airship/treasuremap
Code Issues Proposed changes

Add Airship-in-a-Bottle site manifests and scripts

Browse Source 
Note: all scripts in tools/deployment/aiab directory have been
moved into this repository as is (except a few changes to make
them work), they require a heavy refactoring that will be done
in separate patch-sets.

* Add a virtual single node manifests that are based on a sloop type.
* Use NFS provisioner instead of Ceph.
* Update tools/openstack to be non-seaworthy specific, use a default
  region name and auth url.
* Make type/sloop/config/common-software-config.yaml to be site specific,
  to allow to configure custom region_name.
* Remove max-pods-per-cpu parameter for kubelet, treasuremap needs
  to support a diverse set of environments, without constraints
  on the number of available cores. Max pods configuration parameter
  is still present and helps to mitigate problems when kubernetes
  unexpectedly starts a large number of pods.

Change-Id: I379a50d810b91b989f039dbb7c691f5ceec0cc67
This commit is contained in:
Evgeny L 2019-05-02 23:13:20 +00:00 committed by Evgeniy L
parent e04390f042
commit c88eb575b8
109 changed files with 2552 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
global/software/config/Kubelet.yaml
View File

@ -29,7 +29,6 @@ data:
- --network-plugin=cni
- --node-status-update-frequency=5s
- --max-pods=200
- --pods-per-core=10
- --kube-api-burst=40
- --kube-api-qps=20
- --seccomp-profile-root=SECCOMP_PROFILE_ROOT

41
site/aiab/deployment/deployment-configuration.yaml Normal file
View File

@ -0,0 +1,41 @@
---
# The purpose of this file is to provide shipyard related deployment config
# parameters. This should not require modification for a new site. However,
# shipyard deployment strategies can be very useful in getting around certain
# failures, like misbehaving nodes that hold up the deployment. See more at
# https://opendev.org/airship/shipyard/src/branch/master/doc/source/site-definition-documents.rst#using-a-deployment-strategy
schema: shipyard/DeploymentConfiguration/v1
metadata:
schema: metadata/Document/v1
name: deployment-configuration
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data:
physical_provisioner:
deployment_strategy: deployment-strategy
deploy_interval: 30
deploy_timeout: 3600
destroy_interval: 30
destroy_timeout: 900
join_wait: 0
prepare_node_interval: 30
prepare_node_timeout: 1800
prepare_site_interval: 10
prepare_site_timeout: 300
verify_interval: 10
verify_timeout: 60
kubernetes_provisioner:
drain_timeout: 3600
drain_grace_period: 1800
clear_labels_timeout: 1800
remove_etcd_timeout: 1800
etcd_ready_timeout: 600
armada:
get_releases_timeout: 300
get_status_timeout: 300
manifest: 'full-site-aiab'
post_apply_timeout: 7200
validate_design_timeout: 600
...

24
site/aiab/deployment/dev-configurables.yaml Normal file
View File

@ -0,0 +1,24 @@
---
# These parameters are environment specific, they are
# overridden with scripts during the installation.
schema: dev/Configurables/v1
metadata:
schema: metadata/Document/v1
name: dev-configurables
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
# This is just an example of configuration parameters.
data:
# Hostname of the node.
hostname: aiab
# IP address for external network.
hostip: 10.0.2.14
# IP address range for external neetwork.
hostcidr: 10.0.2.0/24
# Name of interface.
interface: ens3
# IP address for MaaS VIP address.
maas-ingress: '192.169.1.5/32'

35
site/aiab/manifests/bootstrap.yaml Normal file
View File

@ -0,0 +1,35 @@
---
schema: armada/Manifest/v1
metadata:
schema: metadata/Document/v1
name: cluster-bootstrap-aiab
layeringDefinition:
abstract: false
layer: site
parentSelector:
name: cluster-bootstrap-global
actions:
- method: replace
path: .chart_groups
storagePolicy: cleartext
data:
release_prefix: airship
chart_groups:
- podsecuritypolicy
- kubernetes-proxy
- kubernetes-container-networking
- kubernetes-dns
- kubernetes-etcd
- kubernetes-haproxy
- kubernetes-core
- ingress-kube-system
- osh-infra-nfs-provisioner
- ucp-core
- ucp-keystone
- ucp-divingbell
- ucp-armada
- ucp-deckhand
- ucp-drydock
- ucp-promenade
- ucp-shipyard
...

127
site/aiab/networks/common-addresses.yaml Normal file
View File

@ -0,0 +1,127 @@
---
# The purpose of this file is to define network related paramters that are
# referenced elsewhere in the manifests for this site.
schema: pegleg/CommonAddresses/v1
metadata:
schema: metadata/Document/v1
name: common-addresses
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
substitutions:
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .interface
dest:
path: .calico.ip_autodetection_method
pattern: REPLACEME
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .hostname
dest:
path: .genesis.hostname
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .hostip
dest:
path: .genesis.ip
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .hostip
dest:
path: .bootstrap.ip
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .hostcidr
dest:
path: .storage.ceph.public_cidr
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .hostcidr
dest:
path: .storage.ceph.cluster_cidr
data:
calico:
ip_autodetection_method: 'interface=REPLACEME'
etcd:
service_ip: 10.96.232.136
dns:
cluster_domain: cluster.local
service_ip: 10.96.0.10
upstream_servers:
- 8.8.8.8
- 8.8.4.4
- 208.67.222.222
upstream_servers_joined: 8.8.8.8,8.8.4.4,208.67.222.222
genesis:
hostname: REPLACEME
ip: REPLACEME
bootstrap:
ip: REPLACEME
kubernetes:
# K8s API service IP
api_service_ip: 10.96.0.1
# etcd service IP
etcd_service_ip: 10.96.0.2
# k8s pod CIDR (network which pod traffic will traverse)
pod_cidr: 10.97.0.0/16
# k8s service CIDR (network which k8s API traffic will traverse)
service_cidr: 10.96.0.0/16
# misc k8s port settings
apiserver_port: 6443
haproxy_port: 6553
service_node_port_range: 30000-32767
# etcd port settings
etcd:
container_port: 2379
haproxy_port: 2378
proxy:
http: ""
https: ""
no_proxy: []
node_ports:
drydock_api: 30000
maas_api: 30001
maas_proxy: 31800 # hardcoded in MAAS
ntp:
servers_joined: '0.ubuntu.pool.ntp.org,1.ubuntu.pool.ntp.org,2.ubuntu.pool.ntp.org,4.ubuntu.pool.ntp.org'
# NOTE(eli): this is not needed for Airship in a bottle, this is here
# only to satisfy substitutions in globals.
storage:
ceph:
public_cidr: REPLACEME
cluster_cidr: REPLACEME
# NOTE: This is not used and is needed only to satisfy global substitutions.
ldap:
base_url: 'ldap.example.com'
url: 'ldap://ldap.example.com'
auth_path: DC=test,DC=test,DC=com?sAMAccountName?sub?memberof=CN=test,OU=Application,OU=Groups,DC=test,DC=test,DC=com
common_name: test
subdomain: test
domain: example
neutron:
tunnel_device: docker0
external_iface: docker0
openvswitch:
external_iface: docker0
...

183
site/aiab/pki/pki-catalog.yaml Normal file
View File

@ -0,0 +1,183 @@
---
# The purpose of this file is to define the PKI certificates for the environment
#
# NOTE: When deploying a new site, this file should not be configured until
# baremetal/nodes.yaml is complete.
#
schema: promenade/PKICatalog/v1
metadata:
schema: metadata/Document/v1
name: cluster-certificates
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
substitutions:
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .hostname
dest:
path: .certificate_authorities.kubernetes.certificates[1].hosts[0]
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .hostip
dest:
path: .certificate_authorities.kubernetes.certificates[1].hosts[1]
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .hostname
dest:
path: .certificate_authorities.kubernetes.certificates[1].common_name
pattern: HOSTNAME
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .hostname
dest:
path: .certificate_authorities.kubernetes-etcd.certificates[2].hosts[0]
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .hostip
dest:
path: .certificate_authorities.kubernetes-etcd.certificates[2].hosts[1]
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .hostname
dest:
path: .certificate_authorities.kubernetes-etcd-peer.certificates[0].hosts[0]
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .hostip
dest:
path: .certificate_authorities.kubernetes-etcd-peer.certificates[0].hosts[1]
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .hostname
dest:
path: .certificate_authorities.calico-etcd.certificates[1].hosts[0]
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .hostip
dest:
path: .certificate_authorities.calico-etcd.certificates[1].hosts[1]
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .hostname
dest:
path: .certificate_authorities.calico-etcd-peer.certificates[0].hosts[0]
- src:
schema: dev/Configurables/v1
name: dev-configurables
path: .hostip
dest:
path: .certificate_authorities.calico-etcd-peer.certificates[0].hosts[1]
data:
certificate_authorities:
kubernetes:
description: CA for Kubernetes components
certificates:
- document_name: apiserver
description: Service certificate for Kubernetes apiserver
common_name: apiserver
hosts:
- localhost
- 127.0.0.1
- 10.96.0.1
kubernetes_service_names:
- kubernetes.default.svc.cluster.local
- document_name: kubelet-genesis
common_name: system:node:HOSTNAME
hosts:
- REPLACEME_HOST_NAME
- REPLACEME_HOST_IP
groups:
- system:nodes
- document_name: scheduler
description: Service certificate for Kubernetes scheduler
common_name: system:kube-scheduler
- document_name: controller-manager
description: certificate for controller-manager
common_name: system:kube-controller-manager
- document_name: admin
common_name: admin
groups:
- system:masters
- document_name: armada
common_name: armada
groups:
- system:masters
kubernetes-etcd:
description: Certificates for Kubernetes's etcd servers
certificates:
- document_name: apiserver-etcd
description: etcd client certificate for use by Kubernetes apiserver
common_name: apiserver
- document_name: kubernetes-etcd-anchor
description: anchor
common_name: anchor
- document_name: kubernetes-etcd-genesis
common_name: kubernetes-etcd-genesis
hosts:
- REPLACEME_HOST_NAME
- REPLACEME_HOST_IP
- 127.0.0.1
- localhost
- kubernetes-etcd.kube-system.svc.cluster.local
- 10.96.0.2
kubernetes-etcd-peer:
certificates:
- document_name: kubernetes-etcd-genesis-peer
common_name: kubernetes-etcd-genesis-peer
hosts:
- REPLACEME_HOST_NAME
- REPLACEME_HOST_IP
- 127.0.0.1
- localhost
- kubernetes-etcd.kube-system.svc.cluster.local
- 10.96.0.2
calico-etcd:
description: Certificates for Calico etcd client traffic
certificates:
- document_name: calico-etcd-anchor
description: anchor
common_name: anchor
- document_name: calico-etcd
common_name: calico-etcd
hosts:
- REPLACEME_HOST_NAME
- REPLACEME_HOST_IP
- 127.0.0.1
- localhost
- 10.96.232.136
- document_name: calico-node
common_name: calcico-node
# End node list
calico-etcd-peer:
description: Certificates for Calico etcd clients
certificates:
# NEWSITE-CHANGEME: This list should be identical to the previous list,
# except that `-peer` has been appended to the document/common names.
- document_name: calico-etcd-peer
common_name: calico-etcd-peer
hosts:
- REPLACEME_HOST_NAME
- REPLACEME_HOST_IP
- 127.0.0.1
- localhost
- 10.96.232.136
- document_name: calico-node-peer
common_name: calcico-node-peer
keypairs:
- name: service-account
description: Service account signing key for use by Kubernetes controller-manager.
...

43
site/aiab/profiles/genesis.yaml Normal file
View File

@ -0,0 +1,43 @@
---
# The purpose of this file is to apply proper labels to Genesis node so the
# proper services are installed and proper configuration applied. This should
# not need to be changed for a new site.
schema: promenade/Genesis/v1
metadata:
schema: metadata/Document/v1
name: genesis-site
layeringDefinition:
abstract: false
layer: site
parentSelector:
name: genesis-global
actions:
- method: merge
path: .
storagePolicy: cleartext
data:
armada:
target_manifest: cluster-bootstrap-aiab
labels:
dynamic:
- beta.kubernetes.io/fluentd-ds-ready=true
- calico-etcd=enabled
- kube-dns=enabled
- kube-ingress=enabled
- kubernetes-apiserver=enabled
- kubernetes-controller-manager=enabled
- kubernetes-etcd=enabled
- kubernetes-scheduler=enabled
- promenade-genesis=enabled
- ucp-control-plane=enabled
- maas-rack=enabled
- maas-region=enabled
- openstack-control-plane=enabled
- openvswitch=enabled
- openstack-l3-agent=enabled
- node-exporter=enabled
- fluentd=enabled
- openstack-control-plane=enabled
- openstack-nova-compute=enabled
- openstack-libvirt=kernel
...

12
site/aiab/secrets/passphrases/ceph_fsid.yaml Normal file
View File

@ -0,0 +1,12 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ceph_fsid
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
# uuidgen
data: d52a9d00-64b9-45f0-b564-08dffe95f847
...

11
site/aiab/secrets/passphrases/ceph_swift_keystone_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ceph_swift_keystone_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

13
site/aiab/secrets/passphrases/ipmi_admin_password.yaml Normal file
View File

@ -0,0 +1,13 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ipmi_admin_password
layeringDefinition:
abstract: false
layer: site
labels:
name: ipmi-admin-password-site
storagePolicy: cleartext
data: password123
...

12
site/aiab/secrets/passphrases/maas-region-key.yaml Normal file
View File

@ -0,0 +1,12 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: maas-region-key
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
# openssl rand -hex 10
data: e12330cfe038735aee32
...

11
site/aiab/secrets/passphrases/osh_barbican_oslo_db_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_barbican_oslo_db_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_barbican_oslo_messaging_admin_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_barbican_oslo_messaging_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_barbican_oslo_messaging_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_barbican_oslo_messaging_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_barbican_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_barbican_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_barbican_rabbitmq_erlang_cookie.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_barbican_rabbitmq_erlang_cookie
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_cinder_oslo_db_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_cinder_oslo_db_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_cinder_oslo_messaging_admin_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_cinder_oslo_messaging_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_cinder_oslo_messaging_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_cinder_oslo_messaging_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_cinder_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_cinder_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_cinder_rabbitmq_erlang_cookie.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_cinder_rabbitmq_erlang_cookie
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_glance_oslo_db_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_glance_oslo_db_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_glance_oslo_messaging_admin_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_glance_oslo_messaging_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_glance_oslo_messaging_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_glance_oslo_messaging_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_glance_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_glance_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_glance_rabbitmq_erlang_cookie.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_glance_rabbitmq_erlang_cookie
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_heat_oslo_db_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_heat_oslo_db_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_heat_oslo_messaging_admin_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_heat_oslo_messaging_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_heat_oslo_messaging_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_heat_oslo_messaging_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_heat_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_heat_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_heat_rabbitmq_erlang_cookie.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_heat_rabbitmq_erlang_cookie
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_heat_stack_user_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_heat_stack_user_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_heat_trustee_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_heat_trustee_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_horizon_oslo_db_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_horizon_oslo_db_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_infra_elasticsearch_admin_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_infra_elasticsearch_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_infra_grafana_admin_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_infra_grafana_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_infra_grafana_oslo_db_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_infra_grafana_oslo_db_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_infra_grafana_oslo_db_session_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_infra_grafana_oslo_db_session_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_infra_nagios_admin_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_infra_nagios_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_infra_openstack_exporter_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_infra_openstack_exporter_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_infra_oslo_db_admin_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_infra_oslo_db_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_infra_oslo_db_exporter_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_infra_oslo_db_exporter_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_infra_prometheus_admin_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_infra_prometheus_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_infra_rgw_s3_admin_access_key.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_infra_rgw_s3_admin_access_key
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: admin_access_key
...

11
site/aiab/secrets/passphrases/osh_infra_rgw_s3_admin_secret_key.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_infra_rgw_s3_admin_secret_key
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: admin_secret_key
...

11
site/aiab/secrets/passphrases/osh_infra_rgw_s3_elasticsearch_access_key.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_infra_rgw_s3_elasticsearch_access_key
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: elastic_access_key
...

11
site/aiab/secrets/passphrases/osh_infra_rgw_s3_elasticsearch_secret_key.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_infra_rgw_s3_elasticsearch_secret_key
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: elastic_secret_key
...

11
site/aiab/secrets/passphrases/osh_keystone_admin_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_keystone_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_keystone_ldap_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_keystone_ldap_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_keystone_oslo_db_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_keystone_oslo_db_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_keystone_oslo_messaging_admin_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_keystone_oslo_messaging_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_keystone_oslo_messaging_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_keystone_oslo_messaging_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_keystone_rabbitmq_erlang_cookie.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_keystone_rabbitmq_erlang_cookie
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_neutron_oslo_db_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_neutron_oslo_db_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_neutron_oslo_messaging_admin_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_neutron_oslo_messaging_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_neutron_oslo_messaging_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_neutron_oslo_messaging_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_neutron_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_neutron_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_neutron_rabbitmq_erlang_cookie.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_neutron_rabbitmq_erlang_cookie
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_nova_metadata_proxy_shared_secret.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_nova_metadata_proxy_shared_secret
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_nova_oslo_db_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_nova_oslo_db_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_nova_oslo_messaging_admin_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_nova_oslo_messaging_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_nova_oslo_messaging_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_nova_oslo_messaging_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_nova_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_nova_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_nova_rabbitmq_erlang_cookie.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_nova_rabbitmq_erlang_cookie
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_oslo_cache_secret_key.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_oslo_cache_secret_key
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_oslo_db_admin_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_oslo_db_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_oslo_db_exporter_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_oslo_db_exporter_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_placement_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_placement_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/osh_tempest_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: osh_tempest_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

12
site/aiab/secrets/passphrases/tenant_ceph_fsid.yaml Normal file
View File

@ -0,0 +1,12 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: tenant_ceph_fsid
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
# uuidgen
data: 9e45aa5f-9d75-4fa7-bde5-c99e4a7db7a1
...

11
site/aiab/secrets/passphrases/ucp_airflow_oslo_messaging_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_airflow_oslo_messaging_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_airflow_postgres_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_airflow_postgres_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_armada_keystone_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_armada_keystone_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_barbican_keystone_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_barbican_keystone_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_barbican_oslo_db_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_barbican_oslo_db_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_deckhand_keystone_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_deckhand_keystone_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_deckhand_postgres_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_deckhand_postgres_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_drydock_keystone_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_drydock_keystone_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_drydock_postgres_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_drydock_postgres_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_keystone_admin_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_keystone_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_keystone_oslo_db_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_keystone_oslo_db_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_maas_admin_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_maas_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_maas_postgres_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_maas_postgres_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_openstack_exporter_keystone_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_openstack_exporter_keystone_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_oslo_db_admin_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_oslo_db_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_oslo_messaging_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_oslo_messaging_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_postgres_admin_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_postgres_admin_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_promenade_keystone_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_promenade_keystone_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_rabbitmq_erlang_cookie
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_shipyard_keystone_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_shipyard_keystone_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

11
site/aiab/secrets/passphrases/ucp_shipyard_postgres_password.yaml Normal file
View File

@ -0,0 +1,11 @@
---
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
name: ucp_shipyard_postgres_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data: password123
...

15
site/aiab/site-definition.yaml Normal file
View File

@ -0,0 +1,15 @@
---
# High-level pegleg site definition file
schema: pegleg/SiteDefinition/v1
metadata:
schema: metadata/Document/v1
layeringDefinition:
abstract: false
layer: site
name: aiab
storagePolicy: cleartext
data:
# The type layer this site will delpoy with. Type layer is found in the
# type folder.
site_type: sloop
...

50
site/aiab/software/charts/kubernetes/container-networking/etcd.yaml Normal file
View File

@ -0,0 +1,50 @@
---
# The purpose of this file is to build the list of calico etcd nodes and the
# calico etcd certs for those nodes in the environment.
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: kubernetes-calico-etcd
layeringDefinition:
abstract: false
layer: site
parentSelector:
name: kubernetes-calico-etcd-global
actions:
- method: merge
path: .
storagePolicy: cleartext
substitutions:
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .genesis.hostname
dest:
path: .values.nodes[0].name
- src:
schema: deckhand/Certificate/v1
name: calico-etcd
path: .
dest:
path: .values.nodes[0].tls.client.cert
- src:
schema: deckhand/CertificateKey/v1
name: calico-etcd
path: .
dest:
path: .values.nodes[0].tls.client.key
- src:
schema: deckhand/Certificate/v1
name: calico-etcd-peer
path: .
dest:
path: .values.nodes[0].tls.peer.cert
- src:
schema: deckhand/CertificateKey/v1
name: calico-etcd-peer
path: .
dest:
path: .values.nodes[0].tls.peer.key
data: {}
...

50
site/aiab/software/charts/kubernetes/etcd/etcd.yaml Normal file
View File

@ -0,0 +1,50 @@
---
# The purpose of this file is to build the list of k8s etcd nodes and the
# k8s etcd certs for those nodes in the environment.
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: kubernetes-etcd
layeringDefinition:
abstract: false
layer: site
parentSelector:
name: kubernetes-etcd-global
actions:
- method: merge
path: .
storagePolicy: cleartext
substitutions:
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .genesis.hostname
dest:
path: .values.nodes[0].name
- src:
schema: deckhand/Certificate/v1
name: kubernetes-etcd-genesis
path: .
dest:
path: .values.nodes[0].tls.client.cert
- src:
schema: deckhand/CertificateKey/v1
name: kubernetes-etcd-genesis
path: .
dest:
path: .values.nodes[0].tls.client.key
- src:
schema: deckhand/Certificate/v1
name: kubernetes-etcd-genesis-peer
path: .
dest:
path: .values.nodes[0].tls.peer.cert
- src:
schema: deckhand/CertificateKey/v1
name: kubernetes-etcd-genesis-peer
path: .
dest:
path: .values.nodes[0].tls.peer.key
data: {}
...

24
site/aiab/software/charts/osh/openstack-compute-kit/libvirt.yaml Normal file
View File

@ -0,0 +1,24 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: libvirt
replacement: true
layeringDefinition:
abstract: false
layer: site
parentSelector:
name: libvirt-global
component: libvirt
actions:
- method: merge
path: .values
- method: delete
path: .values.ceph_client
storagePolicy: cleartext
data:
values:
conf:
ceph:
enabled: false
...

40
site/aiab/software/charts/osh/openstack-compute-kit/neutron.yaml Normal file
View File

@ -0,0 +1,40 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: neutron
replacement: true
layeringDefinition:
abstract: false
layer: site
parentSelector:
name: neutron-global
actions:
- method: merge
path: .
storagePolicy: cleartext
data:
test:
# Neutron test for virtual Airship in a bottle installation
# usually take much more time to finish than for baremetal one.
timeout: 2700
values:
conf:
neutron:
DEFAULT:
l3_ha: False
max_l3_agents_per_router: 1
dhcp_agents_per_network: 1
plugins:
ml2_conf:
ml2_type_vlan:
network_vlan_ranges: null
openvswitch_agent:
ovs:
bridge_mappings: public:br-ex
linuxbridge_agent:
linux_bridge:
bridge_mappings: public:br-ex

27
site/aiab/software/charts/osh/openstack-compute-kit/nova.yaml Normal file
View File

@ -0,0 +1,27 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: nova
replacement: true
layeringDefinition:
abstract: false
layer: site
parentSelector:
name: nova-type
actions:
- method: merge
path: .values.conf
- method: delete
path: .values.ceph_client
storagePolicy: cleartext
data:
values:
conf:
ceph:
enabled: false
nova:
libvirt:
virt_type: qemu
cpu_mode: host-model
...

24
site/aiab/software/charts/osh/openstack-glance/glance.yaml Normal file
View File

@ -0,0 +1,24 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: glance
replacement: true
layeringDefinition:
abstract: false
layer: site
parentSelector:
name: glance-global
actions:
- method: merge
path: .
storagePolicy: cleartext
data:
values:
pod:
replicas:
api: 1
registry: 1
storage: pvc
...

21
site/aiab/software/charts/osh/openstack-heat/heat.yaml Normal file
View File

@ -0,0 +1,21 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: heat
replacement: true
layeringDefinition:
abstract: false
layer: site
parentSelector:
name: heat-global
actions:
- method: merge
path: .
storagePolicy: cleartext
data:
test:
# Heat test for virtual Airship in a bottle installation
# usually takes much more time to finish than for baremetal one.
timeout: 1200

29
site/aiab/software/charts/ucp/divingbell.yaml Normal file
View File

@ -0,0 +1,29 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: ucp-divingbell
layeringDefinition:
abstract: false
layer: site
parentSelector:
name: ucp-divingbell-global
actions:
- method: merge
path: .
labels:
name: ucp-divingbell-site
storagePolicy: cleartext
data:
values:
manifests:
daemonset_ethtool: false
daemonset_mounts: false
daemonset_uamlite: false
daemonset_sysctl: false
daemonset_limits: false
daemonset_apt: true
daemonset_perm: false
daemonset_exec: true
daemonset_apparmor: false
...

Some files were not shown because too many files have changed in this diff Show More