Browse Source

Add Airship-in-a-Bottle site manifests and scripts

Note: all scripts in tools/deployment/aiab directory have been
moved into this repository as is (except a few changes to make
them work), they require a heavy refactoring that will be done
in separate patch-sets.

* Add a virtual single node manifests that are based on a sloop type.
* Use NFS provisioner instead of Ceph.
* Update tools/openstack to be non-seaworthy specific, use a default
  region name and auth url.
* Make type/sloop/config/common-software-config.yaml to be site specific,
  to allow to configure custom region_name.
* Remove max-pods-per-cpu parameter for kubelet, treasuremap needs
  to support a diverse set of environments, without constraints
  on the number of available cores. Max pods configuration parameter
  is still present and helps to mitigate problems when kubernetes
  unexpectedly starts a large number of pods.

Change-Id: I379a50d810b91b989f039dbb7c691f5ceec0cc67
changes/00/656900/28
Evgeny L 3 years ago
committed by Evgeniy L
parent
commit
c88eb575b8
  1. 1
      global/software/config/Kubelet.yaml
  2. 41
      site/aiab/deployment/deployment-configuration.yaml
  3. 24
      site/aiab/deployment/dev-configurables.yaml
  4. 35
      site/aiab/manifests/bootstrap.yaml
  5. 127
      site/aiab/networks/common-addresses.yaml
  6. 183
      site/aiab/pki/pki-catalog.yaml
  7. 43
      site/aiab/profiles/genesis.yaml
  8. 12
      site/aiab/secrets/passphrases/ceph_fsid.yaml
  9. 11
      site/aiab/secrets/passphrases/ceph_swift_keystone_password.yaml
  10. 13
      site/aiab/secrets/passphrases/ipmi_admin_password.yaml
  11. 12
      site/aiab/secrets/passphrases/maas-region-key.yaml
  12. 11
      site/aiab/secrets/passphrases/osh_barbican_oslo_db_password.yaml
  13. 11
      site/aiab/secrets/passphrases/osh_barbican_oslo_messaging_admin_password.yaml
  14. 11
      site/aiab/secrets/passphrases/osh_barbican_oslo_messaging_password.yaml
  15. 11
      site/aiab/secrets/passphrases/osh_barbican_password.yaml
  16. 11
      site/aiab/secrets/passphrases/osh_barbican_rabbitmq_erlang_cookie.yaml
  17. 11
      site/aiab/secrets/passphrases/osh_cinder_oslo_db_password.yaml
  18. 11
      site/aiab/secrets/passphrases/osh_cinder_oslo_messaging_admin_password.yaml
  19. 11
      site/aiab/secrets/passphrases/osh_cinder_oslo_messaging_password.yaml
  20. 11
      site/aiab/secrets/passphrases/osh_cinder_password.yaml
  21. 11
      site/aiab/secrets/passphrases/osh_cinder_rabbitmq_erlang_cookie.yaml
  22. 11
      site/aiab/secrets/passphrases/osh_glance_oslo_db_password.yaml
  23. 11
      site/aiab/secrets/passphrases/osh_glance_oslo_messaging_admin_password.yaml
  24. 11
      site/aiab/secrets/passphrases/osh_glance_oslo_messaging_password.yaml
  25. 11
      site/aiab/secrets/passphrases/osh_glance_password.yaml
  26. 11
      site/aiab/secrets/passphrases/osh_glance_rabbitmq_erlang_cookie.yaml
  27. 11
      site/aiab/secrets/passphrases/osh_heat_oslo_db_password.yaml
  28. 11
      site/aiab/secrets/passphrases/osh_heat_oslo_messaging_admin_password.yaml
  29. 11
      site/aiab/secrets/passphrases/osh_heat_oslo_messaging_password.yaml
  30. 11
      site/aiab/secrets/passphrases/osh_heat_password.yaml
  31. 11
      site/aiab/secrets/passphrases/osh_heat_rabbitmq_erlang_cookie.yaml
  32. 11
      site/aiab/secrets/passphrases/osh_heat_stack_user_password.yaml
  33. 11
      site/aiab/secrets/passphrases/osh_heat_trustee_password.yaml
  34. 11
      site/aiab/secrets/passphrases/osh_horizon_oslo_db_password.yaml
  35. 11
      site/aiab/secrets/passphrases/osh_infra_elasticsearch_admin_password.yaml
  36. 11
      site/aiab/secrets/passphrases/osh_infra_grafana_admin_password.yaml
  37. 11
      site/aiab/secrets/passphrases/osh_infra_grafana_oslo_db_password.yaml
  38. 11
      site/aiab/secrets/passphrases/osh_infra_grafana_oslo_db_session_password.yaml
  39. 11
      site/aiab/secrets/passphrases/osh_infra_nagios_admin_password.yaml
  40. 11
      site/aiab/secrets/passphrases/osh_infra_openstack_exporter_password.yaml
  41. 11
      site/aiab/secrets/passphrases/osh_infra_oslo_db_admin_password.yaml
  42. 11
      site/aiab/secrets/passphrases/osh_infra_oslo_db_exporter_password.yaml
  43. 11
      site/aiab/secrets/passphrases/osh_infra_prometheus_admin_password.yaml
  44. 11
      site/aiab/secrets/passphrases/osh_infra_rgw_s3_admin_access_key.yaml
  45. 11
      site/aiab/secrets/passphrases/osh_infra_rgw_s3_admin_secret_key.yaml
  46. 11
      site/aiab/secrets/passphrases/osh_infra_rgw_s3_elasticsearch_access_key.yaml
  47. 11
      site/aiab/secrets/passphrases/osh_infra_rgw_s3_elasticsearch_secret_key.yaml
  48. 11
      site/aiab/secrets/passphrases/osh_keystone_admin_password.yaml
  49. 11
      site/aiab/secrets/passphrases/osh_keystone_ldap_password.yaml
  50. 11
      site/aiab/secrets/passphrases/osh_keystone_oslo_db_password.yaml
  51. 11
      site/aiab/secrets/passphrases/osh_keystone_oslo_messaging_admin_password.yaml
  52. 11
      site/aiab/secrets/passphrases/osh_keystone_oslo_messaging_password.yaml
  53. 11
      site/aiab/secrets/passphrases/osh_keystone_rabbitmq_erlang_cookie.yaml
  54. 11
      site/aiab/secrets/passphrases/osh_neutron_oslo_db_password.yaml
  55. 11
      site/aiab/secrets/passphrases/osh_neutron_oslo_messaging_admin_password.yaml
  56. 11
      site/aiab/secrets/passphrases/osh_neutron_oslo_messaging_password.yaml
  57. 11
      site/aiab/secrets/passphrases/osh_neutron_password.yaml
  58. 11
      site/aiab/secrets/passphrases/osh_neutron_rabbitmq_erlang_cookie.yaml
  59. 11
      site/aiab/secrets/passphrases/osh_nova_metadata_proxy_shared_secret.yaml
  60. 11
      site/aiab/secrets/passphrases/osh_nova_oslo_db_password.yaml
  61. 11
      site/aiab/secrets/passphrases/osh_nova_oslo_messaging_admin_password.yaml
  62. 11
      site/aiab/secrets/passphrases/osh_nova_oslo_messaging_password.yaml
  63. 11
      site/aiab/secrets/passphrases/osh_nova_password.yaml
  64. 11
      site/aiab/secrets/passphrases/osh_nova_rabbitmq_erlang_cookie.yaml
  65. 11
      site/aiab/secrets/passphrases/osh_oslo_cache_secret_key.yaml
  66. 11
      site/aiab/secrets/passphrases/osh_oslo_db_admin_password.yaml
  67. 11
      site/aiab/secrets/passphrases/osh_oslo_db_exporter_password.yaml
  68. 11
      site/aiab/secrets/passphrases/osh_placement_password.yaml
  69. 11
      site/aiab/secrets/passphrases/osh_tempest_password.yaml
  70. 12
      site/aiab/secrets/passphrases/tenant_ceph_fsid.yaml
  71. 11
      site/aiab/secrets/passphrases/ucp_airflow_oslo_messaging_password.yaml
  72. 11
      site/aiab/secrets/passphrases/ucp_airflow_postgres_password.yaml
  73. 11
      site/aiab/secrets/passphrases/ucp_armada_keystone_password.yaml
  74. 11
      site/aiab/secrets/passphrases/ucp_barbican_keystone_password.yaml
  75. 11
      site/aiab/secrets/passphrases/ucp_barbican_oslo_db_password.yaml
  76. 11
      site/aiab/secrets/passphrases/ucp_deckhand_keystone_password.yaml
  77. 11
      site/aiab/secrets/passphrases/ucp_deckhand_postgres_password.yaml
  78. 11
      site/aiab/secrets/passphrases/ucp_drydock_keystone_password.yaml
  79. 11
      site/aiab/secrets/passphrases/ucp_drydock_postgres_password.yaml
  80. 11
      site/aiab/secrets/passphrases/ucp_keystone_admin_password.yaml
  81. 11
      site/aiab/secrets/passphrases/ucp_keystone_oslo_db_password.yaml
  82. 11
      site/aiab/secrets/passphrases/ucp_maas_admin_password.yaml
  83. 11
      site/aiab/secrets/passphrases/ucp_maas_postgres_password.yaml
  84. 11
      site/aiab/secrets/passphrases/ucp_openstack_exporter_keystone_password.yaml
  85. 11
      site/aiab/secrets/passphrases/ucp_oslo_db_admin_password.yaml
  86. 11
      site/aiab/secrets/passphrases/ucp_oslo_messaging_password.yaml
  87. 11
      site/aiab/secrets/passphrases/ucp_postgres_admin_password.yaml
  88. 11
      site/aiab/secrets/passphrases/ucp_promenade_keystone_password.yaml
  89. 11
      site/aiab/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml
  90. 11
      site/aiab/secrets/passphrases/ucp_shipyard_keystone_password.yaml
  91. 11
      site/aiab/secrets/passphrases/ucp_shipyard_postgres_password.yaml
  92. 15
      site/aiab/site-definition.yaml
  93. 50
      site/aiab/software/charts/kubernetes/container-networking/etcd.yaml
  94. 50
      site/aiab/software/charts/kubernetes/etcd/etcd.yaml
  95. 24
      site/aiab/software/charts/osh/openstack-compute-kit/libvirt.yaml
  96. 40
      site/aiab/software/charts/osh/openstack-compute-kit/neutron.yaml
  97. 27
      site/aiab/software/charts/osh/openstack-compute-kit/nova.yaml
  98. 24
      site/aiab/software/charts/osh/openstack-glance/glance.yaml
  99. 21
      site/aiab/software/charts/osh/openstack-heat/heat.yaml
  100. 29
      site/aiab/software/charts/ucp/divingbell.yaml

1
global/software/config/Kubelet.yaml

@ -29,7 +29,6 @@ data:
- --network-plugin=cni
- --node-status-update-frequency=5s
- --max-pods=200
- --pods-per-core=10
- --kube-api-burst=40
- --kube-api-qps=20
- --seccomp-profile-root=SECCOMP_PROFILE_ROOT

41
site/aiab/deployment/deployment-configuration.yaml

@ -0,0 +1,41 @@
---
# The purpose of this file is to provide shipyard related deployment config
# parameters. This should not require modification for a new site. However,
# shipyard deployment strategies can be very useful in getting around certain
# failures, like misbehaving nodes that hold up the deployment. See more at
# https://opendev.org/airship/shipyard/src/branch/master/doc/source/site-definition-documents.rst#using-a-deployment-strategy
schema: shipyard/DeploymentConfiguration/v1
metadata:
schema: metadata/Document/v1
name: deployment-configuration
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data:
physical_provisioner:
deployment_strategy: deployment-strategy
deploy_interval: 30
deploy_timeout: 3600
destroy_interval: 30
destroy_timeout: 900
join_wait: 0
prepare_node_interval: 30
prepare_node_timeout: 1800
prepare_site_interval: 10
prepare_site_timeout: 300
verify_interval: 10
verify_timeout: 60
kubernetes_provisioner:
drain_timeout: 3600
drain_grace_period: 1800
clear_labels_timeout: 1800
remove_etcd_timeout: 1800
etcd_ready_timeout: 600
armada:
get_releases_timeout: 300
get_status_timeout: 300
manifest: 'full-site-aiab'
post_apply_timeout: 7200
validate_design_timeout: 600
...

24
site/aiab/deployment/dev-configurables.yaml

@ -0,0 +1,24 @@
---
# These parameters are environment specific, they are
# overridden with scripts during the installation.
schema: dev/Configurables/v1
metadata:
schema: metadata/Document/v1
name: dev-configurables
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
# This is just an example of configuration parameters.
data:
# Hostname of the node.
hostname: aiab
# IP address for external network.
hostip: 10.0.2.14
# IP address range for external neetwork.
hostcidr: 10.0.2.0/24
# Name of interface.
interface: ens3
# IP address for MaaS VIP address.
maas-ingress: '192.169.1.5/32'

35
site/aiab/manifests/bootstrap.yaml

@ -0,0 +1,35 @@
---
schema: armada/Manifest/v1
metadata:
schema: metadata/Document/v1
name: cluster-bootstrap-aiab
layeringDefinition:
abstract: false
layer: site
parentSelector:
name: cluster-bootstrap-global
actions:
- method: replace
path: .chart_groups
storagePolicy: cleartext
data:
release_prefix: airship
chart_groups:
- podsecuritypolicy
- kubernetes-proxy
- kubernetes-container-networking
- kubernetes-dns
- kubernetes-etcd
- kubernetes-haproxy
- kubernetes-core
- ingress-kube-system
- osh-infra-nfs-provisioner
- ucp-core
- ucp-keystone
- ucp-divingbell
- ucp-armada
- ucp-deckhand
- ucp-drydock
- ucp-promenade
- ucp-shipyard
...

127
site/aiab/networks/common-addresses.yaml

@ -0,0 +1,127 @@
---
# The purpose of this file is to define network related paramters that are
# referenced elsewhere in the manifests for this site.
schema: pegleg/CommonAddresses/v1
metadata:
schema: metadata/Document/v1
name: common-addresses
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
substitutions:
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .interface
dest:
path: .calico.ip_autodetection_method
pattern: REPLACEME
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .hostname
dest:
path: .genesis.hostname
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .hostip
dest:
path: .genesis.ip
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .hostip
dest:
path: .bootstrap.ip
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .hostcidr
dest:
path: .storage.ceph.public_cidr
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .hostcidr
dest:
path: .storage.ceph.cluster_cidr
data:
calico:
ip_autodetection_method: 'interface=REPLACEME'
etcd:
service_ip: 10.96.232.136
dns:
cluster_domain: cluster.local
service_ip: 10.96.0.10
upstream_servers:
- 8.8.8.8
- 8.8.4.4
- 208.67.222.222
upstream_servers_joined: 8.8.8.8,8.8.4.4,208.67.222.222
genesis:
hostname: REPLACEME
ip: REPLACEME
bootstrap:
ip: REPLACEME
kubernetes:
# K8s API service IP
api_service_ip: 10.96.0.1
# etcd service IP
etcd_service_ip: 10.96.0.2
# k8s pod CIDR (network which pod traffic will traverse)
pod_cidr: 10.97.0.0/16
# k8s service CIDR (network which k8s API traffic will traverse)
service_cidr: 10.96.0.0/16
# misc k8s port settings
apiserver_port: 6443
haproxy_port: 6553
service_node_port_range: 30000-32767
# etcd port settings
etcd:
container_port: 2379
haproxy_port: 2378
proxy:
http: ""
https: ""
no_proxy: []
node_ports:
drydock_api: 30000
maas_api: 30001
maas_proxy: 31800 # hardcoded in MAAS
ntp:
servers_joined: '0.ubuntu.pool.ntp.org,1.ubuntu.pool.ntp.org,2.ubuntu.pool.ntp.org,4.ubuntu.pool.ntp.org'
# NOTE(eli): this is not needed for Airship in a bottle, this is here
# only to satisfy substitutions in globals.
storage:
ceph:
public_cidr: REPLACEME
cluster_cidr: REPLACEME
# NOTE: This is not used and is needed only to satisfy global substitutions.
ldap:
base_url: 'ldap.example.com'
url: 'ldap://ldap.example.com'
auth_path: DC=test,DC=test,DC=com?sAMAccountName?sub?memberof=CN=test,OU=Application,OU=Groups,DC=test,DC=test,DC=com
common_name: test
subdomain: test
domain: example
neutron:
tunnel_device: docker0
external_iface: docker0
openvswitch:
external_iface: docker0
...

183
site/aiab/pki/pki-catalog.yaml

@ -0,0 +1,183 @@
---
# The purpose of this file is to define the PKI certificates for the environment
#
# NOTE: When deploying a new site, this file should not be configured until
# baremetal/nodes.yaml is complete.
#
schema: promenade/PKICatalog/v1
metadata:
schema: metadata/Document/v1
name: cluster-certificates
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
substitutions:
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .hostname
dest:
path: .certificate_authorities.kubernetes.certificates[1].hosts[0]
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .hostip
dest:
path: .certificate_authorities.kubernetes.certificates[1].hosts[1]
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .hostname
dest:
path: .certificate_authorities.kubernetes.certificates[1].common_name
pattern: HOSTNAME
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .hostname
dest:
path: .certificate_authorities.kubernetes-etcd.certificates[2].hosts[0]
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .hostip
dest:
path: .certificate_authorities.kubernetes-etcd.certificates[2].hosts[1]
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .hostname
dest:
path: .certificate_authorities.kubernetes-etcd-peer.certificates[0].hosts[0]
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .hostip
dest:
path: .certificate_authorities.kubernetes-etcd-peer.certificates[0].hosts[1]
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .hostname
dest:
path: .certificate_authorities.calico-etcd.certificates[1].hosts[0]
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .hostip
dest:
path: .certificate_authorities.calico-etcd.certificates[1].hosts[1]
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .hostname
dest:
path: .certificate_authorities.calico-etcd-peer.certificates[0].hosts[0]
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .hostip
dest:
path: .certificate_authorities.calico-etcd-peer.certificates[0].hosts[1]
data:
certificate_authorities:
kubernetes:
description: CA for Kubernetes components
certificates:
- document_name: apiserver
description: Service certificate for Kubernetes apiserver
common_name: apiserver
hosts:
- localhost
- 127.0.0.1
- 10.96.0.1
kubernetes_service_names:
- kubernetes.default.svc.cluster.local
- document_name: kubelet-genesis
common_name: system:node:HOSTNAME
hosts:
- REPLACEME_HOST_NAME
- REPLACEME_HOST_IP
groups:
- system:nodes
- document_name: scheduler
description: Service certificate for Kubernetes scheduler
common_name: system:kube-scheduler
- document_name: controller-manager
description: certificate for controller-manager
common_name: system:kube-controller-manager
- document_name: admin
common_name: admin
groups:
- system:masters
- document_name: armada
common_name: armada
groups:
- system:masters
kubernetes-etcd:
description: Certificates for Kubernetes's etcd servers
certificates:
- document_name: apiserver-etcd
description: etcd client certificate for use by Kubernetes apiserver
common_name: apiserver
- document_name: kubernetes-etcd-anchor
description: anchor
common_name: anchor
- document_name: kubernetes-etcd-genesis
common_name: kubernetes-etcd-genesis
hosts:
- REPLACEME_HOST_NAME
- REPLACEME_HOST_IP
- 127.0.0.1
- localhost
- kubernetes-etcd.kube-system.svc.cluster.local
- 10.96.0.2
kubernetes-etcd-peer:
certificates:
- document_name: kubernetes-etcd-genesis-peer
common_name: kubernetes-etcd-genesis-peer
hosts:
- REPLACEME_HOST_NAME
- REPLACEME_HOST_IP
- 127.0.0.1
- localhost
- kubernetes-etcd.kube-system.svc.cluster.local
- 10.96.0.2
calico-etcd:
description: Certificates for Calico etcd client traffic
certificates:
- document_name: calico-etcd-anchor
description: anchor
common_name: anchor
- document_name: calico-etcd
common_name: calico-etcd
hosts:
- REPLACEME_HOST_NAME
- REPLACEME_HOST_IP
- 127.0.0.1
- localhost
- 10.96.232.136
- document_name: calico-node
common_name: calcico-node
# End node list
calico-etcd-peer:
description: Certificates for Calico etcd clients
certificates:
# NEWSITE-CHANGEME: This list should be identical to the previous list,
# except that `-peer` has been appended to the document/common names.
- document_name: calico-etcd-peer
common_name: calico-etcd-peer
hosts:
- REPLACEME_HOST_NAME
- REPLACEME_HOST_IP
- 127.0.0.1
- localhost
- 10.96.232.136
- document_name: calico-node-peer
common_name: calcico-node-peer
keypairs:
- name: service-account
description: Service account signing key for use by Kubernetes controller-manager.
...

43
site/aiab/profiles/genesis.yaml

@ -0,0 +1,43 @@
---
# The purpose of this file is to apply proper labels to Genesis node so the
# proper services are installed and proper configuration applied. This should
# not need to be changed for a new site.
schema: promenade/Genesis/v1
metadata:
schema: metadata/Document/v1
name: genesis-site
layeringDefinition:
abstract: false
layer: site
parentSelector:
name: genesis-global
actions:
- method: merge
path: .
storagePolicy: cleartext
data:
armada:
target_manifest: cluster-bootstrap-aiab
labels:
dynamic:
- beta.kubernetes.io/fluentd-ds-ready=true
- calico-etcd=enabled
- kube-dns=enabled
- kube-ingress=enabled
- kubernetes-apiserver=enabled
- kubernetes-controller-manager=enabled
- kubernetes-etcd=enabled
- kubernetes-scheduler=enabled
- promenade-genesis=enabled
- ucp-control-plane=enabled
- maas-rack=enabled
- maas-region=enabled
- openstack-control-plane=enabled
- openvswitch=enabled
- openstack-l3-agent=enabled
- node-exporter=enabled
- fluentd=enabled
- openstack-control-plane=enabled
- openstack-nova-compute=enabled
- openstack-libvirt=kernel
...

12
site/aiab/secrets/passphrases/ceph_fsid.yaml

@ -0,0 +1,12 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ceph_fsid
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
# uuidgen
data: d52a9d00-64b9-45f0-b564-08dffe95f847
...

11
site/aiab/secrets/passphrases/ceph_swift_keystone_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ceph_swift_keystone_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

13
site/aiab/secrets/passphrases/ipmi_admin_password.yaml

@ -0,0 +1,13 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ipmi_admin_password
layeringDefinition:
abstract: false
layer: site
labels:
name: ipmi-admin-password-site
storagePolicy: cleartext
data: password123
...

12
site/aiab/secrets/passphrases/maas-region-key.yaml

@ -0,0 +1,12 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: maas-region-key
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
# openssl rand -hex 10
data: e12330cfe038735aee32
...

11
site/aiab/secrets/passphrases/osh_barbican_oslo_db_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_barbican_oslo_db_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_barbican_oslo_messaging_admin_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_barbican_oslo_messaging_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_barbican_oslo_messaging_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_barbican_oslo_messaging_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_barbican_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_barbican_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_barbican_rabbitmq_erlang_cookie.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_barbican_rabbitmq_erlang_cookie
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_cinder_oslo_db_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_cinder_oslo_db_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_cinder_oslo_messaging_admin_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_cinder_oslo_messaging_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_cinder_oslo_messaging_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_cinder_oslo_messaging_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_cinder_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_cinder_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_cinder_rabbitmq_erlang_cookie.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_cinder_rabbitmq_erlang_cookie
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_glance_oslo_db_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_glance_oslo_db_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_glance_oslo_messaging_admin_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_glance_oslo_messaging_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_glance_oslo_messaging_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_glance_oslo_messaging_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_glance_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_glance_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_glance_rabbitmq_erlang_cookie.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_glance_rabbitmq_erlang_cookie
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_heat_oslo_db_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_heat_oslo_db_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_heat_oslo_messaging_admin_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_heat_oslo_messaging_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_heat_oslo_messaging_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_heat_oslo_messaging_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_heat_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_heat_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_heat_rabbitmq_erlang_cookie.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_heat_rabbitmq_erlang_cookie
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_heat_stack_user_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_heat_stack_user_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_heat_trustee_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_heat_trustee_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_horizon_oslo_db_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_horizon_oslo_db_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_infra_elasticsearch_admin_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_infra_elasticsearch_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_infra_grafana_admin_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_infra_grafana_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_infra_grafana_oslo_db_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_infra_grafana_oslo_db_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_infra_grafana_oslo_db_session_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_infra_grafana_oslo_db_session_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_infra_nagios_admin_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_infra_nagios_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_infra_openstack_exporter_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_infra_openstack_exporter_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_infra_oslo_db_admin_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_infra_oslo_db_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_infra_oslo_db_exporter_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_infra_oslo_db_exporter_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_infra_prometheus_admin_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_infra_prometheus_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_infra_rgw_s3_admin_access_key.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_infra_rgw_s3_admin_access_key
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: admin_access_key
...

11
site/aiab/secrets/passphrases/osh_infra_rgw_s3_admin_secret_key.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_infra_rgw_s3_admin_secret_key
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: admin_secret_key
...

11
site/aiab/secrets/passphrases/osh_infra_rgw_s3_elasticsearch_access_key.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_infra_rgw_s3_elasticsearch_access_key
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: elastic_access_key
...

11
site/aiab/secrets/passphrases/osh_infra_rgw_s3_elasticsearch_secret_key.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_infra_rgw_s3_elasticsearch_secret_key
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: elastic_secret_key
...

11
site/aiab/secrets/passphrases/osh_keystone_admin_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_keystone_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_keystone_ldap_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_keystone_ldap_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_keystone_oslo_db_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_keystone_oslo_db_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_keystone_oslo_messaging_admin_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_keystone_oslo_messaging_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_keystone_oslo_messaging_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_keystone_oslo_messaging_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_keystone_rabbitmq_erlang_cookie.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_keystone_rabbitmq_erlang_cookie
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_neutron_oslo_db_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_neutron_oslo_db_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_neutron_oslo_messaging_admin_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_neutron_oslo_messaging_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_neutron_oslo_messaging_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_neutron_oslo_messaging_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_neutron_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_neutron_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_neutron_rabbitmq_erlang_cookie.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_neutron_rabbitmq_erlang_cookie
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_nova_metadata_proxy_shared_secret.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_nova_metadata_proxy_shared_secret
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_nova_oslo_db_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_nova_oslo_db_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_nova_oslo_messaging_admin_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_nova_oslo_messaging_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_nova_oslo_messaging_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_nova_oslo_messaging_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_nova_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_nova_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_nova_rabbitmq_erlang_cookie.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_nova_rabbitmq_erlang_cookie
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_oslo_cache_secret_key.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_oslo_cache_secret_key
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_oslo_db_admin_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_oslo_db_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_oslo_db_exporter_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_oslo_db_exporter_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_placement_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_placement_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_tempest_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_tempest_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

12
site/aiab/secrets/passphrases/tenant_ceph_fsid.yaml

@ -0,0 +1,12 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: tenant_ceph_fsid
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
# uuidgen
data: 9e45aa5f-9d75-4fa7-bde5-c99e4a7db7a1
...

11
site/aiab/secrets/passphrases/ucp_airflow_oslo_messaging_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_airflow_oslo_messaging_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_airflow_postgres_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_airflow_postgres_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_armada_keystone_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_armada_keystone_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_barbican_keystone_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_barbican_keystone_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_barbican_oslo_db_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_barbican_oslo_db_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_deckhand_keystone_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_deckhand_keystone_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_deckhand_postgres_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_deckhand_postgres_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_drydock_keystone_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_drydock_keystone_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_drydock_postgres_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_drydock_postgres_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_keystone_admin_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_keystone_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_keystone_oslo_db_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_keystone_oslo_db_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_maas_admin_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_maas_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_maas_postgres_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_maas_postgres_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_openstack_exporter_keystone_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_openstack_exporter_keystone_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_oslo_db_admin_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_oslo_db_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_oslo_messaging_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_oslo_messaging_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_postgres_admin_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_postgres_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_promenade_keystone_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_promenade_keystone_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_rabbitmq_erlang_cookie
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_shipyard_keystone_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_shipyard_keystone_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_shipyard_postgres_password.yaml

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_shipyard_postgres_password
layeringDefinition: