diff options
author | Sridhar K. N. Rao <sridhar.rao@spirent.com> | 2019-10-18 14:35:14 +0530 |
---|---|---|
committer | Kaspars Skels <kaspars.skels@att.com> | 2019-10-28 17:44:13 -0500 |
commit | 799182f0c40730e41253dc5c861857d219291c3b (patch) | |
tree | 5138ae74cbbffb8aaf47929d063254c0043773d5 /site/intel-pod10/software/charts | |
parent | c053e71f295dc91ee60bbdcbcf99d909923af3b0 (diff) |
Site definition for Intel Pod-10
This patch adds site definition for Intel Pod-10.
Updated publickeys of luc and trevor
Updated site-definition
Updated divingbell
Modifying common parts - FOR TESTING ONLY - Will be removed
Trying with only 1 disk (bootdisk)
Trying with 2 disks - /dev/sda as bootdisk, /dev/sdb as datadisk
Change ceph config from directory to /dev/sdb (OSD-data only)
Change ceph config from directory to /dev/sdb (OSD-Journl too)
Reduce footprint of osh-infra (reduce disk pressure)
Move ceph to site specific manifests
Fix pod10 host/hardware profiles to be site local
Fix Nova/Neutron parts to be site local
Fix glance cirros image pull
Fix type to site layer names for moved files
Rename pod10 hardware/host profiles
Move ceph fully to /dev/sdb
Disable SR-IOV configuration
Optimize disk storage for Nova VMs (use root disk or 3T)
Signed-off-by: Sridhar K. N. Rao <sridhar.rao@spirent.com>
Change-Id: I2160e56744917510d4627cefca32031904188f77
Diffstat (limited to 'site/intel-pod10/software/charts')
16 files changed, 821 insertions, 0 deletions
diff --git a/site/intel-pod10/software/charts/kubernetes/container-networking/etcd.yaml b/site/intel-pod10/software/charts/kubernetes/container-networking/etcd.yaml new file mode 100644 index 0000000..505f6c1 --- /dev/null +++ b/site/intel-pod10/software/charts/kubernetes/container-networking/etcd.yaml @@ -0,0 +1,127 @@ +--- +# The purpose of this file is to build the list of calico etcd nodes and the +# calico etcd certs for those nodes in the environment. +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: kubernetes-calico-etcd + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: kubernetes-calico-etcd-global + actions: + - method: merge + path: . + storagePolicy: cleartext + substitutions: + # Generate a list of control plane nodes (i.e. genesis node + master node + # list) on which calico etcd will run and will need certs. It is assumed + # that Airship sites will have 3 control plane nodes, so this should not need to + # change for a new site. + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .genesis.hostname + dest: + path: .values.nodes[0].name + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .masters[0].hostname + dest: + path: .values.nodes[1].name + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .masters[1].hostname + dest: + path: .values.nodes[2].name + + # Certificate substitutions for the node names assembled on the above list. + # NEWSITE-CHANGEME: Per above, the number of substitutions should not need + # to change with a standard Airship deployment. However, the names of each + # deckhand certficiate should be updated with the correct hostnames for your + # environment. The ordering is important (Genesis is index 0, then master + # nodes in the order they are specified in common-addresses). + + # Genesis hostname - pod10-node1 + - src: + schema: deckhand/Certificate/v1 + name: calico-etcd-pod10-node1 + path: . + dest: + path: .values.nodes[0].tls.client.cert + - src: + schema: deckhand/CertificateKey/v1 + name: calico-etcd-pod10-node1 + path: . + dest: + path: .values.nodes[0].tls.client.key + - src: + schema: deckhand/Certificate/v1 + name: calico-etcd-pod10-node1-peer + path: . + dest: + path: .values.nodes[0].tls.peer.cert + - src: + schema: deckhand/CertificateKey/v1 + name: calico-etcd-pod10-node1-peer + path: . + dest: + path: .values.nodes[0].tls.peer.key + + # master node 1 hostname - pod10-node2 + - src: + schema: deckhand/Certificate/v1 + name: calico-etcd-pod10-node2 + path: . + dest: + path: .values.nodes[1].tls.client.cert + - src: + schema: deckhand/CertificateKey/v1 + name: calico-etcd-pod10-node2 + path: . + dest: + path: .values.nodes[1].tls.client.key + - src: + schema: deckhand/Certificate/v1 + name: calico-etcd-pod10-node2-peer + path: . + dest: + path: .values.nodes[1].tls.peer.cert + - src: + schema: deckhand/CertificateKey/v1 + name: calico-etcd-pod10-node2-peer + path: . + dest: + path: .values.nodes[1].tls.peer.key + + # master node 2 hostname - pod10-node3 + - src: + schema: deckhand/Certificate/v1 + name: calico-etcd-pod10-node3 + path: . + dest: + path: .values.nodes[2].tls.client.cert + - src: + schema: deckhand/CertificateKey/v1 + name: calico-etcd-pod10-node3 + path: . + dest: + path: .values.nodes[2].tls.client.key + - src: + schema: deckhand/Certificate/v1 + name: calico-etcd-pod10-node3-peer + path: . + dest: + path: .values.nodes[2].tls.peer.cert + - src: + schema: deckhand/CertificateKey/v1 + name: calico-etcd-pod10-node3-peer + path: . + dest: + path: .values.nodes[2].tls.peer.key + +data: {} +... diff --git a/site/intel-pod10/software/charts/kubernetes/etcd/etcd.yaml b/site/intel-pod10/software/charts/kubernetes/etcd/etcd.yaml new file mode 100644 index 0000000..abc1498 --- /dev/null +++ b/site/intel-pod10/software/charts/kubernetes/etcd/etcd.yaml @@ -0,0 +1,131 @@ +--- +# The purpose of this file is to build the list of k8s etcd nodes and the +# k8s etcd certs for those nodes in the environment. +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: kubernetes-etcd + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: kubernetes-etcd-global + actions: + - method: merge + path: . + storagePolicy: cleartext + substitutions: + # Generate a list of control plane nodes (i.e. genesis node + master node + # list) on which k8s etcd will run and will need certs. It is assumed + # that Airship sites will have 3 control plane nodes, so this should not need to + # change for a new site. + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .genesis.hostname + dest: + path: .values.nodes[0].name + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .masters[0].hostname + dest: + path: .values.nodes[1].name + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .masters[1].hostname + dest: + path: .values.nodes[2].name + + # Certificate substitutions for the node names assembled on the above list. + # NEWSITE-CHANGEME: Per above, the number of substitutions should not need + # to change with a standard Airship deployment. However, the names of each + # deckhand certficiate should be updated with the correct hostnames for your + # environment. The ordering is important (Genesis is index 0, then master + # nodes in the order they are specified in common-addresses). + + # Genesis Exception* + # *NOTE: This is an exception in that `genesis` is not the hostname of the + # genesis node, but `genesis` is reference here in the certificate names + # because of certain Promenade assumptions that may be addressed in the + # future. Therefore `genesis` is used instead of `pod10-node1` here. + - src: + schema: deckhand/Certificate/v1 + name: kubernetes-etcd-genesis + path: . + dest: + path: .values.nodes[0].tls.client.cert + - src: + schema: deckhand/CertificateKey/v1 + name: kubernetes-etcd-genesis + path: . + dest: + path: .values.nodes[0].tls.client.key + - src: + schema: deckhand/Certificate/v1 + name: kubernetes-etcd-genesis-peer + path: . + dest: + path: .values.nodes[0].tls.peer.cert + - src: + schema: deckhand/CertificateKey/v1 + name: kubernetes-etcd-genesis-peer + path: . + dest: + path: .values.nodes[0].tls.peer.key + + # master node 1 hostname - pod10-node2 + - src: + schema: deckhand/Certificate/v1 + name: kubernetes-etcd-pod10-node2 + path: . + dest: + path: .values.nodes[1].tls.client.cert + - src: + schema: deckhand/CertificateKey/v1 + name: kubernetes-etcd-pod10-node2 + path: . + dest: + path: .values.nodes[1].tls.client.key + - src: + schema: deckhand/Certificate/v1 + name: kubernetes-etcd-pod10-node2-peer + path: . + dest: + path: .values.nodes[1].tls.peer.cert + - src: + schema: deckhand/CertificateKey/v1 + name: kubernetes-etcd-pod10-node2-peer + path: . + dest: + path: .values.nodes[1].tls.peer.key + + # master node 2 hostname - pod10-node3 + - src: + schema: deckhand/Certificate/v1 + name: kubernetes-etcd-pod10-node3 + path: . + dest: + path: .values.nodes[2].tls.client.cert + - src: + schema: deckhand/CertificateKey/v1 + name: kubernetes-etcd-pod10-node3 + path: . + dest: + path: .values.nodes[2].tls.client.key + - src: + schema: deckhand/Certificate/v1 + name: kubernetes-etcd-pod10-node3-peer + path: . + dest: + path: .values.nodes[2].tls.peer.cert + - src: + schema: deckhand/CertificateKey/v1 + name: kubernetes-etcd-pod10-node3-peer + path: $ + dest: + path: .values.nodes[2].tls.peer.key + +data: {} +... diff --git a/site/intel-pod10/software/charts/osh-infra/elasticsearch.yaml b/site/intel-pod10/software/charts/osh-infra/elasticsearch.yaml new file mode 100644 index 0000000..ef0a42e --- /dev/null +++ b/site/intel-pod10/software/charts/osh-infra/elasticsearch.yaml @@ -0,0 +1,34 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: elasticsearch + labels: + name: elasticsearch-type + layeringDefinition: + abstract: false + layer: site + parentSelector: + hosttype: elasticsearch-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + pod: + replicas: + master: 2 + data: 1 + client: 2 + storage: + requests: + storage: 20Gi + conf: + elasticsearch: + env: + java_opts: + client: "-Xms2048m -Xmx2048m" + data: "-Xms2048m -Xmx2048m" + master: "-Xms2048m -Xmx2048m" +... diff --git a/site/intel-pod10/software/charts/osh-infra/fluentbit.yaml b/site/intel-pod10/software/charts/osh-infra/fluentbit.yaml new file mode 100644 index 0000000..5d2f287 --- /dev/null +++ b/site/intel-pod10/software/charts/osh-infra/fluentbit.yaml @@ -0,0 +1,22 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: fluentbit + labels: + name: fluentbit-type + layeringDefinition: + abstract: false + layer: site + parentSelector: + hosttype: fluentbit-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + pod: + replicas: + fluentd: 1 +... diff --git a/site/intel-pod10/software/charts/osh-infra/fluentd.yaml b/site/intel-pod10/software/charts/osh-infra/fluentd.yaml new file mode 100644 index 0000000..3652a3e --- /dev/null +++ b/site/intel-pod10/software/charts/osh-infra/fluentd.yaml @@ -0,0 +1,22 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: fluentd + labels: + name: fluentd-type + layeringDefinition: + abstract: false + layer: site + parentSelector: + hosttype: fluentd-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + pod: + replicas: + fluentd: 1 +... diff --git a/site/intel-pod10/software/charts/osh-infra/grafana.yaml b/site/intel-pod10/software/charts/osh-infra/grafana.yaml new file mode 100644 index 0000000..b35614f --- /dev/null +++ b/site/intel-pod10/software/charts/osh-infra/grafana.yaml @@ -0,0 +1,23 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + replacement: true + name: grafana + labels: + name: grafana-type + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: grafana-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + pod: + replicas: + grafana: 1 +... diff --git a/site/intel-pod10/software/charts/osh-infra/ingress.yaml b/site/intel-pod10/software/charts/osh-infra/ingress.yaml new file mode 100644 index 0000000..d449881 --- /dev/null +++ b/site/intel-pod10/software/charts/osh-infra/ingress.yaml @@ -0,0 +1,24 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + replacement: true + name: osh-infra-ingress-controller + labels: + name: osh-infra-ingress-controller-type + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: osh-infra-ingress-controller-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + pod: + replicas: + ingress: 1 + error_page: 1 +... diff --git a/site/intel-pod10/software/charts/osh-infra/mariadb.yaml b/site/intel-pod10/software/charts/osh-infra/mariadb.yaml new file mode 100644 index 0000000..335d4e9 --- /dev/null +++ b/site/intel-pod10/software/charts/osh-infra/mariadb.yaml @@ -0,0 +1,24 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + replacement: true + name: osh-infra-mariadb + labels: + name: osh-infra-mariadb-type + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: osh-infra-mariadb-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + pod: + replicas: + server: 1 + ingress: 1 +... diff --git a/site/intel-pod10/software/charts/osh-infra/prometheus.yaml b/site/intel-pod10/software/charts/osh-infra/prometheus.yaml new file mode 100644 index 0000000..d00e96a --- /dev/null +++ b/site/intel-pod10/software/charts/osh-infra/prometheus.yaml @@ -0,0 +1,35 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + replacement: true + name: prometheus + labels: + name: prometheus-type + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: prometheus-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + pod: + replicas: + prometheus: 1 + resources: + enabled: true + prometheus: + limits: + memory: "4Gi" + cpu: "2000m" + requests: + memory: "2Gi" + cpu: "1000m" + storage: + requests: + storage: 20Gi +... diff --git a/site/intel-pod10/software/charts/osh/openstack-compute-kit/libvirt.yaml b/site/intel-pod10/software/charts/osh/openstack-compute-kit/libvirt.yaml new file mode 100644 index 0000000..85ec726 --- /dev/null +++ b/site/intel-pod10/software/charts/osh/openstack-compute-kit/libvirt.yaml @@ -0,0 +1,22 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: libvirt + replacement: true + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: libvirt-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + network: + backend: + - openvswitch + # - sriov +... diff --git a/site/intel-pod10/software/charts/osh/openstack-compute-kit/neutron.yaml b/site/intel-pod10/software/charts/osh/openstack-compute-kit/neutron.yaml new file mode 100644 index 0000000..38e3cd3 --- /dev/null +++ b/site/intel-pod10/software/charts/osh/openstack-compute-kit/neutron.yaml @@ -0,0 +1,72 @@ +--- +# This file defines hardware-specific settings for neutron. If you use the same +# hardware profile as this environment, you should not need to change this file. +# Otherwise, you should review the settings here and adjust for your hardware. +# In particular: +# 1. logical network interface names +# 2. physical device mappigns +# TODO: Should move to global layer and become tied to the hardware profile +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + replacement: true + name: neutron + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: neutron-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + wait: + timeout: 1800 + test: + timeout: 900 + # values: + # labels: + # sriov: + # node_selector_key: sriov + # node_selector_value: enabled + # pod: + # security_context: + # neutron_sriov_agent: + # pod: + # runAsUser: 42424 + # container: + # neutron_sriov_agent_init: + # privileged: true + # runAsUser: 0 + # readOnlyRootFilesystem: false + # neutron_sriov_agent: + # readOnlyRootFilesystem: true + # privileged: true + # network: + # interface: + # sriov: + # - device: eno4 + # num_vfs: 32 + # promisc: false + # backend: + # - openvswitch + # - sriov + # conf: + # plugins: + # ml2_conf: + # ml2: + # mechanism_drivers: l2population,openvswitch,sriovnicswitch + # ml2_type_vlan: + # ## NOTE: Must have at least 1 sriov network defined + # network_vlan_ranges: external,sriovnet1:100:4000 + # sriov_agent: + # securitygroup: + # firewall_driver: neutron.agent.firewall.NoopFirewallDriver + # sriov_nic: + # ## NOTE: Must have at least 1 sriov network to physical device + # ## mapping, otherwise sriov agent readiness check + # ## will fail. + # physical_device_mappings: sriovnet1:eno4 + # exclude_devices: "" +... diff --git a/site/intel-pod10/software/charts/osh/openstack-compute-kit/nova.yaml b/site/intel-pod10/software/charts/osh/openstack-compute-kit/nova.yaml new file mode 100644 index 0000000..e64738c --- /dev/null +++ b/site/intel-pod10/software/charts/osh/openstack-compute-kit/nova.yaml @@ -0,0 +1,46 @@ +--- +# This file defines hardware-specific settings for nova. If you use the same +# hardware profile as this environment, you should not need to change this file. +# Otherwise, you should review the settings here and adjust for your hardware. +# In particular: +# 1. vcpu_pin_set will change if the number of logical CPUs on the hardware +# changes. +# 2. pci alias / passthrough_whitelist could change if the NIC type or NIC +# slotting changes. +# TODO: Should move to global layer and become tied to the hardware profile +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: nova + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: nova-global + actions: + - method: merge + path: . + storagePolicy: cleartext + substitutions: + - src: + schema: drydock/HardwareProfile/v1 + name: intel-pod10 + path: .cpu_sets.kvm + dest: + path: .values.conf.nova.DEFAULT.vcpu_pin_set +data: + values: + network: + backend: + - openvswitch + # - sriov + conf: + nova: + filter_scheduler: + available_filters: "nova.scheduler.filters.all_filters" + enabled_filters: "RetryFilter,AvailabilityZoneFilter,RamFilter,CoreFilter,DiskFilter,ComputeFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter,AggregateInstanceExtraSpecsFilter,AggregateCoreFilter,AggregateRamFilter,AggregateMultiTenancyIsolation,JsonFilter,IoOpsFilter,AggregateDiskFilter,AllHostsFilter,IsolatedHostsFilter,AggregateImagePropertiesIsolation,PciPassthroughFilter,AggregateIoOpsFilter,NumInstancesFilter,AggregateNumInstancesFilter,MetricsFilter,SimpleCIDRAffinityFilter,AggregateTypeAffinityFilter,NUMATopologyFilter,ComputeCapabilitiesFilter,DifferentHostFilter,SameHostFilter" + pci: + alias: '{"name": "numa0", "capability_type": "pci", "product_id": "154c", "vendor_id": "8086", "device_type": "type-PCI"}' + passthrough_whitelist: | + [{"address": "0000:05:06.*", "physical_network": "sriovnet1"},{"address": "0000:05:07.*", "physical_network": "sriovnet1"},{"address": "0000:05:08.*", "physical_network": "sriovnet1"},{"address": "0000:05:09.*", "physical_network": "sriovnet1"}] +... diff --git a/site/intel-pod10/software/charts/ucp/ceph/ceph-client-update.yaml b/site/intel-pod10/software/charts/ucp/ceph/ceph-client-update.yaml new file mode 100644 index 0000000..eb921b8 --- /dev/null +++ b/site/intel-pod10/software/charts/ucp/ceph/ceph-client-update.yaml @@ -0,0 +1,26 @@ +--- +# The purpose of this file is to define environment-specific parameters for ceph +# client update +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: ucp-ceph-client-update + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: ucp-ceph-client-update-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + conf: + pool: + target: + # NEWSITE-CHANGEME: Total number of OSDs. Does not need to change if + # your HW matches this site's HW. Verify for your environment. + # 8 OSDs per node x 3 nodes = 24 + osd: 3 +... diff --git a/site/intel-pod10/software/charts/ucp/ceph/ceph-client.yaml b/site/intel-pod10/software/charts/ucp/ceph/ceph-client.yaml new file mode 100644 index 0000000..e1e8ecf --- /dev/null +++ b/site/intel-pod10/software/charts/ucp/ceph/ceph-client.yaml @@ -0,0 +1,100 @@ +--- +# The purpose of this file is to define envrionment-specific parameters for the +# ceph client +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: ucp-ceph-client + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: ucp-ceph-client-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + conf: + pool: + target: + # NEWSITE-CHANGEME: The number of OSDs per ceph node. Does not need to + # change if your deployment HW matches this site's HW. + osd: 1 + spec: + # RBD pool + - name: rbd + application: rbd + replication: 1 + percent_total_data: 40 + - name: cephfs_metadata + application: cephfs + replication: 1 + percent_total_data: 5 + - name: cephfs_data + application: cephfs + replication: 1 + percent_total_data: 10 + # RadosGW pools + - name: .rgw.root + application: rgw + replication: 1 + percent_total_data: 0.1 + - name: default.rgw.control + application: rgw + replication: 1 + percent_total_data: 0.1 + - name: default.rgw.data.root + application: rgw + replication: 1 + percent_total_data: 0.1 + - name: default.rgw.gc + application: rgw + replication: 1 + percent_total_data: 0.1 + - name: default.rgw.log + application: rgw + replication: 1 + percent_total_data: 0.1 + - name: default.rgw.intent-log + application: rgw + replication: 1 + percent_total_data: 0.1 + - name: default.rgw.meta + application: rgw + replication: 1 + percent_total_data: 0.1 + - name: default.rgw.usage + application: rgw + replication: 1 + percent_total_data: 0.1 + - name: default.rgw.users.keys + application: rgw + replication: 1 + percent_total_data: 0.1 + - name: default.rgw.users.email + application: rgw + replication: 1 + percent_total_data: 0.1 + - name: default.rgw.users.swift + application: rgw + replication: 1 + percent_total_data: 0.1 + - name: default.rgw.users.uid + application: rgw + replication: 1 + percent_total_data: 0.1 + - name: default.rgw.buckets.extra + application: rgw + replication: 1 + percent_total_data: 0.1 + - name: default.rgw.buckets.index + application: rgw + replication: 1 + percent_total_data: 3 + - name: default.rgw.buckets.data + application: rgw + replication: 1 + percent_total_data: 34.8 +... diff --git a/site/intel-pod10/software/charts/ucp/ceph/ceph-osd.yaml b/site/intel-pod10/software/charts/ucp/ceph/ceph-osd.yaml new file mode 100644 index 0000000..25297d9 --- /dev/null +++ b/site/intel-pod10/software/charts/ucp/ceph/ceph-osd.yaml @@ -0,0 +1,30 @@ +--- +# The purpose of this file is to define environment-specific parameters for +# ceph-osd +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: ucp-ceph-osd + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: ucp-ceph-osd-global + actions: + - method: replace + path: .values.conf.storage.osd + - method: merge + path: . + storagePolicy: cleartext +data: + values: + conf: + storage: + osd: + - data: + type: directory + location: /var/lib/ceph/osd/osd-one + journal: + type: directory + location: /var/lib/ceph/journal/osd-one +... diff --git a/site/intel-pod10/software/charts/ucp/divingbell/divingbell.yaml b/site/intel-pod10/software/charts/ucp/divingbell/divingbell.yaml new file mode 100644 index 0000000..c60f25c --- /dev/null +++ b/site/intel-pod10/software/charts/ucp/divingbell/divingbell.yaml @@ -0,0 +1,83 @@ +--- +# The purpose of this file is to define site-specific parameters to the +# UAM-lite portion of the divingbell chart: +# 1. User accounts to create on bare metal +# 2. SSH public key for operationg system access to the bare metal +# 3. Passwords for operating system access via iDrac/iLo console. SSH password- +# based auth is disabled. +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: ucp-divingbell + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: ucp-divingbell-global + actions: + - method: merge + path: . + labels: + name: ucp-divingbell-site + storagePolicy: cleartext + substitutions: + - dest: + path: .values.conf.uamlite.users[0].user_sshkeys[0] + src: + schema: deckhand/PublicKey/v1 + name: opnfv_ssh_public_key + path: . + - dest: + path: .values.conf.uamlite.users[1].user_sshkeys[0] + src: + schema: deckhand/PublicKey/v1 + name: sridhar_ssh_public_key + path: . + - dest: + path: .values.conf.uamlite.users[1].user_crypt_passwd + src: + schema: deckhand/Passphrase/v1 + name: sridhar_crypt_password + path: . + - dest: + path: .values.conf.uamlite.users[2].user_sshkeys[0] + src: + schema: deckhand/PublicKey/v1 + name: trevor_ssh_public_key + path: . + - dest: + path: .values.conf.uamlite.users[2].user_crypt_passwd + src: + schema: deckhand/Passphrase/v1 + name: trevor_crypt_password + path: . + - dest: + path: .values.conf.uamlite.users[3].user_sshkeys[0] + src: + schema: deckhand/PublicKey/v1 + name: luc_ssh_public_key + path: . + - dest: + path: .values.conf.uamlite.users[3].user_crypt_passwd + src: + schema: deckhand/Passphrase/v1 + name: luc_crypt_password + path: . +data: + values: + conf: + uamlite: + users: + - user_name: opnfv + user_sudo: true + user_sshkeys: [] + - user_name: sridhar + user_sudo: true + user_sshkeys: [] + - user_name: trevor + user_sudo: true + user_sshkeys: [] + - user_name: luc + user_sudo: true + user_sshkeys: [] +... |