Browse Source

Add Airship-in-a-Bottle site manifests and scripts

Note: all scripts in tools/deployment/aiab directory have been
moved into this repository as is (except a few changes to make
them work), they require a heavy refactoring that will be done
in separate patch-sets.

* Add a virtual single node manifests that are based on a sloop type.
* Use NFS provisioner instead of Ceph.
* Update tools/openstack to be non-seaworthy specific, use a default
  region name and auth url.
* Make type/sloop/config/common-software-config.yaml to be site specific,
  to allow to configure custom region_name.
* Remove max-pods-per-cpu parameter for kubelet, treasuremap needs
  to support a diverse set of environments, without constraints
  on the number of available cores. Max pods configuration parameter
  is still present and helps to mitigate problems when kubernetes
  unexpectedly starts a large number of pods.

Change-Id: I379a50d810b91b989f039dbb7c691f5ceec0cc67
tags/v1.1
Evgeny L 1 month ago
parent
commit
c88eb575b8
100 changed files with 1633 additions and 1 deletions
  1. 0
    1
      global/software/config/Kubelet.yaml
  2. 41
    0
      site/aiab/deployment/deployment-configuration.yaml
  3. 24
    0
      site/aiab/deployment/dev-configurables.yaml
  4. 35
    0
      site/aiab/manifests/bootstrap.yaml
  5. 127
    0
      site/aiab/networks/common-addresses.yaml
  6. 183
    0
      site/aiab/pki/pki-catalog.yaml
  7. 43
    0
      site/aiab/profiles/genesis.yaml
  8. 12
    0
      site/aiab/secrets/passphrases/ceph_fsid.yaml
  9. 11
    0
      site/aiab/secrets/passphrases/ceph_swift_keystone_password.yaml
  10. 13
    0
      site/aiab/secrets/passphrases/ipmi_admin_password.yaml
  11. 12
    0
      site/aiab/secrets/passphrases/maas-region-key.yaml
  12. 11
    0
      site/aiab/secrets/passphrases/osh_barbican_oslo_db_password.yaml
  13. 11
    0
      site/aiab/secrets/passphrases/osh_barbican_oslo_messaging_admin_password.yaml
  14. 11
    0
      site/aiab/secrets/passphrases/osh_barbican_oslo_messaging_password.yaml
  15. 11
    0
      site/aiab/secrets/passphrases/osh_barbican_password.yaml
  16. 11
    0
      site/aiab/secrets/passphrases/osh_barbican_rabbitmq_erlang_cookie.yaml
  17. 11
    0
      site/aiab/secrets/passphrases/osh_cinder_oslo_db_password.yaml
  18. 11
    0
      site/aiab/secrets/passphrases/osh_cinder_oslo_messaging_admin_password.yaml
  19. 11
    0
      site/aiab/secrets/passphrases/osh_cinder_oslo_messaging_password.yaml
  20. 11
    0
      site/aiab/secrets/passphrases/osh_cinder_password.yaml
  21. 11
    0
      site/aiab/secrets/passphrases/osh_cinder_rabbitmq_erlang_cookie.yaml
  22. 11
    0
      site/aiab/secrets/passphrases/osh_glance_oslo_db_password.yaml
  23. 11
    0
      site/aiab/secrets/passphrases/osh_glance_oslo_messaging_admin_password.yaml
  24. 11
    0
      site/aiab/secrets/passphrases/osh_glance_oslo_messaging_password.yaml
  25. 11
    0
      site/aiab/secrets/passphrases/osh_glance_password.yaml
  26. 11
    0
      site/aiab/secrets/passphrases/osh_glance_rabbitmq_erlang_cookie.yaml
  27. 11
    0
      site/aiab/secrets/passphrases/osh_heat_oslo_db_password.yaml
  28. 11
    0
      site/aiab/secrets/passphrases/osh_heat_oslo_messaging_admin_password.yaml
  29. 11
    0
      site/aiab/secrets/passphrases/osh_heat_oslo_messaging_password.yaml
  30. 11
    0
      site/aiab/secrets/passphrases/osh_heat_password.yaml
  31. 11
    0
      site/aiab/secrets/passphrases/osh_heat_rabbitmq_erlang_cookie.yaml
  32. 11
    0
      site/aiab/secrets/passphrases/osh_heat_stack_user_password.yaml
  33. 11
    0
      site/aiab/secrets/passphrases/osh_heat_trustee_password.yaml
  34. 11
    0
      site/aiab/secrets/passphrases/osh_horizon_oslo_db_password.yaml
  35. 11
    0
      site/aiab/secrets/passphrases/osh_infra_elasticsearch_admin_password.yaml
  36. 11
    0
      site/aiab/secrets/passphrases/osh_infra_grafana_admin_password.yaml
  37. 11
    0
      site/aiab/secrets/passphrases/osh_infra_grafana_oslo_db_password.yaml
  38. 11
    0
      site/aiab/secrets/passphrases/osh_infra_grafana_oslo_db_session_password.yaml
  39. 11
    0
      site/aiab/secrets/passphrases/osh_infra_nagios_admin_password.yaml
  40. 11
    0
      site/aiab/secrets/passphrases/osh_infra_openstack_exporter_password.yaml
  41. 11
    0
      site/aiab/secrets/passphrases/osh_infra_oslo_db_admin_password.yaml
  42. 11
    0
      site/aiab/secrets/passphrases/osh_infra_oslo_db_exporter_password.yaml
  43. 11
    0
      site/aiab/secrets/passphrases/osh_infra_prometheus_admin_password.yaml
  44. 11
    0
      site/aiab/secrets/passphrases/osh_infra_rgw_s3_admin_access_key.yaml
  45. 11
    0
      site/aiab/secrets/passphrases/osh_infra_rgw_s3_admin_secret_key.yaml
  46. 11
    0
      site/aiab/secrets/passphrases/osh_infra_rgw_s3_elasticsearch_access_key.yaml
  47. 11
    0
      site/aiab/secrets/passphrases/osh_infra_rgw_s3_elasticsearch_secret_key.yaml
  48. 11
    0
      site/aiab/secrets/passphrases/osh_keystone_admin_password.yaml
  49. 11
    0
      site/aiab/secrets/passphrases/osh_keystone_ldap_password.yaml
  50. 11
    0
      site/aiab/secrets/passphrases/osh_keystone_oslo_db_password.yaml
  51. 11
    0
      site/aiab/secrets/passphrases/osh_keystone_oslo_messaging_admin_password.yaml
  52. 11
    0
      site/aiab/secrets/passphrases/osh_keystone_oslo_messaging_password.yaml
  53. 11
    0
      site/aiab/secrets/passphrases/osh_keystone_rabbitmq_erlang_cookie.yaml
  54. 11
    0
      site/aiab/secrets/passphrases/osh_neutron_oslo_db_password.yaml
  55. 11
    0
      site/aiab/secrets/passphrases/osh_neutron_oslo_messaging_admin_password.yaml
  56. 11
    0
      site/aiab/secrets/passphrases/osh_neutron_oslo_messaging_password.yaml
  57. 11
    0
      site/aiab/secrets/passphrases/osh_neutron_password.yaml
  58. 11
    0
      site/aiab/secrets/passphrases/osh_neutron_rabbitmq_erlang_cookie.yaml
  59. 11
    0
      site/aiab/secrets/passphrases/osh_nova_metadata_proxy_shared_secret.yaml
  60. 11
    0
      site/aiab/secrets/passphrases/osh_nova_oslo_db_password.yaml
  61. 11
    0
      site/aiab/secrets/passphrases/osh_nova_oslo_messaging_admin_password.yaml
  62. 11
    0
      site/aiab/secrets/passphrases/osh_nova_oslo_messaging_password.yaml
  63. 11
    0
      site/aiab/secrets/passphrases/osh_nova_password.yaml
  64. 11
    0
      site/aiab/secrets/passphrases/osh_nova_rabbitmq_erlang_cookie.yaml
  65. 11
    0
      site/aiab/secrets/passphrases/osh_oslo_cache_secret_key.yaml
  66. 11
    0
      site/aiab/secrets/passphrases/osh_oslo_db_admin_password.yaml
  67. 11
    0
      site/aiab/secrets/passphrases/osh_oslo_db_exporter_password.yaml
  68. 11
    0
      site/aiab/secrets/passphrases/osh_placement_password.yaml
  69. 11
    0
      site/aiab/secrets/passphrases/osh_tempest_password.yaml
  70. 12
    0
      site/aiab/secrets/passphrases/tenant_ceph_fsid.yaml
  71. 11
    0
      site/aiab/secrets/passphrases/ucp_airflow_oslo_messaging_password.yaml
  72. 11
    0
      site/aiab/secrets/passphrases/ucp_airflow_postgres_password.yaml
  73. 11
    0
      site/aiab/secrets/passphrases/ucp_armada_keystone_password.yaml
  74. 11
    0
      site/aiab/secrets/passphrases/ucp_barbican_keystone_password.yaml
  75. 11
    0
      site/aiab/secrets/passphrases/ucp_barbican_oslo_db_password.yaml
  76. 11
    0
      site/aiab/secrets/passphrases/ucp_deckhand_keystone_password.yaml
  77. 11
    0
      site/aiab/secrets/passphrases/ucp_deckhand_postgres_password.yaml
  78. 11
    0
      site/aiab/secrets/passphrases/ucp_drydock_keystone_password.yaml
  79. 11
    0
      site/aiab/secrets/passphrases/ucp_drydock_postgres_password.yaml
  80. 11
    0
      site/aiab/secrets/passphrases/ucp_keystone_admin_password.yaml
  81. 11
    0
      site/aiab/secrets/passphrases/ucp_keystone_oslo_db_password.yaml
  82. 11
    0
      site/aiab/secrets/passphrases/ucp_maas_admin_password.yaml
  83. 11
    0
      site/aiab/secrets/passphrases/ucp_maas_postgres_password.yaml
  84. 11
    0
      site/aiab/secrets/passphrases/ucp_openstack_exporter_keystone_password.yaml
  85. 11
    0
      site/aiab/secrets/passphrases/ucp_oslo_db_admin_password.yaml
  86. 11
    0
      site/aiab/secrets/passphrases/ucp_oslo_messaging_password.yaml
  87. 11
    0
      site/aiab/secrets/passphrases/ucp_postgres_admin_password.yaml
  88. 11
    0
      site/aiab/secrets/passphrases/ucp_promenade_keystone_password.yaml
  89. 11
    0
      site/aiab/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml
  90. 11
    0
      site/aiab/secrets/passphrases/ucp_shipyard_keystone_password.yaml
  91. 11
    0
      site/aiab/secrets/passphrases/ucp_shipyard_postgres_password.yaml
  92. 15
    0
      site/aiab/site-definition.yaml
  93. 50
    0
      site/aiab/software/charts/kubernetes/container-networking/etcd.yaml
  94. 50
    0
      site/aiab/software/charts/kubernetes/etcd/etcd.yaml
  95. 24
    0
      site/aiab/software/charts/osh/openstack-compute-kit/libvirt.yaml
  96. 40
    0
      site/aiab/software/charts/osh/openstack-compute-kit/neutron.yaml
  97. 27
    0
      site/aiab/software/charts/osh/openstack-compute-kit/nova.yaml
  98. 24
    0
      site/aiab/software/charts/osh/openstack-glance/glance.yaml
  99. 21
    0
      site/aiab/software/charts/osh/openstack-heat/heat.yaml
  100. 0
    0
      site/aiab/software/charts/ucp/divingbell.yaml

+ 0
- 1
global/software/config/Kubelet.yaml View File

@@ -29,7 +29,6 @@ data:
29 29
     - --network-plugin=cni
30 30
     - --node-status-update-frequency=5s
31 31
     - --max-pods=200
32
-    - --pods-per-core=10
33 32
     - --kube-api-burst=40
34 33
     - --kube-api-qps=20
35 34
     - --seccomp-profile-root=SECCOMP_PROFILE_ROOT

+ 41
- 0
site/aiab/deployment/deployment-configuration.yaml View File

@@ -0,0 +1,41 @@
1
+---
2
+# The purpose of this file is to provide shipyard related deployment config
3
+# parameters. This should not require modification for a new site. However,
4
+# shipyard deployment strategies can be very useful in getting around certain
5
+# failures, like misbehaving nodes that hold up the deployment. See more at
6
+# https://opendev.org/airship/shipyard/src/branch/master/doc/source/site-definition-documents.rst#using-a-deployment-strategy
7
+schema: shipyard/DeploymentConfiguration/v1
8
+metadata:
9
+  schema: metadata/Document/v1
10
+  name: deployment-configuration
11
+  layeringDefinition:
12
+    abstract: false
13
+    layer: site
14
+  storagePolicy: cleartext
15
+data:
16
+  physical_provisioner:
17
+    deployment_strategy: deployment-strategy
18
+    deploy_interval: 30
19
+    deploy_timeout: 3600
20
+    destroy_interval: 30
21
+    destroy_timeout: 900
22
+    join_wait: 0
23
+    prepare_node_interval: 30
24
+    prepare_node_timeout: 1800
25
+    prepare_site_interval: 10
26
+    prepare_site_timeout: 300
27
+    verify_interval: 10
28
+    verify_timeout: 60
29
+  kubernetes_provisioner:
30
+    drain_timeout: 3600
31
+    drain_grace_period: 1800
32
+    clear_labels_timeout: 1800
33
+    remove_etcd_timeout: 1800
34
+    etcd_ready_timeout: 600
35
+  armada:
36
+    get_releases_timeout: 300
37
+    get_status_timeout: 300
38
+    manifest: 'full-site-aiab'
39
+    post_apply_timeout: 7200
40
+    validate_design_timeout: 600
41
+...

+ 24
- 0
site/aiab/deployment/dev-configurables.yaml View File

@@ -0,0 +1,24 @@
1
+---
2
+# These parameters are environment specific, they are
3
+# overridden with scripts during the installation.
4
+schema: dev/Configurables/v1
5
+metadata:
6
+  schema: metadata/Document/v1
7
+  name: dev-configurables
8
+  layeringDefinition:
9
+    abstract: false
10
+    layer: site
11
+  storagePolicy: cleartext
12
+
13
+# This is just an example of configuration parameters.
14
+data:
15
+  # Hostname of the node.
16
+  hostname: aiab
17
+  # IP address for external network.
18
+  hostip: 10.0.2.14
19
+  # IP address range for external neetwork.
20
+  hostcidr: 10.0.2.0/24
21
+  # Name of interface.
22
+  interface: ens3
23
+  # IP address for MaaS VIP address.
24
+  maas-ingress: '192.169.1.5/32'

+ 35
- 0
site/aiab/manifests/bootstrap.yaml View File

@@ -0,0 +1,35 @@
1
+---
2
+schema: armada/Manifest/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: cluster-bootstrap-aiab
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+    parentSelector:
10
+      name: cluster-bootstrap-global
11
+    actions:
12
+      - method: replace
13
+        path: .chart_groups
14
+  storagePolicy: cleartext
15
+data:
16
+  release_prefix: airship
17
+  chart_groups:
18
+    - podsecuritypolicy
19
+    - kubernetes-proxy
20
+    - kubernetes-container-networking
21
+    - kubernetes-dns
22
+    - kubernetes-etcd
23
+    - kubernetes-haproxy
24
+    - kubernetes-core
25
+    - ingress-kube-system
26
+    - osh-infra-nfs-provisioner
27
+    - ucp-core
28
+    - ucp-keystone
29
+    - ucp-divingbell
30
+    - ucp-armada
31
+    - ucp-deckhand
32
+    - ucp-drydock
33
+    - ucp-promenade
34
+    - ucp-shipyard
35
+...

+ 127
- 0
site/aiab/networks/common-addresses.yaml View File

@@ -0,0 +1,127 @@
1
+---
2
+# The purpose of this file is to define network related paramters that are
3
+# referenced elsewhere in the manifests for this site.
4
+schema: pegleg/CommonAddresses/v1
5
+metadata:
6
+  schema: metadata/Document/v1
7
+  name: common-addresses
8
+  layeringDefinition:
9
+    abstract: false
10
+    layer: site
11
+  storagePolicy: cleartext
12
+  substitutions:
13
+    - src:
14
+        schema: dev/Configurables/v1
15
+        name: dev-configurables
16
+        path: .interface
17
+      dest:
18
+        path: .calico.ip_autodetection_method
19
+        pattern: REPLACEME
20
+    - src:
21
+        schema: dev/Configurables/v1
22
+        name: dev-configurables
23
+        path: .hostname
24
+      dest:
25
+        path: .genesis.hostname
26
+    - src:
27
+        schema: dev/Configurables/v1
28
+        name: dev-configurables
29
+        path: .hostip
30
+      dest:
31
+        path: .genesis.ip
32
+    - src:
33
+        schema: dev/Configurables/v1
34
+        name: dev-configurables
35
+        path: .hostip
36
+      dest:
37
+        path: .bootstrap.ip
38
+    - src:
39
+        schema: dev/Configurables/v1
40
+        name: dev-configurables
41
+        path: .hostcidr
42
+      dest:
43
+        path: .storage.ceph.public_cidr
44
+    - src:
45
+        schema: dev/Configurables/v1
46
+        name: dev-configurables
47
+        path: .hostcidr
48
+      dest:
49
+        path: .storage.ceph.cluster_cidr
50
+
51
+data:
52
+  calico:
53
+    ip_autodetection_method: 'interface=REPLACEME'
54
+    etcd:
55
+      service_ip: 10.96.232.136
56
+
57
+  dns:
58
+    cluster_domain: cluster.local
59
+    service_ip: 10.96.0.10
60
+    upstream_servers:
61
+      - 8.8.8.8
62
+      - 8.8.4.4
63
+      - 208.67.222.222
64
+    upstream_servers_joined: 8.8.8.8,8.8.4.4,208.67.222.222
65
+
66
+  genesis:
67
+    hostname: REPLACEME
68
+    ip: REPLACEME
69
+
70
+  bootstrap:
71
+    ip: REPLACEME
72
+
73
+  kubernetes:
74
+    # K8s API service IP
75
+    api_service_ip: 10.96.0.1
76
+    # etcd service IP
77
+    etcd_service_ip: 10.96.0.2
78
+    # k8s pod CIDR (network which pod traffic will traverse)
79
+    pod_cidr: 10.97.0.0/16
80
+    # k8s service CIDR (network which k8s API traffic will traverse)
81
+    service_cidr: 10.96.0.0/16
82
+    # misc k8s port settings
83
+    apiserver_port: 6443
84
+    haproxy_port: 6553
85
+    service_node_port_range: 30000-32767
86
+
87
+  # etcd port settings
88
+  etcd:
89
+    container_port: 2379
90
+    haproxy_port: 2378
91
+
92
+  proxy:
93
+    http: ""
94
+    https: ""
95
+    no_proxy: []
96
+
97
+  node_ports:
98
+    drydock_api: 30000
99
+    maas_api: 30001
100
+    maas_proxy: 31800  # hardcoded in MAAS
101
+
102
+  ntp:
103
+    servers_joined: '0.ubuntu.pool.ntp.org,1.ubuntu.pool.ntp.org,2.ubuntu.pool.ntp.org,4.ubuntu.pool.ntp.org'
104
+
105
+  # NOTE(eli): this is not needed for Airship in a bottle, this is here
106
+  # only to satisfy substitutions in globals.
107
+  storage:
108
+    ceph:
109
+      public_cidr: REPLACEME
110
+      cluster_cidr: REPLACEME
111
+
112
+  # NOTE: This is not used and is needed only to satisfy global substitutions.
113
+  ldap:
114
+    base_url: 'ldap.example.com'
115
+    url: 'ldap://ldap.example.com'
116
+    auth_path: DC=test,DC=test,DC=com?sAMAccountName?sub?memberof=CN=test,OU=Application,OU=Groups,DC=test,DC=test,DC=com
117
+    common_name: test
118
+    subdomain: test
119
+    domain: example
120
+
121
+  neutron:
122
+    tunnel_device: docker0
123
+    external_iface: docker0
124
+
125
+  openvswitch:
126
+    external_iface: docker0
127
+...

+ 183
- 0
site/aiab/pki/pki-catalog.yaml View File

@@ -0,0 +1,183 @@
1
+---
2
+# The purpose of this file is to define the PKI certificates for the environment
3
+#
4
+# NOTE: When deploying a new site, this file should not be configured until
5
+# baremetal/nodes.yaml is complete.
6
+#
7
+schema: promenade/PKICatalog/v1
8
+metadata:
9
+  schema: metadata/Document/v1
10
+  name: cluster-certificates
11
+  layeringDefinition:
12
+    abstract: false
13
+    layer: site
14
+  storagePolicy: cleartext
15
+  substitutions:
16
+    - src:
17
+        schema: dev/Configurables/v1
18
+        name: dev-configurables
19
+        path: .hostname
20
+      dest:
21
+        path: .certificate_authorities.kubernetes.certificates[1].hosts[0]
22
+    - src:
23
+        schema: dev/Configurables/v1
24
+        name: dev-configurables
25
+        path: .hostip
26
+      dest:
27
+        path: .certificate_authorities.kubernetes.certificates[1].hosts[1]
28
+    - src:
29
+        schema: dev/Configurables/v1
30
+        name: dev-configurables
31
+        path: .hostname
32
+      dest:
33
+        path: .certificate_authorities.kubernetes.certificates[1].common_name
34
+        pattern: HOSTNAME
35
+    - src:
36
+        schema: dev/Configurables/v1
37
+        name: dev-configurables
38
+        path: .hostname
39
+      dest:
40
+        path: .certificate_authorities.kubernetes-etcd.certificates[2].hosts[0]
41
+    - src:
42
+        schema: dev/Configurables/v1
43
+        name: dev-configurables
44
+        path: .hostip
45
+      dest:
46
+        path: .certificate_authorities.kubernetes-etcd.certificates[2].hosts[1]
47
+    - src:
48
+        schema: dev/Configurables/v1
49
+        name: dev-configurables
50
+        path: .hostname
51
+      dest:
52
+        path: .certificate_authorities.kubernetes-etcd-peer.certificates[0].hosts[0]
53
+    - src:
54
+        schema: dev/Configurables/v1
55
+        name: dev-configurables
56
+        path: .hostip
57
+      dest:
58
+        path: .certificate_authorities.kubernetes-etcd-peer.certificates[0].hosts[1]
59
+    - src:
60
+        schema: dev/Configurables/v1
61
+        name: dev-configurables
62
+        path: .hostname
63
+      dest:
64
+        path: .certificate_authorities.calico-etcd.certificates[1].hosts[0]
65
+    - src:
66
+        schema: dev/Configurables/v1
67
+        name: dev-configurables
68
+        path: .hostip
69
+      dest:
70
+        path: .certificate_authorities.calico-etcd.certificates[1].hosts[1]
71
+    - src:
72
+        schema: dev/Configurables/v1
73
+        name: dev-configurables
74
+        path: .hostname
75
+      dest:
76
+        path: .certificate_authorities.calico-etcd-peer.certificates[0].hosts[0]
77
+    - src:
78
+        schema: dev/Configurables/v1
79
+        name: dev-configurables
80
+        path: .hostip
81
+      dest:
82
+        path: .certificate_authorities.calico-etcd-peer.certificates[0].hosts[1]
83
+
84
+data:
85
+  certificate_authorities:
86
+    kubernetes:
87
+      description: CA for Kubernetes components
88
+      certificates:
89
+        - document_name: apiserver
90
+          description: Service certificate for Kubernetes apiserver
91
+          common_name: apiserver
92
+          hosts:
93
+            - localhost
94
+            - 127.0.0.1
95
+            - 10.96.0.1
96
+          kubernetes_service_names:
97
+            - kubernetes.default.svc.cluster.local
98
+        - document_name: kubelet-genesis
99
+          common_name: system:node:HOSTNAME
100
+          hosts:
101
+            - REPLACEME_HOST_NAME
102
+            - REPLACEME_HOST_IP
103
+          groups:
104
+            - system:nodes
105
+        - document_name: scheduler
106
+          description: Service certificate for Kubernetes scheduler
107
+          common_name: system:kube-scheduler
108
+        - document_name: controller-manager
109
+          description: certificate for controller-manager
110
+          common_name: system:kube-controller-manager
111
+        - document_name: admin
112
+          common_name: admin
113
+          groups:
114
+            - system:masters
115
+        - document_name: armada
116
+          common_name: armada
117
+          groups:
118
+            - system:masters
119
+    kubernetes-etcd:
120
+      description: Certificates for Kubernetes's etcd servers
121
+      certificates:
122
+        - document_name: apiserver-etcd
123
+          description: etcd client certificate for use by Kubernetes apiserver
124
+          common_name: apiserver
125
+        - document_name: kubernetes-etcd-anchor
126
+          description: anchor
127
+          common_name: anchor
128
+        - document_name: kubernetes-etcd-genesis
129
+          common_name: kubernetes-etcd-genesis
130
+          hosts:
131
+            - REPLACEME_HOST_NAME
132
+            - REPLACEME_HOST_IP
133
+            - 127.0.0.1
134
+            - localhost
135
+            - kubernetes-etcd.kube-system.svc.cluster.local
136
+            - 10.96.0.2
137
+    kubernetes-etcd-peer:
138
+      certificates:
139
+        - document_name: kubernetes-etcd-genesis-peer
140
+          common_name: kubernetes-etcd-genesis-peer
141
+          hosts:
142
+            - REPLACEME_HOST_NAME
143
+            - REPLACEME_HOST_IP
144
+            - 127.0.0.1
145
+            - localhost
146
+            - kubernetes-etcd.kube-system.svc.cluster.local
147
+            - 10.96.0.2
148
+    calico-etcd:
149
+      description: Certificates for Calico etcd client traffic
150
+      certificates:
151
+        - document_name: calico-etcd-anchor
152
+          description: anchor
153
+          common_name: anchor
154
+        - document_name: calico-etcd
155
+          common_name: calico-etcd
156
+          hosts:
157
+            - REPLACEME_HOST_NAME
158
+            - REPLACEME_HOST_IP
159
+            - 127.0.0.1
160
+            - localhost
161
+            - 10.96.232.136
162
+        - document_name: calico-node
163
+          common_name: calcico-node
164
+        # End node list
165
+    calico-etcd-peer:
166
+      description: Certificates for Calico etcd clients
167
+      certificates:
168
+        # NEWSITE-CHANGEME: This list should be identical to the previous list,
169
+        # except that `-peer` has been appended to the document/common names.
170
+        - document_name: calico-etcd-peer
171
+          common_name: calico-etcd-peer
172
+          hosts:
173
+            - REPLACEME_HOST_NAME
174
+            - REPLACEME_HOST_IP
175
+            - 127.0.0.1
176
+            - localhost
177
+            - 10.96.232.136
178
+        - document_name: calico-node-peer
179
+          common_name: calcico-node-peer
180
+  keypairs:
181
+    - name: service-account
182
+      description: Service account signing key for use by Kubernetes controller-manager.
183
+...

+ 43
- 0
site/aiab/profiles/genesis.yaml View File

@@ -0,0 +1,43 @@
1
+---
2
+# The purpose of this file is to apply proper labels to Genesis node so the
3
+# proper services are installed and proper configuration applied. This should
4
+# not need to be changed for a new site.
5
+schema: promenade/Genesis/v1
6
+metadata:
7
+  schema: metadata/Document/v1
8
+  name: genesis-site
9
+  layeringDefinition:
10
+    abstract: false
11
+    layer: site
12
+    parentSelector:
13
+      name: genesis-global
14
+    actions:
15
+      - method: merge
16
+        path: .
17
+  storagePolicy: cleartext
18
+data:
19
+  armada:
20
+    target_manifest: cluster-bootstrap-aiab
21
+  labels:
22
+    dynamic:
23
+      - beta.kubernetes.io/fluentd-ds-ready=true
24
+      - calico-etcd=enabled
25
+      - kube-dns=enabled
26
+      - kube-ingress=enabled
27
+      - kubernetes-apiserver=enabled
28
+      - kubernetes-controller-manager=enabled
29
+      - kubernetes-etcd=enabled
30
+      - kubernetes-scheduler=enabled
31
+      - promenade-genesis=enabled
32
+      - ucp-control-plane=enabled
33
+      - maas-rack=enabled
34
+      - maas-region=enabled
35
+      - openstack-control-plane=enabled
36
+      - openvswitch=enabled
37
+      - openstack-l3-agent=enabled
38
+      - node-exporter=enabled
39
+      - fluentd=enabled
40
+      - openstack-control-plane=enabled
41
+      - openstack-nova-compute=enabled
42
+      - openstack-libvirt=kernel
43
+...

+ 12
- 0
site/aiab/secrets/passphrases/ceph_fsid.yaml View File

@@ -0,0 +1,12 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: ceph_fsid
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+# uuidgen
11
+data: d52a9d00-64b9-45f0-b564-08dffe95f847
12
+...

+ 11
- 0
site/aiab/secrets/passphrases/ceph_swift_keystone_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: ceph_swift_keystone_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 13
- 0
site/aiab/secrets/passphrases/ipmi_admin_password.yaml View File

@@ -0,0 +1,13 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: ipmi_admin_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  labels:
10
+    name: ipmi-admin-password-site
11
+  storagePolicy: cleartext
12
+data: password123
13
+...

+ 12
- 0
site/aiab/secrets/passphrases/maas-region-key.yaml View File

@@ -0,0 +1,12 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: maas-region-key
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+# openssl rand -hex 10
11
+data: e12330cfe038735aee32
12
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_barbican_oslo_db_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_barbican_oslo_db_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_barbican_oslo_messaging_admin_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_barbican_oslo_messaging_admin_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_barbican_oslo_messaging_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_barbican_oslo_messaging_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_barbican_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_barbican_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_barbican_rabbitmq_erlang_cookie.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_barbican_rabbitmq_erlang_cookie
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_cinder_oslo_db_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_cinder_oslo_db_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_cinder_oslo_messaging_admin_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_cinder_oslo_messaging_admin_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_cinder_oslo_messaging_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_cinder_oslo_messaging_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_cinder_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_cinder_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_cinder_rabbitmq_erlang_cookie.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_cinder_rabbitmq_erlang_cookie
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_glance_oslo_db_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_glance_oslo_db_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_glance_oslo_messaging_admin_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_glance_oslo_messaging_admin_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_glance_oslo_messaging_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_glance_oslo_messaging_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_glance_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_glance_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_glance_rabbitmq_erlang_cookie.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_glance_rabbitmq_erlang_cookie
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_heat_oslo_db_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_heat_oslo_db_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_heat_oslo_messaging_admin_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_heat_oslo_messaging_admin_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_heat_oslo_messaging_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_heat_oslo_messaging_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_heat_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_heat_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_heat_rabbitmq_erlang_cookie.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_heat_rabbitmq_erlang_cookie
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_heat_stack_user_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_heat_stack_user_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_heat_trustee_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_heat_trustee_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_horizon_oslo_db_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_horizon_oslo_db_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_infra_elasticsearch_admin_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_infra_elasticsearch_admin_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_infra_grafana_admin_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_infra_grafana_admin_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_infra_grafana_oslo_db_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_infra_grafana_oslo_db_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_infra_grafana_oslo_db_session_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_infra_grafana_oslo_db_session_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_infra_nagios_admin_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_infra_nagios_admin_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_infra_openstack_exporter_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_infra_openstack_exporter_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_infra_oslo_db_admin_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_infra_oslo_db_admin_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_infra_oslo_db_exporter_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_infra_oslo_db_exporter_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_infra_prometheus_admin_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_infra_prometheus_admin_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_infra_rgw_s3_admin_access_key.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_infra_rgw_s3_admin_access_key
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: admin_access_key
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_infra_rgw_s3_admin_secret_key.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_infra_rgw_s3_admin_secret_key
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: admin_secret_key
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_infra_rgw_s3_elasticsearch_access_key.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_infra_rgw_s3_elasticsearch_access_key
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: elastic_access_key
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_infra_rgw_s3_elasticsearch_secret_key.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_infra_rgw_s3_elasticsearch_secret_key
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: elastic_secret_key
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_keystone_admin_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_keystone_admin_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_keystone_ldap_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_keystone_ldap_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_keystone_oslo_db_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_keystone_oslo_db_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_keystone_oslo_messaging_admin_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_keystone_oslo_messaging_admin_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_keystone_oslo_messaging_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_keystone_oslo_messaging_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_keystone_rabbitmq_erlang_cookie.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_keystone_rabbitmq_erlang_cookie
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_neutron_oslo_db_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_neutron_oslo_db_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_neutron_oslo_messaging_admin_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_neutron_oslo_messaging_admin_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_neutron_oslo_messaging_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_neutron_oslo_messaging_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_neutron_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_neutron_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_neutron_rabbitmq_erlang_cookie.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_neutron_rabbitmq_erlang_cookie
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_nova_metadata_proxy_shared_secret.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_nova_metadata_proxy_shared_secret
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_nova_oslo_db_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_nova_oslo_db_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_nova_oslo_messaging_admin_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_nova_oslo_messaging_admin_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_nova_oslo_messaging_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_nova_oslo_messaging_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_nova_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_nova_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_nova_rabbitmq_erlang_cookie.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_nova_rabbitmq_erlang_cookie
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_oslo_cache_secret_key.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_oslo_cache_secret_key
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_oslo_db_admin_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_oslo_db_admin_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_oslo_db_exporter_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_oslo_db_exporter_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_placement_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_placement_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/osh_tempest_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: osh_tempest_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 12
- 0
site/aiab/secrets/passphrases/tenant_ceph_fsid.yaml View File

@@ -0,0 +1,12 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: tenant_ceph_fsid
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+# uuidgen
11
+data: 9e45aa5f-9d75-4fa7-bde5-c99e4a7db7a1
12
+...

+ 11
- 0
site/aiab/secrets/passphrases/ucp_airflow_oslo_messaging_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: ucp_airflow_oslo_messaging_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/ucp_airflow_postgres_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: ucp_airflow_postgres_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/ucp_armada_keystone_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: ucp_armada_keystone_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/ucp_barbican_keystone_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: ucp_barbican_keystone_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/ucp_barbican_oslo_db_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: ucp_barbican_oslo_db_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/ucp_deckhand_keystone_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: ucp_deckhand_keystone_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/ucp_deckhand_postgres_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: ucp_deckhand_postgres_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/ucp_drydock_keystone_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: ucp_drydock_keystone_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/ucp_drydock_postgres_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: ucp_drydock_postgres_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/ucp_keystone_admin_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: ucp_keystone_admin_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/ucp_keystone_oslo_db_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: ucp_keystone_oslo_db_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/ucp_maas_admin_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: ucp_maas_admin_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/ucp_maas_postgres_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: ucp_maas_postgres_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/ucp_openstack_exporter_keystone_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: ucp_openstack_exporter_keystone_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/ucp_oslo_db_admin_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: ucp_oslo_db_admin_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/ucp_oslo_messaging_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: ucp_oslo_messaging_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/ucp_postgres_admin_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: ucp_postgres_admin_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/ucp_promenade_keystone_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: ucp_promenade_keystone_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: ucp_rabbitmq_erlang_cookie
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/ucp_shipyard_keystone_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: ucp_shipyard_keystone_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 11
- 0
site/aiab/secrets/passphrases/ucp_shipyard_postgres_password.yaml View File

@@ -0,0 +1,11 @@
1
+---
2
+schema: deckhand/Passphrase/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: ucp_shipyard_postgres_password
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  storagePolicy: cleartext
10
+data: password123
11
+...

+ 15
- 0
site/aiab/site-definition.yaml View File

@@ -0,0 +1,15 @@
1
+---
2
+# High-level pegleg site definition file
3
+schema: pegleg/SiteDefinition/v1
4
+metadata:
5
+  schema: metadata/Document/v1
6
+  layeringDefinition:
7
+    abstract: false
8
+    layer: site
9
+  name: aiab
10
+  storagePolicy: cleartext
11
+data:
12
+  # The type layer this site will delpoy with. Type layer is found in the
13
+  # type folder.
14
+  site_type: sloop
15
+...

+ 50
- 0
site/aiab/software/charts/kubernetes/container-networking/etcd.yaml View File

@@ -0,0 +1,50 @@
1
+---
2
+# The purpose of this file is to build the list of calico etcd nodes and the
3
+# calico etcd certs for those nodes in the environment.
4
+schema: armada/Chart/v1
5
+metadata:
6
+  schema: metadata/Document/v1
7
+  name: kubernetes-calico-etcd
8
+  layeringDefinition:
9
+    abstract: false
10
+    layer: site
11
+    parentSelector:
12
+      name: kubernetes-calico-etcd-global
13
+    actions:
14
+      - method: merge
15
+        path: .
16
+  storagePolicy: cleartext
17
+  substitutions:
18
+    - src:
19
+        schema: pegleg/CommonAddresses/v1
20
+        name: common-addresses
21
+        path: .genesis.hostname
22
+      dest:
23
+        path: .values.nodes[0].name
24
+    - src:
25
+        schema: deckhand/Certificate/v1
26
+        name: calico-etcd
27
+        path: .
28
+      dest:
29
+        path: .values.nodes[0].tls.client.cert
30
+    - src:
31
+        schema: deckhand/CertificateKey/v1
32
+        name: calico-etcd
33
+        path: .
34
+      dest:
35
+        path: .values.nodes[0].tls.client.key
36
+    - src:
37
+        schema: deckhand/Certificate/v1
38
+        name: calico-etcd-peer
39
+        path: .
40
+      dest:
41
+        path: .values.nodes[0].tls.peer.cert
42
+    - src:
43
+        schema: deckhand/CertificateKey/v1
44
+        name: calico-etcd-peer
45
+        path: .
46
+      dest:
47
+        path: .values.nodes[0].tls.peer.key
48
+
49
+data: {}
50
+...

+ 50
- 0
site/aiab/software/charts/kubernetes/etcd/etcd.yaml View File

@@ -0,0 +1,50 @@
1
+---
2
+# The purpose of this file is to build the list of k8s etcd nodes and the
3
+# k8s etcd certs for those nodes in the environment.
4
+schema: armada/Chart/v1
5
+metadata:
6
+  schema: metadata/Document/v1
7
+  name: kubernetes-etcd
8
+  layeringDefinition:
9
+    abstract: false
10
+    layer: site
11
+    parentSelector:
12
+      name: kubernetes-etcd-global
13
+    actions:
14
+      - method: merge
15
+        path: .
16
+  storagePolicy: cleartext
17
+  substitutions:
18
+    - src:
19
+        schema: pegleg/CommonAddresses/v1
20
+        name: common-addresses
21
+        path: .genesis.hostname
22
+      dest:
23
+        path: .values.nodes[0].name
24
+    - src:
25
+        schema: deckhand/Certificate/v1
26
+        name: kubernetes-etcd-genesis
27
+        path: .
28
+      dest:
29
+        path: .values.nodes[0].tls.client.cert
30
+    - src:
31
+        schema: deckhand/CertificateKey/v1
32
+        name: kubernetes-etcd-genesis
33
+        path: .
34
+      dest:
35
+        path: .values.nodes[0].tls.client.key
36
+    - src:
37
+        schema: deckhand/Certificate/v1
38
+        name: kubernetes-etcd-genesis-peer
39
+        path: .
40
+      dest:
41
+        path: .values.nodes[0].tls.peer.cert
42
+    - src:
43
+        schema: deckhand/CertificateKey/v1
44
+        name: kubernetes-etcd-genesis-peer
45
+        path: .
46
+      dest:
47
+        path: .values.nodes[0].tls.peer.key
48
+
49
+data: {}
50
+...

+ 24
- 0
site/aiab/software/charts/osh/openstack-compute-kit/libvirt.yaml View File

@@ -0,0 +1,24 @@
1
+---
2
+schema: armada/Chart/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: libvirt
6
+  replacement: true
7
+  layeringDefinition:
8
+    abstract: false
9
+    layer: site
10
+    parentSelector:
11
+      name: libvirt-global
12
+      component: libvirt
13
+    actions:
14
+      - method: merge
15
+        path: .values
16
+      - method: delete
17
+        path: .values.ceph_client
18
+  storagePolicy: cleartext
19
+data:
20
+  values:
21
+    conf:
22
+      ceph:
23
+        enabled: false
24
+...

+ 40
- 0
site/aiab/software/charts/osh/openstack-compute-kit/neutron.yaml View File

@@ -0,0 +1,40 @@
1
+---
2
+schema: armada/Chart/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: neutron
6
+  replacement: true
7
+  layeringDefinition:
8
+    abstract: false
9
+    layer: site
10
+    parentSelector:
11
+      name: neutron-global
12
+    actions:
13
+      - method: merge
14
+        path: .
15
+  storagePolicy: cleartext
16
+
17
+data:
18
+  test:
19
+    # Neutron test for virtual Airship in a bottle installation
20
+    # usually take much more time to finish than for baremetal one.
21
+    timeout: 2700
22
+
23
+  values:
24
+    conf:
25
+      neutron:
26
+        DEFAULT:
27
+          l3_ha: False
28
+          max_l3_agents_per_router: 1
29
+          dhcp_agents_per_network: 1
30
+
31
+      plugins:
32
+        ml2_conf:
33
+          ml2_type_vlan:
34
+            network_vlan_ranges: null
35
+        openvswitch_agent:
36
+          ovs:
37
+            bridge_mappings: public:br-ex
38
+        linuxbridge_agent:
39
+          linux_bridge:
40
+            bridge_mappings: public:br-ex

+ 27
- 0
site/aiab/software/charts/osh/openstack-compute-kit/nova.yaml View File

@@ -0,0 +1,27 @@
1
+---
2
+schema: armada/Chart/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: nova
6
+  replacement: true
7
+  layeringDefinition:
8
+    abstract: false
9
+    layer: site
10
+    parentSelector:
11
+      name: nova-type
12
+    actions:
13
+      - method: merge
14
+        path: .values.conf
15
+      - method: delete
16
+        path: .values.ceph_client
17
+  storagePolicy: cleartext
18
+data:
19
+  values:
20
+    conf:
21
+      ceph:
22
+        enabled: false
23
+      nova:
24
+        libvirt:
25
+          virt_type: qemu
26
+          cpu_mode: host-model
27
+...

+ 24
- 0
site/aiab/software/charts/osh/openstack-glance/glance.yaml View File

@@ -0,0 +1,24 @@
1
+---
2
+schema: armada/Chart/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: glance
6
+  replacement: true
7
+  layeringDefinition:
8
+    abstract: false
9
+    layer: site
10
+    parentSelector:
11
+      name: glance-global
12
+    actions:
13
+      - method: merge
14
+        path: .
15
+  storagePolicy: cleartext
16
+
17
+data:
18
+  values:
19
+    pod:
20
+      replicas:
21
+        api: 1
22
+        registry: 1
23
+    storage: pvc
24
+...

+ 21
- 0
site/aiab/software/charts/osh/openstack-heat/heat.yaml View File

@@ -0,0 +1,21 @@
1
+---
2
+schema: armada/Chart/v1
3
+metadata:
4
+  schema: metadata/Document/v1
5
+  name: heat
6
+  replacement: true
7
+  layeringDefinition:
8
+    abstract: false
9
+    layer: site
10
+    parentSelector:
11
+      name: heat-global
12
+    actions:
13
+      - method: merge
14
+        path: .
15
+  storagePolicy: cleartext
16
+
17
+data:
18
+  test:
19
+    # Heat test for virtual Airship in a bottle installation
20
+    # usually takes much more time to finish than for baremetal one.
21
+    timeout: 1200

+ 0
- 0
site/aiab/software/charts/ucp/divingbell.yaml View File


Some files were not shown because too many files changed in this diff

Loading…
Cancel
Save