diff options
| author |   Kaspars Skels <kaspars.skels@att.com> | 2019-07-15 15:27:12 -0500 |
|---|---|---|
| committer | Kaspars Skels <kaspars.skels@att.com> | 2019-08-13 10:48:32 -0500 |
| commit | d62d663a2daaf301c6ca5ae7d314e61b904af575 (patch) | |
| tree | 0b6fbd14381b1fe38e834326382784d8476e00ad /type/cntt/software | |
| parent | 6f42f8c81f7cffc41abd73f80731b73261ad35e3 (diff) | |
Initial site reference manifests for intel-pod17
This includes cntt type definition as well as site manifests.
Change-Id: I4829c80199795af0c841419b8fd19557295fe244
Signed-off-by: Kaspars Skels <kaspars.skels@att.com>
Diffstat (limited to 'type/cntt/software')
22 files changed, 2119 insertions, 0 deletions
diff --git a/type/cntt/software/charts/kubernetes/ingress/ingress.yaml b/type/cntt/software/charts/kubernetes/ingress/ingress.yaml new file mode 100644 index 0000000..be61953 --- /dev/null +++ b/type/cntt/software/charts/kubernetes/ingress/ingress.yaml @@ -0,0 +1,31 @@ +--- +# The purpose of this file is to define the environment-specific public-facing +# VIP for the ingress controller +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: ingress-kube-system + layeringDefinition: + abstract: false + layer: site + parentSelector: + ingress: kube-system + actions: + - method: merge + path: . + storagePolicy: cleartext + substitutions: + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .vip.ingress_vip + dest: + path: .values.network.vip.addr +data: + values: + network: + ingress: + disable-ipv6: "true" + vip: + manage: true +... diff --git a/type/cntt/software/charts/osh-infra/elasticsearch.yaml b/type/cntt/software/charts/osh-infra/elasticsearch.yaml new file mode 100644 index 0000000..3621e75 --- /dev/null +++ b/type/cntt/software/charts/osh-infra/elasticsearch.yaml @@ -0,0 +1,34 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: elasticsearch + labels: + name: elasticsearch-type + layeringDefinition: + abstract: false + layer: type + parentSelector: + hosttype: elasticsearch-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + pod: + replicas: + master: 2 + data: 1 + client: 2 + storage: + requests: + storage: 40Gi + conf: + elasticsearch: + env: + java_opts: + client: "-Xms2048m -Xmx2048m" + data: "-Xms2048m -Xmx2048m" + master: "-Xms2048m -Xmx2048m" +... diff --git a/type/cntt/software/charts/osh-infra/fluentbit.yaml b/type/cntt/software/charts/osh-infra/fluentbit.yaml new file mode 100644 index 0000000..1d176cd --- /dev/null +++ b/type/cntt/software/charts/osh-infra/fluentbit.yaml @@ -0,0 +1,22 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: fluentbit + labels: + name: fluentbit-type + layeringDefinition: + abstract: false + layer: type + parentSelector: + hosttype: fluentbit-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + pod: + replicas: + fluentd: 1 +... diff --git a/type/cntt/software/charts/osh-infra/fluentd.yaml b/type/cntt/software/charts/osh-infra/fluentd.yaml new file mode 100644 index 0000000..906b26d --- /dev/null +++ b/type/cntt/software/charts/osh-infra/fluentd.yaml @@ -0,0 +1,22 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: fluentd + labels: + name: fluentd-type + layeringDefinition: + abstract: false + layer: type + parentSelector: + hosttype: fluentd-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + pod: + replicas: + fluentd: 1 +... diff --git a/type/cntt/software/charts/osh-infra/grafana.yaml b/type/cntt/software/charts/osh-infra/grafana.yaml new file mode 100644 index 0000000..d12f7d2 --- /dev/null +++ b/type/cntt/software/charts/osh-infra/grafana.yaml @@ -0,0 +1,23 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + replacement: true + name: grafana + labels: + name: grafana-type + layeringDefinition: + abstract: false + layer: type + parentSelector: + name: grafana-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + pod: + replicas: + grafana: 1 +... diff --git a/type/cntt/software/charts/osh-infra/ingress.yaml b/type/cntt/software/charts/osh-infra/ingress.yaml new file mode 100644 index 0000000..96753c9 --- /dev/null +++ b/type/cntt/software/charts/osh-infra/ingress.yaml @@ -0,0 +1,24 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + replacement: true + name: osh-infra-ingress-controller + labels: + name: osh-infra-ingress-controller-type + layeringDefinition: + abstract: false + layer: type + parentSelector: + name: osh-infra-ingress-controller-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + pod: + replicas: + ingress: 1 + error_page: 1 +... diff --git a/type/cntt/software/charts/osh-infra/mariadb.yaml b/type/cntt/software/charts/osh-infra/mariadb.yaml new file mode 100644 index 0000000..ddb4424 --- /dev/null +++ b/type/cntt/software/charts/osh-infra/mariadb.yaml @@ -0,0 +1,24 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + replacement: true + name: osh-infra-mariadb + labels: + name: osh-infra-mariadb-type + layeringDefinition: + abstract: false + layer: type + parentSelector: + name: osh-infra-mariadb-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + pod: + replicas: + server: 1 + ingress: 1 +... diff --git a/type/cntt/software/charts/osh-infra/prometheus.yaml b/type/cntt/software/charts/osh-infra/prometheus.yaml new file mode 100644 index 0000000..4b02c04 --- /dev/null +++ b/type/cntt/software/charts/osh-infra/prometheus.yaml @@ -0,0 +1,35 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + replacement: true + name: prometheus + labels: + name: prometheus-type + layeringDefinition: + abstract: false + layer: type + parentSelector: + name: prometheus-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + pod: + replicas: + prometheus: 1 + resources: + enabled: true + prometheus: + limits: + memory: "4Gi" + cpu: "2000m" + requests: + memory: "2Gi" + cpu: "1000m" + storage: + requests: + storage: 50Gi +... diff --git a/type/cntt/software/charts/osh/openstack-compute-kit/neutron.yaml b/type/cntt/software/charts/osh/openstack-compute-kit/neutron.yaml new file mode 100644 index 0000000..8d47efd --- /dev/null +++ b/type/cntt/software/charts/osh/openstack-compute-kit/neutron.yaml @@ -0,0 +1,28 @@ +--- +# This file defines hardware-specific settings for neutron. If you use the same +# hardware profile as this environment, you should not need to change this file. +# Otherwise, you should review the settings here and adjust for your hardware. +# In particular: +# 1. logical network interface names +# 2. physical device mappigns +# TODO: Should move to global layer and become tied to the hardware profile +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + replacement: true + name: neutron + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: neutron-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + wait: + timeout: 1800 + test: + timeout: 900 +... diff --git a/type/cntt/software/charts/osh/openstack-compute-kit/nova.yaml b/type/cntt/software/charts/osh/openstack-compute-kit/nova.yaml new file mode 100644 index 0000000..32f94b8 --- /dev/null +++ b/type/cntt/software/charts/osh/openstack-compute-kit/nova.yaml @@ -0,0 +1,25 @@ +--- +# This file defines hardware-specific settings for nova. If you use the same +# hardware profile as this environment, you should not need to change this file. +# Otherwise, you should review the settings here and adjust for your hardware. +# In particular: +# 1. vcpu_pin_set will change if the number of logical CPUs on the hardware +# changes. +# 2. pci alias / passthrough_whitelist could change if the NIC type or NIC +# slotting changes. +# TODO: Should move to global layer and become tied to the hardware profile +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: nova + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: nova-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: {} +... diff --git a/type/cntt/software/charts/osh/openstack-heat/heat.yaml b/type/cntt/software/charts/osh/openstack-heat/heat.yaml new file mode 100644 index 0000000..de5bd51 --- /dev/null +++ b/type/cntt/software/charts/osh/openstack-heat/heat.yaml @@ -0,0 +1,21 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + replacement: true + name: heat + labels: + name: heat-type + layeringDefinition: + abstract: false + layer: type + parentSelector: + name: heat-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + test: + timeout: 600 +... diff --git a/type/cntt/software/charts/osh/openstack-tenant-ceph/ceph-client.yaml b/type/cntt/software/charts/osh/openstack-tenant-ceph/ceph-client.yaml new file mode 100644 index 0000000..3f5bfba --- /dev/null +++ b/type/cntt/software/charts/osh/openstack-tenant-ceph/ceph-client.yaml @@ -0,0 +1,23 @@ +--- +# The purpose of this file is to define envrionment-specific parameters for the +# ceph client +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: tenant-ceph-client + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: tenant-ceph-client-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + conf: + pool: + target: + osd: 3 +... diff --git a/type/cntt/software/charts/osh/openstack-tenant-ceph/ceph-osd.yaml b/type/cntt/software/charts/osh/openstack-tenant-ceph/ceph-osd.yaml new file mode 100644 index 0000000..8937fdc --- /dev/null +++ b/type/cntt/software/charts/osh/openstack-tenant-ceph/ceph-osd.yaml @@ -0,0 +1,34 @@ +--- +# The purpose of this file is to define environment-specific parameters for +# ceph-osd +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: tenant-ceph-osd + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: tenant-ceph-osd-global + actions: + - method: replace + path: .values.conf.storage.osd + - method: merge + path: . + storagePolicy: cleartext +data: + values: + labels: + osd: + node_selector_key: tenant-ceph-osd + node_selector_value: enabled + conf: + storage: + osd: + - data: + type: block-logical + location: /dev/sdb + journal: + type: directory + location: /var/lib/openstack-helm/tenant-ceph/osd/osd-sdb +... diff --git a/type/cntt/software/charts/ucp/comps/chart-group.yaml b/type/cntt/software/charts/ucp/comps/chart-group.yaml new file mode 100644 index 0000000..02236b5 --- /dev/null +++ b/type/cntt/software/charts/ucp/comps/chart-group.yaml @@ -0,0 +1,14 @@ +--- +schema: armada/ChartGroup/v1 +metadata: + schema: metadata/Document/v1 + name: ucp-drydock-scaled + layeringDefinition: + abstract: false + layer: type + storagePolicy: cleartext +data: + description: Drydock + chart_group: + - ucp-maas-scaled + - ucp-drydock diff --git a/type/cntt/software/charts/ucp/comps/drydock.yaml b/type/cntt/software/charts/ucp/comps/drydock.yaml new file mode 100644 index 0000000..1343340 --- /dev/null +++ b/type/cntt/software/charts/ucp/comps/drydock.yaml @@ -0,0 +1,25 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + replacement: true + name: ucp-drydock + labels: + name: ucp-drydock-type + layeringDefinition: + abstract: false + layer: type + parentSelector: + name: ucp-drydock-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + network: + api: + ingress: + classes: + cluster: maas-ingress +... diff --git a/type/cntt/software/charts/ucp/comps/maas-scaled.yaml b/type/cntt/software/charts/ucp/comps/maas-scaled.yaml new file mode 100644 index 0000000..531a9f3 --- /dev/null +++ b/type/cntt/software/charts/ucp/comps/maas-scaled.yaml @@ -0,0 +1,32 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: ucp-maas-scaled + layeringDefinition: + abstract: false + layer: type + parentSelector: + name: ucp-maas-global + actions: + - method: merge + path: . + storagePolicy: cleartext + substitutions: + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .vip.maas_vip + dest: + path: .values.network.maas_ingress.addr +data: + values: + network: + region_api: + node_port: + enabled: true + pod: + replicas: + region: 2 + rack: 2 +... diff --git a/type/cntt/software/charts/ucp/comps/maas.yaml b/type/cntt/software/charts/ucp/comps/maas.yaml new file mode 100644 index 0000000..d22cf55 --- /dev/null +++ b/type/cntt/software/charts/ucp/comps/maas.yaml @@ -0,0 +1,29 @@ +--- +# This file defines site-specific deviations for MaaS. +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: ucp-maas + layeringDefinition: + abstract: false + layer: type + parentSelector: + name: ucp-maas-global + actions: + - method: merge + path: . + storagePolicy: cleartext + substitutions: + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .vip.maas_vip + dest: + path: .values.network.maas_ingress.addr +data: + values: + network: + region_api: + node_port: + enabled: true +... diff --git a/type/cntt/software/charts/ucp/promenade/promenade.yaml b/type/cntt/software/charts/ucp/promenade/promenade.yaml new file mode 100644 index 0000000..e245bd9 --- /dev/null +++ b/type/cntt/software/charts/ucp/promenade/promenade.yaml @@ -0,0 +1,50 @@ +--- +# The purpose of this file is to provide site-specific parameters for the ucp- +# promenade chart. +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: ucp-promenade + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: ucp-promenade-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + pod: + env: + promenade_api: [] + # NEWSITE-CHANGEME: If your site uses an http proxy, enter it here. + # Otherwise comment out these lines. + # - name: http_proxy + # value: 'http://proxy.example.com:8080' + # NEWSITE-CHANGEME: If your site uses an https proxy, enter it here. + # Otherwise comment out these lines. + # - name: https_proxy + # value: 'http://proxy.example.com:8080' + # NEWSITE-CHANGEME: If your site uses an http/https proxy, enter the + # IPs / domain names which the proxy should not be used for (i.e. the + # cluster domain and kubernetes service_cidr defined in common-addresses) + # Otherwise comment out these lines. + # - name: no_proxy + # value: '10.96.0.1,.cluster.local' + # NEWSITE-CHANGEME: If your site uses an http proxy, enter it here. + # Otherwise comment out these lines. + # - name: HTTP_PROXY + # value: 'http://proxy.example.com:8080' + # NEWSITE-CHANGEME: If your site uses an https proxy, enter it here. + # Otherwise comment out these lines. + # - name: HTTPS_PROXY + # value: 'http://proxy.example.com:8080' + # NEWSITE-CHANGEME: If your site uses an http/https proxy, enter the + # IPs / domain names which the proxy should not be used for (i.e. the + # cluster domain and kubernetes service_cidr defined in common-addresses) + # Otherwise comment out these lines. + # - name: NO_PROXY + # value: '10.96.0.1,.cluster.local' +... diff --git a/type/cntt/software/config/endpoints.yaml b/type/cntt/software/config/endpoints.yaml new file mode 100644 index 0000000..12bc7da --- /dev/null +++ b/type/cntt/software/config/endpoints.yaml @@ -0,0 +1,1088 @@ +--- +# The purpose of this file is to define the site's endpoint catalog. This should +# not need to be modified for a new site. +# #GLOBAL-CANDIDATE# +schema: pegleg/EndpointCatalogue/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_endpoints + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext + substitutions: + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .dns.ingress_domain + dest: + - path: .ucp.identity.host_fqdn_override.public.host + pattern: DOMAIN + - path: .ucp.identity.host_fqdn_override.admin.host + pattern: DOMAIN + - path: .ucp.shipyard.host_fqdn_override.public.host + pattern: DOMAIN + - path: .ucp.physicalprovisioner.host_fqdn_override.public.host + pattern: DOMAIN + - path: .ucp.maas_region.host_fqdn_override.public.host + pattern: DOMAIN + - path: .ceph.object_store.host_fqdn_override.public.host + pattern: DOMAIN + - path: .ceph.ceph_object_store.host_fqdn_override.public.host + pattern: DOMAIN +data: + ucp: + identity: + namespace: ucp + name: keystone + hosts: + default: keystone + internal: keystone-api + host_fqdn_override: + default: null + public: + host: iam-airship.DOMAIN + admin: + host: iam-airship.DOMAIN + path: + default: /v3 + scheme: + default: "http" + internal: "http" + port: + api: + default: 80 + internal: 5000 + armada: + name: armada + hosts: + default: armada-api + public: armada + port: + api: + default: 8000 + path: + default: /api/v1.0 + scheme: + default: "http" + host_fqdn_override: + default: null + deckhand: + name: deckhand + hosts: + default: deckhand-int + public: deckhand-api + port: + api: + default: 9000 + path: + default: /api/v1.0 + scheme: + default: "http" + host_fqdn_override: + default: null + postgresql: + name: postgresql + hosts: + default: postgresql + path: /DB_NAME + scheme: postgresql+psycopg2 + port: + postgresql: + default: 5432 + host_fqdn_override: + default: null + postgresql_airflow_celery: + name: postgresql_airflow_celery_db + hosts: + default: postgresql + path: /DB_NAME + scheme: db+postgresql + port: + postgresql: + default: 5432 + host_fqdn_override: + default: null + oslo_db: + hosts: + default: mariadb + discovery: mariadb-discovery + host_fqdn_override: + default: null + path: /DB_NAME + scheme: mysql+pymysql + port: + mysql: + default: 3306 + wsrep: + default: 4567 + key_manager: + name: barbican + hosts: + default: barbican-api + public: barbican + host_fqdn_override: + default: null + path: + default: /v1 + scheme: + default: "http" + port: + api: + default: 9311 + public: 80 + airflow_oslo_messaging: + namespace: null + hosts: + default: rabbitmq + host_fqdn_override: + default: null + path: /airflow + scheme: amqp + port: + amqp: + default: 5672 + http: + default: 15672 + oslo_messaging: + namespace: null + statefulset: + name: airship-ucp-rabbitmq-rabbitmq + hosts: + default: rabbitmq + host_fqdn_override: + default: null + path: /keystone + scheme: rabbit + port: + amqp: + default: 5672 + oslo_cache: + hosts: + default: memcached + host_fqdn_override: + default: null + port: + memcache: + default: 11211 + physicalprovisioner: + name: drydock + hosts: + default: drydock-api + port: + api: + default: 9000 + nodeport: 31900 + public: 80 + path: + default: /api/v1.0 + scheme: + default: "http" + public: "http" + host_fqdn_override: + default: null + public: + host: drydock-airship.DOMAIN + maas_region: + name: maas-region + hosts: + default: maas-region + public: maas + path: + default: /MAAS + scheme: + default: "http" + port: + region_api: + default: 80 + nodeport: 31900 + podport: 80 + public: 80 + region_proxy: + default: 8000 + host_fqdn_override: + default: null + public: + host: maas-airship.DOMAIN + maas_ingress: + hosts: + default: maas-ingress + error_pages: maas-ingress-error + host_fqdn_override: + public: null + port: + http: + default: 80 + https: + default: 443 + ingress_default_server: + default: 8383 + error_pages: + default: 8080 + podport: 8080 + healthz: + podport: 10259 + status: + podport: 18089 + kubernetesprovisioner: + name: promenade + hosts: + default: promenade-api + port: + api: + default: 80 + path: + default: /api/v1.0 + scheme: + default: "http" + host_fqdn_override: + default: null + shipyard: + name: shipyard + hosts: + default: shipyard-int + public: shipyard-api + port: + api: + default: 9000 + public: 80 + path: + default: /api/v1.0 + scheme: + default: "http" + public: "http" + host_fqdn_override: + default: null + public: + host: shipyard-airship.DOMAIN + prometheus_openstack_exporter: + namespace: ucp + hosts: + default: openstack-metrics + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + exporter: + default: 9103 + ceph: + object_store: + name: swift + namespace: ceph + hosts: + default: ceph-rgw + public: radosgw + host_fqdn_override: + default: null + public: + host: object-store-airship.DOMAIN + path: + default: /swift/v1 + scheme: + default: "http" + public: "http" + port: + api: + default: 8088 + public: 80 + ceph_object_store: + name: radosgw + namespace: ceph + hosts: + default: ceph-rgw + public: radosgw + host_fqdn_override: + default: null + public: + host: object-store-airship.DOMAIN + path: + default: /auth/v1.0 + scheme: + default: "http" + public: "http" + port: + api: + default: 8088 + public: 80 + ceph_mon: + namespace: ceph + hosts: + default: ceph-mon + discovery: ceph-mon-discovery + host_fqdn_override: + default: null + port: + mon: + default: 6789 + ceph_mgr: + namespace: ceph + hosts: + default: ceph-mgr + host_fqdn_override: + default: null + port: + mgr: + default: 7000 + scheme: + default: "http" + tenant_ceph_mon: + namespace: tenant-ceph + hosts: + default: ceph-mon + discovery: ceph-mon-discovery + host_fqdn_override: + default: null + port: + mon: + default: 6790 + tenant_ceph_mgr: + namespace: tenant-ceph + hosts: + default: ceph-mgr + host_fqdn_override: + default: null + port: + mgr: + default: 7001 + metrics: + default: 9284 + scheme: + default: http +... +--- +schema: pegleg/EndpointCatalogue/v1 +metadata: + schema: metadata/Document/v1 + name: osh_endpoints + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext + substitutions: + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .dns.ingress_domain + dest: + - path: .osh.object_store.host_fqdn_override.public.host + pattern: DOMAIN + - path: .osh.ceph_object_store.host_fqdn_override.public.host + pattern: DOMAIN + - path: .osh.image.host_fqdn_override.public.host + pattern: DOMAIN + - path: .osh.cloudformation.host_fqdn_override.public.host + pattern: DOMAIN + - path: .osh.orchestration.host_fqdn_override.public.host + pattern: DOMAIN + - path: .osh.compute.host_fqdn_override.public.host + pattern: DOMAIN + - path: .osh.compute_novnc_proxy.host_fqdn_override.public.host + pattern: DOMAIN + - path: .osh.placement.host_fqdn_override.public.host + pattern: DOMAIN + - path: .osh.network.host_fqdn_override.public.host + pattern: DOMAIN + - path: .osh.identity.host_fqdn_override.public.host + pattern: DOMAIN + - path: .osh.identity.host_fqdn_override.admin.host + pattern: DOMAIN + - path: .osh.dashboard.host_fqdn_override.public.host + pattern: DOMAIN + - path: .osh.volume.host_fqdn_override.public.host + pattern: DOMAIN + - path: .osh.volumev2.host_fqdn_override.public.host + pattern: DOMAIN + - path: .osh.volumev3.host_fqdn_override.public.host + pattern: DOMAIN +data: + osh: + object_store: + name: swift + namespace: openstack + hosts: + default: ceph-rgw + public: radosgw + host_fqdn_override: + default: null + public: + host: object-store-airship.DOMAIN + path: + default: /swift/v1/KEY_$(tenant_id)s + scheme: + default: "http" + public: "http" + port: + api: + default: 8088 + public: 80 + ceph_object_store: + name: radosgw + namespace: openstack + hosts: + default: ceph-rgw + public: radosgw + host_fqdn_override: + default: null + public: + host: object-store-airship.DOMAIN + path: + default: /auth/v1.0 + scheme: + default: "http" + public: "http" + port: + api: + default: 8088 + public: 80 + oslo_db: + hosts: + default: mariadb + discovery: mariadb-discovery + host_fqdn_override: + default: null + path: /DB_NAME + scheme: mysql+pymysql + port: + mysql: + default: 3306 + wsrep: + default: 4567 + prometheus_mysql_exporter: + namespace: openstack + hosts: + default: mysql-exporter + host_fqdn_override: + default: null + path: + default: /metrics + scheme: + default: 'http' + port: + metrics: + default: 9104 + oslo_messaging: + statefulset: + name: airship-openstack-rabbitmq-rabbitmq + namespace: openstack + hosts: + default: openstack-rabbitmq + host_fqdn_override: + default: null + path: /VHOST_NAME + scheme: rabbit + port: + amqp: + default: 5672 + http: + default: 15672 + openstack_rabbitmq_exporter: + namespace: openstack + hosts: + default: openstack-rabbitmq-exporter + host_fqdn_override: + default: null + path: + default: /metrics + scheme: + default: "http" + port: + metrics: + default: 9095 + oslo_cache: + namespace: openstack + hosts: + default: memcached + host_fqdn_override: + default: null + port: + memcache: + default: 11211 + identity: + namespace: openstack + name: keystone + hosts: + default: keystone + internal: keystone-api + host_fqdn_override: + default: null + public: + host: identity-airship.DOMAIN + admin: + host: identity-airship.DOMAIN + path: + default: /v3 + scheme: + default: "http" + internal: "http" + port: + api: + default: 80 + internal: 5000 + image: + name: glance + hosts: + default: glance-api + public: glance + host_fqdn_override: + default: null + public: + host: image-airship.DOMAIN + path: + default: null + scheme: + default: "http" + public: "http" + port: + api: + default: 9292 + public: 80 + image_registry: + name: glance-registry + hosts: + default: glance-registry + public: glance-reg + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + api: + default: 9191 + public: 80 + volume: + name: cinder + hosts: + default: cinder-api + public: cinder + host_fqdn_override: + default: null + public: + host: volume-airship.DOMAIN + path: + default: "/v1/%(tenant_id)s" + scheme: + default: "http" + public: "http" + port: + api: + default: 8776 + public: 80 + volumev2: + name: cinderv2 + hosts: + default: cinder-api + public: cinder + host_fqdn_override: + default: null + public: + host: volume-airship.DOMAIN + path: + default: "/v2/%(tenant_id)s" + scheme: + default: "http" + public: "http" + port: + api: + default: 8776 + public: 80 + volumev3: + name: cinderv3 + hosts: + default: cinder-api + public: cinder + host_fqdn_override: + default: null + public: + host: volume-airship.DOMAIN + path: + default: "/v3/%(tenant_id)s" + scheme: + default: "http" + public: "http" + port: + api: + default: 8776 + public: 80 + orchestration: + name: heat + hosts: + default: heat-api + public: heat + host_fqdn_override: + default: null + public: + host: orchestration-airship.DOMAIN + path: + default: "/v1/%(project_id)s" + scheme: + default: "http" + public: "http" + port: + api: + default: 8004 + public: 80 + cloudformation: + name: heat-cfn + hosts: + default: heat-cfn + public: cloudformation + host_fqdn_override: + default: null + public: + host: cloudformation-airship.DOMAIN + path: + default: /v1 + scheme: + default: "http" + public: "http" + port: + api: + default: 8000 + public: 80 + cloudwatch: + name: heat-cloudwatch + hosts: + default: heat-cloudwatch + public: cloudwatch + host_fqdn_override: + default: null + path: + default: null + type: null + scheme: + default: "http" + port: + api: + default: 8003 + public: 80 + network: + name: neutron + hosts: + default: neutron-server + public: neutron + host_fqdn_override: + default: null + public: + host: network-airship.DOMAIN + path: + default: null + scheme: + default: "http" + public: "http" + port: + api: + default: 9696 + public: 80 + compute: + name: nova + hosts: + default: nova-api + public: nova + host_fqdn_override: + default: null + public: + host: compute-airship.DOMAIN + path: + default: "/v2/%(tenant_id)s" + scheme: + default: "http" + public: "http" + port: + api: + default: 8774 + public: 80 + novncproxy: + default: 80 + compute_metadata: + name: nova + hosts: + default: nova-metadata + public: metadata + host_fqdn_override: + default: null + path: + default: / + scheme: + default: "http" + port: + metadata: + default: 8775 + public: 80 + compute_novnc_proxy: + name: nova + hosts: + default: nova-novncproxy + public: novncproxy + host_fqdn_override: + default: null + public: + host: nova-novncproxy-airship.DOMAIN + path: + default: /vnc_auto.html + scheme: + default: "http" + public: "http" + port: + novnc_proxy: + default: 6080 + public: 80 + compute_spice_proxy: + name: nova + hosts: + default: nova-spiceproxy + host_fqdn_override: + default: null + path: + default: /spice_auto.html + scheme: + default: "http" + port: + spice_proxy: + default: 6082 + placement: + name: placement + hosts: + default: placement-api + public: placement + host_fqdn_override: + default: null + public: + host: placement-airship.DOMAIN + path: + default: / + scheme: + default: "http" + public: "http" + port: + api: + default: 8778 + public: 80 + dashboard: + name: horizon + hosts: + default: horizon-int + public: horizon + host_fqdn_override: + default: null + public: + host: dashboard-airship.DOMAIN + path: + default: null + scheme: + default: "http" + public: "http" + port: + web: + default: 80 + public: 80 +... +--- +schema: pegleg/EndpointCatalogue/v1 +metadata: + schema: metadata/Document/v1 + name: osh_infra_endpoints + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext + substitutions: + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .dns.ingress_domain + dest: + - path: .osh_infra.kibana.host_fqdn_override.public.host + pattern: DOMAIN + - path: .osh_infra.grafana.host_fqdn_override.public.host + pattern: DOMAIN + - path: .osh_infra.nagios.host_fqdn_override.public.host + pattern: DOMAIN + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .ldap.base_url + dest: + path: .osh_infra.ldap.host_fqdn_override.public.host + pattern: DOMAIN + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .ldap.auth_path + dest: + path: .osh_infra.ldap.path.default + pattern: AUTH_PATH +data: + osh_infra: + ceph_object_store: + name: radosgw + namespace: osh-infra + hosts: + default: ceph-rgw + public: radosgw + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + api: + default: 8088 + public: 80 + elasticsearch: + name: elasticsearch + namespace: osh-infra + hosts: + data: elasticsearch-data + default: elasticsearch-logging + discovery: elasticsearch-discovery + public: elasticsearch + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + prometheus_elasticsearch_exporter: + namespace: null + hosts: + default: elasticsearch-exporter + host_fqdn_override: + default: null + path: + default: /metrics + scheme: + default: "http" + port: + metrics: + default: 9108 + fluentd: + namespace: osh-infra + name: fluentd + hosts: + default: fluentd-logging + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + service: + default: 24224 + metrics: + default: 24220 + prometheus_fluentd_exporter: + namespace: osh-infra + hosts: + default: fluentd-exporter + host_fqdn_override: + default: null + path: + default: /metrics + scheme: + default: "http" + port: + metrics: + default: 9309 + oslo_db: + namespace: osh-infra + hosts: + default: mariadb + host_fqdn_override: + default: null + path: /DB_NAME + scheme: mysql+pymysql + port: + mysql: + default: 3306 + prometheus_mysql_exporter: + namespace: osh-infra + hosts: + default: mysql-exporter + host_fqdn_override: + default: null + path: + default: /metrics + scheme: + default: 'http' + port: + metrics: + default: 9104 + grafana: + name: grafana + namespace: osh-infra + hosts: + default: grafana-dashboard + public: grafana + host_fqdn_override: + default: null + public: + host: grafana-airship.DOMAIN + path: + default: null + scheme: + default: "http" + public: "http" + port: + grafana: + default: 3000 + public: 80 + monitoring: + name: prometheus + namespace: osh-infra + hosts: + default: prom-metrics + public: prometheus + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + api: + default: 9090 + http: + default: 80 + kibana: + name: kibana + namespace: osh-infra + hosts: + default: kibana-dash + public: kibana + host_fqdn_override: + default: null + public: + host: kibana-airship.DOMAIN + path: + default: null + scheme: + default: "http" + public: "http" + port: + kibana: + default: 5601 + public: 80 + alerts: + name: alertmanager + namespace: osh-infra + hosts: + default: alerts-engine + public: alertmanager + discovery: alertmanager-discovery + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + api: + default: 9093 + public: 80 + mesh: + default: 6783 + kube_state_metrics: + namespace: kube-system + hosts: + default: kube-state-metrics + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + http: + default: 8080 + kube_scheduler: + scheme: + default: "http" + path: + default: /metrics + kube_controller_manager: + scheme: + default: "http" + path: + default: /metrics + node_metrics: + namespace: kube-system + hosts: + default: node-exporter + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + metrics: + default: 9100 + prometheus_port: + default: 9100 + process_exporter_metrics: + namespace: kube-system + hosts: + default: process-exporter + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + metrics: + default: 9256 + prometheus_openstack_exporter: + namespace: openstack + hosts: + default: openstack-metrics + host_fqdn_override: + default: null + path: + default: null + scheme: + default: "http" + port: + exporter: + default: 9103 + nagios: + name: nagios + namespace: osh-infra + hosts: + default: nagios-metrics + public: nagios + host_fqdn_override: + default: null + public: + host: nagios-airship.DOMAIN + path: + default: null + scheme: + default: "http" + public: "http" + port: + http: + default: 80 + public: 80 + ldap: + hosts: + default: ldap + host_fqdn_override: + default: null + public: + host: DOMAIN + path: + default: /AUTH_PATH + scheme: + default: "ldap" + port: + ldap: + default: 389 +... diff --git a/type/cntt/software/config/service_accounts.yaml b/type/cntt/software/config/service_accounts.yaml new file mode 100644 index 0000000..751f1b1 --- /dev/null +++ b/type/cntt/software/config/service_accounts.yaml @@ -0,0 +1,435 @@ +--- +# The purpose of this file is to define the account catalog for the site. This +# mostly contains service usernames, but also contain some information which +# should be changed like the region (site) name. +schema: pegleg/AccountCatalogue/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_service_accounts + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + ucp: + postgres: + admin: + username: postgres + replica: + username: standby + exporter: + username: psql_exporter + oslo_db: + admin: + username: root + oslo_messaging: + admin: + username: rabbitmq + keystone: + admin: + # NEWSITE-CHANGEME: Replace with the site name + region_name: RegionOne + username: admin + project_name: admin + user_domain_name: default + project_domain_name: default + oslo_messaging: + admin: + username: rabbitmq + keystone: + username: keystone + oslo_db: + username: keystone + database: keystone + promenade: + keystone: + # NEWSITE-CHANGEME: Replace with the site name + region_name: RegionOne + role: admin + project_name: service + project_domain_name: default + user_domain_name: default + username: promenade + drydock: + keystone: + # NEWSITE-CHANGEME: Replace with the site name + region_name: RegionOne + role: admin + project_name: service + project_domain_name: default + user_domain_name: default + username: drydock + postgres: + username: drydock + database: drydock + shipyard: + keystone: + # NEWSITE-CHANGEME: Replace with the site name + region_name: RegionOne + role: admin + project_name: service + project_domain_name: default + user_domain_name: default + username: shipyard + postgres: + username: shipyard + database: shipyard + airflow: + postgres: + username: airflow + database: airflow + oslo_messaging: + admin: + username: rabbitmq + user: + username: airflow + maas: + admin: + username: admin + email: none@none + postgres: + username: maas + database: maasdb + barbican: + keystone: + # NEWSITE-CHANGEME: Replace with the site name + region_name: RegionOne + role: admin + project_name: service + project_domain_name: default + user_domain_name: default + username: barbican + oslo_db: + username: barbican + database: barbican + oslo_messaging: + admin: + username: rabbitmq + keystone: + username: keystone + armada: + keystone: + project_domain_name: default + user_domain_name: default + project_name: service + # NEWSITE-CHANGEME: Replace with the site name + region_name: RegionOne + role: admin + username: armada + deckhand: + keystone: + # NEWSITE-CHANGEME: Replace with the site name + region_name: RegionOne + role: admin + project_name: service + project_domain_name: default + user_domain_name: default + username: deckhand + postgres: + username: deckhand + database: deckhand + prometheus_openstack_exporter: + user: + region_name: RegionOne + role: admin + username: prometheus-openstack-exporter + project_name: service + user_domain_name: default + project_domain_name: default + ceph: + swift: + keystone: + role: admin + # NEWSITE-CHANGEME: Replace with the site name + region_name: RegionOne + username: swift + project_name: service + user_domain_name: default + project_domain_name: default +... +--- +schema: pegleg/AccountCatalogue/v1 +metadata: + schema: metadata/Document/v1 + name: osh_service_accounts + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext + substitutions: + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.keystone.admin.region_name + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.cinder.cinder.region_name + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.glance.glance.region_name + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.heat.heat.region_name + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.heat.heat_trustee.region_name + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.heat.heat_stack_user.region_name + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.swift.keystone.region_name + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.neutron.neutron.region_name + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.nova.nova.region_name + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.nova.placement.region_name + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh.barbican.barbican.region_name +data: + osh: + keystone: + admin: + username: admin + project_name: admin + user_domain_name: default + project_domain_name: default + oslo_db: + username: keystone + database: keystone + oslo_messaging: + keystone: + username: keystone-rabbitmq-user + ldap: + # NEWSITE-CHANGEME: Replace with the site's LDAP account used to + # authenticate to the active directory backend to validate keystone + # users. + username: "test@ldap.example.com" + cinder: + cinder: + role: admin + username: cinder + project_name: service + user_domain_name: default + project_domain_name: default + oslo_db: + username: cinder + database: cinder + oslo_messaging: + cinder: + username: cinder-rabbitmq-user + glance: + glance: + role: admin + username: glance + project_name: service + user_domain_name: default + project_domain_name: default + oslo_db: + username: glance + database: glance + oslo_messaging: + glance: + username: glance-rabbitmq-user + ceph_object_store: + username: glance + heat: + heat: + role: admin + username: heat + project_name: service + user_domain_name: default + project_domain_name: default + heat_trustee: + role: admin + username: heat-trust + project_name: service + user_domain_name: default + project_domain_name: default + heat_stack_user: + role: admin + username: heat-domain + domain_name: heat + oslo_db: + username: heat + database: heat + oslo_messaging: + heat: + username: heat-rabbitmq-user + swift: + keystone: + role: admin + username: swift + project_name: service + user_domain_name: default + project_domain_name: default + oslo_db: + admin: + username: root + prometheus_mysql_exporter: + user: + username: osh-oslodb-exporter + neutron: + neutron: + role: admin + username: neutron + project_name: service + user_domain_name: default + project_domain_name: default + oslo_db: + username: neutron + database: neutron + oslo_messaging: + neutron: + username: neutron-rabbitmq-user + nova: + nova: + role: admin + username: nova + project_name: service + user_domain_name: default + project_domain_name: default + placement: + role: admin + username: placement + project_name: service + user_domain_name: default + project_domain_name: default + oslo_db: + username: nova + database: nova + oslo_db_api: + username: nova + database: nova_api + oslo_db_cell0: + username: nova + database: "nova_cell0" + oslo_messaging: + nova: + username: nova-rabbitmq-user + horizon: + oslo_db: + username: horizon + database: horizon + barbican: + barbican: + role: admin + username: barbican + project_name: service + user_domain_name: default + project_domain_name: default + oslo_db: + username: barbican + database: barbican + oslo_messaging: + barbican: + username: barbican-rabbitmq-user + oslo_messaging: + admin: + username: admin + tempest: + tempest: + role: admin + username: tempest + project_name: service + user_domain_name: default + project_domain_name: default +... +--- +schema: pegleg/AccountCatalogue/v1 +metadata: + schema: metadata/Document/v1 + name: osh_infra_service_accounts + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext + substitutions: + - src: + schema: pegleg/CommonSoftwareConfig/v1 + name: common-software-config + path: .osh.region_name + dest: + path: .osh_infra.prometheus_openstack_exporter.user.region_name +data: + osh_infra: + ceph_object_store: + admin: + username: s3_admin + elasticsearch: + username: elasticsearch + grafana: + admin: + username: grafana + oslo_db: + username: grafana + database: grafana + oslo_db_session: + username: grafana_session + database: grafana_session + elasticsearch: + admin: + username: elasticsearch + oslo_db: + admin: + username: root + prometheus_mysql_exporter: + user: + username: osh-infra-oslodb-exporter + prometheus_openstack_exporter: + user: + role: admin + username: prometheus-openstack-exporter + project_name: service + user_domain_name: default + project_domain_name: default + nagios: + admin: + username: nagios + prometheus: + admin: + username: prometheus + ldap: + admin: + # NEWSITE-CHANGEME: Replace with the site's LDAP account used to + # authenticate to the active directory backend to validate keystone + # users. + bind: "test@ldap.example.com" +... diff --git a/type/cntt/software/manifests/bootstrap.yaml b/type/cntt/software/manifests/bootstrap.yaml new file mode 100644 index 0000000..e015410 --- /dev/null +++ b/type/cntt/software/manifests/bootstrap.yaml @@ -0,0 +1,39 @@ +--- +schema: armada/Manifest/v1 +metadata: + schema: metadata/Document/v1 + replacement: true + name: cluster-bootstrap + labels: + name: cluster-bootstrap-type + layeringDefinition: + abstract: false + layer: type + parentSelector: + name: cluster-bootstrap-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + release_prefix: airship + chart_groups: + - podsecuritypolicy + - kubernetes-proxy + - kubernetes-container-networking + - kubernetes-dns + - kubernetes-etcd + - kubernetes-haproxy + - kubernetes-core + - ingress-kube-system + - ucp-ceph + - ucp-ceph-config + - ucp-core + - ucp-keystone + - ucp-divingbell + - ucp-armada + - ucp-deckhand + - ucp-drydock + - ucp-promenade + - ucp-shipyard +... diff --git a/type/cntt/software/manifests/full-site.yaml b/type/cntt/software/manifests/full-site.yaml new file mode 100644 index 0000000..2cb0c84 --- /dev/null +++ b/type/cntt/software/manifests/full-site.yaml @@ -0,0 +1,61 @@ +--- +schema: armada/Manifest/v1 +metadata: + schema: metadata/Document/v1 + replacement: true + name: full-site + labels: + name: full-site-type + layeringDefinition: + abstract: false + layer: type + parentSelector: + name: full-site-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + release_prefix: airship + chart_groups: + - podsecuritypolicy + - kubernetes-proxy + - kubernetes-container-networking + - kubernetes-dns + - kubernetes-etcd + - kubernetes-haproxy + - kubernetes-core + - ingress-kube-system + - ucp-ceph-update + - ucp-ceph-config + - ucp-core + - ucp-keystone + - ucp-divingbell + - ucp-armada + - ucp-deckhand + - ucp-drydock-scaled + - ucp-promenade + - ucp-shipyard + - ucp-prometheus-openstack-exporter + - osh-infra-ingress-controller + - osh-infra-ceph-config + - osh-infra-radosgw + - osh-infra-logging + - osh-infra-monitoring + - osh-infra-mariadb + - osh-infra-dashboards + - openstack-ingress-controller + - openstack-ceph-config + - openstack-tenant-ceph + - openstack-mariadb + - openstack-rabbitmq + - openstack-memcached + - openstack-keystone + - openstack-radosgw + - openstack-glance + - openstack-cinder + - openstack-compute-kit + - openstack-heat + - osh-infra-prometheus-openstack-exporter + - openstack-horizon +... |