
||||||
|
fstype: 'ext4'
|
||||||
|
mount_options: 'defaults'
|
||||||
|
|
||||||
|
platform:
|
||||||
|
image: 'xenial'
|
||||||
|
kernel: 'ga-16.04'
|
||||||
|
kernel_params:
|
||||||
|
kernel_package: 'linux-image-4.4.0-137-generic'
|
||||||
|
...
|
|
@ -0,0 +1,53 @@
|
||||||
|
---
|
||||||
|
# The purpose of this file is to define the drydock Region, which in turn drives
|
||||||
|
# the MaaS region.
|
||||||
|
schema: 'drydock/Region/v1'
|
||||||
|
metadata:
|
||||||
|
schema: 'metadata/Document/v1'
|
||||||
|
# NEWSITE-CHANGEME: Replace with the site name
|
||||||
|
name: airsloop
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
substitutions:
|
||||||
|
# NEWSITE-CHANGEME: Substitutions from deckhand SSH public keys into the
|
||||||
|
# list of authorized keys which MaaS will register for the build-in "ubuntu"
|
||||||
|
# account during the PXE process. Create a substitution rule for each SSH
|
||||||
|
# key that should have access to the "ubuntu" account (useful for trouble-
|
||||||
|
# shooting problems before UAM or UAM-lite is operational). SSH keys are
|
||||||
|
# stored as secrets in site/airsloop/secrets.
|
||||||
|
- dest:
|
||||||
|
# Add/replace the first item in the list
|
||||||
|
path: .authorized_keys[0]
|
||||||
|
src:
|
||||||
|
schema: deckhand/PublicKey/v1
|
||||||
|
# This should match the "name" metadata of the SSH key which will be
|
||||||
|
# substituted, located in site/airsloop/secrets folder.
|
||||||
|
name: airsloop_ssh_public_key
|
||||||
|
path: .
|
||||||
|
- dest:
|
||||||
|
path: .repositories.main_archive
|
||||||
|
src:
|
||||||
|
schema: pegleg/SoftwareVersions/v1
|
||||||
|
name: software-versions
|
||||||
|
path: .packages.repositories.main_archive
|
||||||
|
# Second key example
|
||||||
|
#- dest:
|
||||||
|
# # Increment the list index
|
||||||
|
# path: .authorized_keys[1]
|
||||||
|
# src:
|
||||||
|
# schema: deckhand/PublicKey/v1
|
||||||
|
# # your ssh key
|
||||||
|
# name: MY_USER_ssh_public_key
|
||||||
|
# path: .
|
||||||
|
data:
|
||||||
|
tag_definitions: []
|
||||||
|
# This is the list of SSH keys which MaaS will register for the built-in
|
||||||
|
# "ubuntu" account during the PXE process. This list is populated by
|
||||||
|
# substitution, so the same SSH keys do not need to be repeated in multiple
|
||||||
|
# manifests.
|
||||||
|
authorized_keys: []
|
||||||
|
repositories:
|
||||||
|
remove_unlisted: true
|
||||||
|
...
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,12 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: airsloop_crypt_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
# Pass: airsloop123
|
||||||
|
data: $6$AVL7yH1sLYlKqvcK$ngUiLKYZQhhj07Lb3ngWa4qVwDgUP9pCGfGFG7JIpF.6iStnfEMeySf8XusA0/3i9O5gMHE9hbg1/4GrFb5rR0
|
||||||
|
...
|
|
@ -0,0 +1,12 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: ceph_fsid
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
# uuidgen
|
||||||
|
data: d52a9d00-64b9-45f0-b564-08dffe95f847
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: ceph_swift_keystone_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,13 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: ipmi_admin_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
labels:
|
||||||
|
name: ipmi-admin-password-site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,12 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: maas-region-key
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
# openssl rand -hex 10
|
||||||
|
data: e12330cfe038735aee32
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_barbican_oslo_db_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_barbican_oslo_messaging_admin_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_barbican_oslo_messaging_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_barbican_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_barbican_rabbitmq_erlang_cookie
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_cinder_oslo_db_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_cinder_oslo_messaging_admin_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_cinder_oslo_messaging_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_cinder_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_cinder_rabbitmq_erlang_cookie
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_glance_oslo_db_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_glance_oslo_messaging_admin_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_glance_oslo_messaging_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_glance_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_glance_rabbitmq_erlang_cookie
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_heat_oslo_db_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_heat_oslo_messaging_admin_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_heat_oslo_messaging_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_heat_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_heat_rabbitmq_erlang_cookie
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_heat_stack_user_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_heat_trustee_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_horizon_oslo_db_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_infra_elasticsearch_admin_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_infra_grafana_admin_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_infra_grafana_oslo_db_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_infra_grafana_oslo_db_session_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_infra_nagios_admin_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_infra_openstack_exporter_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_infra_oslo_db_admin_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_infra_oslo_db_exporter_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_infra_prometheus_admin_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_infra_rgw_s3_admin_access_key
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: admin_access_key
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_infra_rgw_s3_admin_secret_key
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: admin_secret_key
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_infra_rgw_s3_elasticsearch_access_key
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: elastic_access_key
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_infra_rgw_s3_elasticsearch_secret_key
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: elastic_secret_key
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_keystone_admin_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_keystone_ldap_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_keystone_oslo_db_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_keystone_oslo_messaging_admin_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_keystone_oslo_messaging_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_keystone_rabbitmq_erlang_cookie
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_neutron_oslo_db_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_neutron_oslo_messaging_admin_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_neutron_oslo_messaging_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_neutron_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_neutron_rabbitmq_erlang_cookie
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_nova_oslo_db_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_nova_oslo_messaging_admin_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_nova_oslo_messaging_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_nova_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_nova_rabbitmq_erlang_cookie
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_oslo_cache_secret_key
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_oslo_db_admin_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_oslo_db_exporter_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: osh_placement_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,12 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: tenant_ceph_fsid
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
# uuidgen
|
||||||
|
data: 9e45aa5f-9d75-4fa7-bde5-c99e4a7db7a1
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: ucp_airflow_oslo_messaging_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: ucp_airflow_postgres_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: ucp_armada_keystone_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: ucp_barbican_keystone_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: ucp_barbican_oslo_db_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: ucp_deckhand_keystone_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: ucp_deckhand_postgres_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: ucp_drydock_keystone_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: ucp_drydock_postgres_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: ucp_keystone_admin_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: ucp_keystone_oslo_db_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: ucp_maas_admin_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: ucp_maas_postgres_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: ucp_openstack_exporter_keystone_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: ucp_oslo_db_admin_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: ucp_oslo_messaging_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: ucp_postgres_admin_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: ucp_promenade_keystone_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: ucp_rabbitmq_erlang_cookie
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
schema: deckhand/Passphrase/v1
|
||||||
|
metadata:
|
||||||
|
schema: metadata/Document/v1
|
||||||
|
name: ucp_shipyard_keystone_password
|
||||||
|
layeringDefinition:
|
||||||
|
abstract: false
|
||||||
|
layer: site
|
||||||
|
storagePolicy: cleartext
|
||||||
|
data: airsloop123
|
||||||
|
...
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue