From 8897346be53170aaac7d84bec4facd845bf09519 Mon Sep 17 00:00:00 2001 From: "Sridhar K. N. Rao" Date: Sun, 15 Dec 2019 14:23:30 +0530 Subject: Addition of Intel Pod15 Site Manifest This patch adds site manifest for Intel Pod15 Update the vlan-IDs and interface-names The NIC ens785f0 and ens785f1 have swapped roles. Accordingly, the configuration is changed Signed-off-by: Sridhar K. N. Rao Change-Id: I20960e505361bc00d019ea3800814637b9ef4953 --- .../baremetal/bootactions/ixgbe-dkms-install.yaml | 56 + site/intel-pod15/baremetal/nodes.yaml | 193 ++ site/intel-pod15/intel-pod15.env | 9 + site/intel-pod15/networks/common-addresses.yaml | 164 ++ site/intel-pod15/networks/physical/networks.yaml | 327 +++ site/intel-pod15/pki/pki-catalog.yaml | 289 +++ .../intel-pod15/profiles/hardware/intel-pod15.yaml | 94 + site/intel-pod15/profiles/host/cp-intel-pod15.yaml | 105 + site/intel-pod15/profiles/host/dp-intel-pod15.yaml | 112 + site/intel-pod15/profiles/region.yaml | 60 + .../secrets/certificates/certificates.yaml | 2456 ++++++++++++++++++++ site/intel-pod15/secrets/ingress.yaml | 135 ++ .../passphrases/apiserver-encryption-key-key1.yaml | 13 + .../secrets/passphrases/cedric_crypt_password.yaml | 12 + .../intel-pod15/secrets/passphrases/ceph_fsid.yaml | 12 + .../passphrases/ceph_swift_keystone_password.yaml | 11 + .../secrets/passphrases/ipmi_admin_password.yaml | 13 + .../secrets/passphrases/maas-region-key.yaml | 12 + .../secrets/passphrases/mfix_crypt_password.yaml | 12 + .../passphrases/osh_barbican_oslo_db_password.yaml | 11 + ...osh_barbican_oslo_messaging_admin_password.yaml | 11 + .../osh_barbican_oslo_messaging_password.yaml | 11 + .../secrets/passphrases/osh_barbican_password.yaml | 11 + .../osh_barbican_rabbitmq_erlang_cookie.yaml | 11 + .../passphrases/osh_cinder_oslo_db_password.yaml | 11 + .../osh_cinder_oslo_messaging_admin_password.yaml | 11 + .../osh_cinder_oslo_messaging_password.yaml | 11 + .../secrets/passphrases/osh_cinder_password.yaml | 11 + .../osh_cinder_rabbitmq_erlang_cookie.yaml | 11 + .../passphrases/osh_glance_oslo_db_password.yaml | 11 + .../osh_glance_oslo_messaging_admin_password.yaml | 11 + .../osh_glance_oslo_messaging_password.yaml | 11 + .../secrets/passphrases/osh_glance_password.yaml | 11 + .../osh_glance_rabbitmq_erlang_cookie.yaml | 11 + .../passphrases/osh_heat_oslo_db_password.yaml | 11 + .../osh_heat_oslo_messaging_admin_password.yaml | 11 + .../osh_heat_oslo_messaging_password.yaml | 11 + .../secrets/passphrases/osh_heat_password.yaml | 11 + .../osh_heat_rabbitmq_erlang_cookie.yaml | 11 + .../passphrases/osh_heat_stack_user_password.yaml | 11 + .../passphrases/osh_heat_trustee_password.yaml | 11 + .../passphrases/osh_horizon_oslo_db_password.yaml | 11 + .../osh_infra_elasticsearch_admin_password.yaml | 11 + .../osh_infra_grafana_admin_password.yaml | 11 + .../osh_infra_grafana_oslo_db_password.yaml | 11 + ...osh_infra_grafana_oslo_db_session_password.yaml | 11 + .../osh_infra_nagios_admin_password.yaml | 11 + .../osh_infra_openstack_exporter_password.yaml | 11 + .../osh_infra_oslo_db_admin_password.yaml | 11 + .../osh_infra_oslo_db_exporter_password.yaml | 11 + .../osh_infra_prometheus_admin_password.yaml | 11 + .../osh_infra_rgw_s3_admin_access_key.yaml | 11 + .../osh_infra_rgw_s3_admin_secret_key.yaml | 11 + .../osh_infra_rgw_s3_elasticsearch_access_key.yaml | 11 + .../osh_infra_rgw_s3_elasticsearch_secret_key.yaml | 11 + .../passphrases/osh_keystone_admin_password.yaml | 11 + .../passphrases/osh_keystone_ldap_password.yaml | 11 + .../passphrases/osh_keystone_oslo_db_password.yaml | 11 + ...osh_keystone_oslo_messaging_admin_password.yaml | 11 + .../osh_keystone_oslo_messaging_password.yaml | 11 + .../osh_keystone_rabbitmq_erlang_cookie.yaml | 11 + .../passphrases/osh_neutron_oslo_db_password.yaml | 11 + .../osh_neutron_oslo_messaging_admin_password.yaml | 11 + .../osh_neutron_oslo_messaging_password.yaml | 11 + .../secrets/passphrases/osh_neutron_password.yaml | 11 + .../osh_neutron_rabbitmq_erlang_cookie.yaml | 11 + .../osh_nova_metadata_proxy_shared_secret.yaml | 11 + .../passphrases/osh_nova_oslo_db_password.yaml | 11 + .../osh_nova_oslo_messaging_admin_password.yaml | 11 + .../osh_nova_oslo_messaging_password.yaml | 11 + .../secrets/passphrases/osh_nova_password.yaml | 11 + .../osh_nova_rabbitmq_erlang_cookie.yaml | 11 + .../passphrases/osh_oslo_cache_secret_key.yaml | 11 + .../passphrases/osh_oslo_db_admin_password.yaml | 11 + .../passphrases/osh_oslo_db_exporter_password.yaml | 11 + .../osh_oslo_messaging_admin_password.yaml | 11 + .../passphrases/osh_placement_password.yaml | 11 + .../passphrases/osh_rabbitmq_erlang_cookie.yaml | 11 + .../secrets/passphrases/osh_tempest_password.yaml | 11 + .../passphrases/sridhar_crypt_password.yaml | 12 + .../secrets/passphrases/tenant_ceph_fsid.yaml | 12 + .../ucp_airflow_oslo_messaging_password.yaml | 11 + .../passphrases/ucp_airflow_postgres_password.yaml | 11 + .../passphrases/ucp_armada_keystone_password.yaml | 11 + .../ucp_barbican_keystone_password.yaml | 11 + .../passphrases/ucp_barbican_oslo_db_password.yaml | 11 + .../ucp_deckhand_keystone_password.yaml | 11 + .../ucp_deckhand_postgres_password.yaml | 11 + .../passphrases/ucp_drydock_keystone_password.yaml | 11 + .../passphrases/ucp_drydock_postgres_password.yaml | 11 + .../passphrases/ucp_keystone_admin_password.yaml | 11 + .../passphrases/ucp_keystone_oslo_db_password.yaml | 11 + .../passphrases/ucp_maas_admin_password.yaml | 11 + .../passphrases/ucp_maas_postgres_password.yaml | 11 + .../ucp_openstack_exporter_keystone_password.yaml | 11 + .../passphrases/ucp_oslo_db_admin_password.yaml | 11 + .../passphrases/ucp_oslo_messaging_password.yaml | 11 + .../passphrases/ucp_postgres_admin_password.yaml | 11 + .../ucp_postgres_exporter_password.yaml | 11 + .../ucp_postgres_replication_password.yaml | 11 + .../ucp_promenade_keystone_password.yaml | 11 + .../passphrases/ucp_rabbitmq_erlang_cookie.yaml | 11 + .../ucp_shipyard_keystone_password.yaml | 11 + .../ucp_shipyard_postgres_password.yaml | 11 + .../secrets/publickey/cedric_ssh_public_key.yaml | 11 + .../secrets/publickey/mfix_ssh_public_key.yaml | 11 + .../secrets/publickey/opnfv_ssh_public_key.yaml | 11 + .../secrets/publickey/sridhar_ssh_public_key.yaml | 11 + site/intel-pod15/site-definition.yaml | 17 + .../kubernetes/container-networking/etcd.yaml | 127 + .../software/charts/kubernetes/etcd/etcd.yaml | 131 ++ .../software/charts/osh-infra/elasticsearch.yaml | 34 + .../software/charts/osh-infra/fluentbit.yaml | 22 + .../software/charts/osh-infra/fluentd.yaml | 22 + .../software/charts/osh-infra/grafana.yaml | 23 + .../software/charts/osh-infra/ingress.yaml | 24 + .../software/charts/osh-infra/mariadb.yaml | 24 + .../software/charts/osh-infra/prometheus.yaml | 35 + .../charts/osh/openstack-compute-kit/libvirt.yaml | 22 + .../charts/osh/openstack-compute-kit/neutron.yaml | 74 + .../charts/osh/openstack-compute-kit/nova.yaml | 47 + .../charts/ucp/ceph/ceph-client-update.yaml | 26 + .../software/charts/ucp/ceph/ceph-client.yaml | 100 + .../software/charts/ucp/ceph/ceph-osd.yaml | 30 + .../software/charts/ucp/divingbell/divingbell.yaml | 83 + .../software/config/common-software-config.yaml | 16 + 126 files changed, 5923 insertions(+) create mode 100644 site/intel-pod15/baremetal/bootactions/ixgbe-dkms-install.yaml create mode 100644 site/intel-pod15/baremetal/nodes.yaml create mode 100644 site/intel-pod15/intel-pod15.env create mode 100644 site/intel-pod15/networks/common-addresses.yaml create mode 100644 site/intel-pod15/networks/physical/networks.yaml create mode 100644 site/intel-pod15/pki/pki-catalog.yaml create mode 100644 site/intel-pod15/profiles/hardware/intel-pod15.yaml create mode 100644 site/intel-pod15/profiles/host/cp-intel-pod15.yaml create mode 100644 site/intel-pod15/profiles/host/dp-intel-pod15.yaml create mode 100644 site/intel-pod15/profiles/region.yaml create mode 100755 site/intel-pod15/secrets/certificates/certificates.yaml create mode 100644 site/intel-pod15/secrets/ingress.yaml create mode 100644 site/intel-pod15/secrets/passphrases/apiserver-encryption-key-key1.yaml create mode 100644 site/intel-pod15/secrets/passphrases/cedric_crypt_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/ceph_fsid.yaml create mode 100644 site/intel-pod15/secrets/passphrases/ceph_swift_keystone_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/ipmi_admin_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/maas-region-key.yaml create mode 100644 site/intel-pod15/secrets/passphrases/mfix_crypt_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_barbican_oslo_db_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_barbican_oslo_messaging_admin_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_barbican_oslo_messaging_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_barbican_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_barbican_rabbitmq_erlang_cookie.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_cinder_oslo_db_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_cinder_oslo_messaging_admin_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_cinder_oslo_messaging_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_cinder_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_cinder_rabbitmq_erlang_cookie.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_glance_oslo_db_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_glance_oslo_messaging_admin_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_glance_oslo_messaging_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_glance_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_glance_rabbitmq_erlang_cookie.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_heat_oslo_db_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_heat_oslo_messaging_admin_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_heat_oslo_messaging_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_heat_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_heat_rabbitmq_erlang_cookie.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_heat_stack_user_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_heat_trustee_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_horizon_oslo_db_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_infra_elasticsearch_admin_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_infra_grafana_admin_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_infra_grafana_oslo_db_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_infra_grafana_oslo_db_session_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_infra_nagios_admin_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_infra_openstack_exporter_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_infra_oslo_db_admin_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_infra_oslo_db_exporter_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_infra_prometheus_admin_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_infra_rgw_s3_admin_access_key.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_infra_rgw_s3_admin_secret_key.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_infra_rgw_s3_elasticsearch_access_key.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_infra_rgw_s3_elasticsearch_secret_key.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_keystone_admin_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_keystone_ldap_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_keystone_oslo_db_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_keystone_oslo_messaging_admin_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_keystone_oslo_messaging_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_keystone_rabbitmq_erlang_cookie.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_neutron_oslo_db_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_neutron_oslo_messaging_admin_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_neutron_oslo_messaging_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_neutron_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_neutron_rabbitmq_erlang_cookie.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_nova_metadata_proxy_shared_secret.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_nova_oslo_db_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_nova_oslo_messaging_admin_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_nova_oslo_messaging_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_nova_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_nova_rabbitmq_erlang_cookie.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_oslo_cache_secret_key.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_oslo_db_admin_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_oslo_db_exporter_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_oslo_messaging_admin_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_placement_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_rabbitmq_erlang_cookie.yaml create mode 100644 site/intel-pod15/secrets/passphrases/osh_tempest_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/sridhar_crypt_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/tenant_ceph_fsid.yaml create mode 100644 site/intel-pod15/secrets/passphrases/ucp_airflow_oslo_messaging_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/ucp_airflow_postgres_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/ucp_armada_keystone_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/ucp_barbican_keystone_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/ucp_barbican_oslo_db_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/ucp_deckhand_keystone_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/ucp_deckhand_postgres_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/ucp_drydock_keystone_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/ucp_drydock_postgres_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/ucp_keystone_admin_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/ucp_keystone_oslo_db_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/ucp_maas_admin_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/ucp_maas_postgres_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/ucp_openstack_exporter_keystone_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/ucp_oslo_db_admin_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/ucp_oslo_messaging_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/ucp_postgres_admin_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/ucp_postgres_exporter_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/ucp_postgres_replication_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/ucp_promenade_keystone_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml create mode 100644 site/intel-pod15/secrets/passphrases/ucp_shipyard_keystone_password.yaml create mode 100644 site/intel-pod15/secrets/passphrases/ucp_shipyard_postgres_password.yaml create mode 100644 site/intel-pod15/secrets/publickey/cedric_ssh_public_key.yaml create mode 100644 site/intel-pod15/secrets/publickey/mfix_ssh_public_key.yaml create mode 100644 site/intel-pod15/secrets/publickey/opnfv_ssh_public_key.yaml create mode 100644 site/intel-pod15/secrets/publickey/sridhar_ssh_public_key.yaml create mode 100644 site/intel-pod15/site-definition.yaml create mode 100644 site/intel-pod15/software/charts/kubernetes/container-networking/etcd.yaml create mode 100644 site/intel-pod15/software/charts/kubernetes/etcd/etcd.yaml create mode 100644 site/intel-pod15/software/charts/osh-infra/elasticsearch.yaml create mode 100644 site/intel-pod15/software/charts/osh-infra/fluentbit.yaml create mode 100644 site/intel-pod15/software/charts/osh-infra/fluentd.yaml create mode 100644 site/intel-pod15/software/charts/osh-infra/grafana.yaml create mode 100644 site/intel-pod15/software/charts/osh-infra/ingress.yaml create mode 100644 site/intel-pod15/software/charts/osh-infra/mariadb.yaml create mode 100644 site/intel-pod15/software/charts/osh-infra/prometheus.yaml create mode 100644 site/intel-pod15/software/charts/osh/openstack-compute-kit/libvirt.yaml create mode 100644 site/intel-pod15/software/charts/osh/openstack-compute-kit/neutron.yaml create mode 100644 site/intel-pod15/software/charts/osh/openstack-compute-kit/nova.yaml create mode 100644 site/intel-pod15/software/charts/ucp/ceph/ceph-client-update.yaml create mode 100644 site/intel-pod15/software/charts/ucp/ceph/ceph-client.yaml create mode 100644 site/intel-pod15/software/charts/ucp/ceph/ceph-osd.yaml create mode 100644 site/intel-pod15/software/charts/ucp/divingbell/divingbell.yaml create mode 100644 site/intel-pod15/software/config/common-software-config.yaml diff --git a/site/intel-pod15/baremetal/bootactions/ixgbe-dkms-install.yaml b/site/intel-pod15/baremetal/bootactions/ixgbe-dkms-install.yaml new file mode 100644 index 0000000..49b5329 --- /dev/null +++ b/site/intel-pod15/baremetal/bootactions/ixgbe-dkms-install.yaml @@ -0,0 +1,56 @@ +--- +# This file defines a boot action to install specified version of the ixgbe +# driver and blacklist the ixgbevf driver. +schema: 'drydock/BootAction/v1' +metadata: + schema: 'metadata/Document/v1' + name: ixgbe-dkms-install + storagePolicy: 'cleartext' + layeringDefinition: + abstract: false + layer: site + labels: + application: 'drydock' + substitutions: + - src: + schema: pegleg/Script/v1 + name: ixgbe-dkms-install + path: . + dest: + path: .assets[1].data +data: + signaling: false + assets: + - path: /etc/systemd/system/ixgbe-dkms-install.service + type: unit + permissions: '444' + data: | + [Unit] + Description=Service for Installing ixgbe driver + DefaultDependencies=no + Before=promjoin.service + After=network-online.target local-fs.target cloud-init.target + + [Service] + Type=oneshot + ExecStart=/opt/ixgbe-dkms-install.sh + RemainAfterExit=true + + [Install] + WantedBy=airship.target + + data_pipeline: + - utf8_decode + - path: /opt/ixgbe-dkms-install.sh + type: file + permissions: '700' + data_pipeline: + - utf8_decode + - path: /etc/modprobe.d/sriov_blacklist.conf + type: file + permissions: '644' + data_pipeline: + - utf8_decode + data: | + blacklist ixgbevf +... diff --git a/site/intel-pod15/baremetal/nodes.yaml b/site/intel-pod15/baremetal/nodes.yaml new file mode 100644 index 0000000..75acde9 --- /dev/null +++ b/site/intel-pod15/baremetal/nodes.yaml @@ -0,0 +1,193 @@ +--- +# Drydock BaremetalNode resources for a specific rack are stored in this file. +# +# NOTE: For new sites, you should complete the networks/physical/networks.yaml +# file before working on this file. +# +# In this file, you should make the number of `drydock/BaremetalNode/v1` +# resources equal the number of bare metal nodes you have, either by deleting +# excess BaremetalNode definitions (if there are too many), or by copying and +# pasting the last BaremetalNode in the file until you have the correct number +# of baremetal nodes (if there are too few). +# +# Then in each file, address all additional NEWSITE-CHANGEME markers to update +# the data in these files with the right values for your new site. +# +# *NOTE: The Genesis node is counted as one of the control plane nodes. Note +# that the Genesis node does not appear on this bare metal list, because the +# procedure to reprovision the Genesis host with MaaS has not yet been +# implemented. Therefore there will be only two bare metal nodes in this file +# with the 'masters' tag, as the genesis roles are assigned in a different +# place (type/cntt/profiles/genesis.yaml). +# +schema: 'drydock/BaremetalNode/v1' +metadata: + schema: 'metadata/Document/v1' + # NEWSITE-CHANGEME: Replace with the hostname of the first node in the rack, + # after (excluding) genesis. + name: pod15-node2 + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + # NEWSITE-CHANGEME: The IPv4 address assigned to each logical network on this + # node. In the reference Airship deployment, this is all logical Networks defined + # in networks/physical/networks.yaml. IP addresses are manually assigned, by-hand. + # (what could possibly go wrong!) The instructions differ for each logical + # network, which are laid out below. + addressing: + # The iDrac/iLo IP of the node. It's important that this match up with the + # node's hostname above, so that the rack number and node position encoded + # in the hostname are accurate and matching the node that IPMI operations + # will be performed against (for poweron, poweroff, PXE boot to wipe disk or + # reconfigure identity, etc - very important to get right for these reasons). + # These addresses should already be assigned to nodes racked and stacked in + # the environment; these are not addresses which MaaS assigns. + - network: oob + address: 10.10.150.12 + # The IP of the node on the DMZ network. Refer to the static IP range + # defined for the Admin network in networks/physical/networks.yaml. + - network: dmz + address: 10.10.150.22 + # The IP of the node on the Admin network. Refer to the static IP range + # defined for the Admin network in networks/physical/networks.yaml. + # This network is used for PXE bootstrapping of the bare-metal servers. + - network: admin + address: 10.10.151.22 + # The IP of the node on the Private network. Refer to the static IP range + # defined for the Private network in networks/physical/networks.yaml. + - network: private + address: 10.10.152.22 + # The IP of the node on the Storage network. Refer to the static IP range + # defined for the Storage network in networks/physical/networks.yaml. + - network: storage + address: 10.10.153.22 + # The IP of the node on the Management network. Refer to the static IP range + # defined for the Management network in networks/physical/networks.yaml. + - network: management + address: 10.10.154.22 + # NEWSITE-CHANGEME: Set the host profile for the node. + # Note that there are different host profiles depending if this is a control + # plane vs data plane node, and different profiles that map to different types + # hardware. Select the host profile that matches up to your type of + # hardware and function. E.g., the r720 here refers to Dell R720 hardware, the + # 'cp' refers to a control plane profile. Refer to profiles/host/ for the list + # of available host profiles specific to this site (otherwise, you may find + # a general set of host profiles at the "type" or "global" layers/folders. + # If you have hardware that is not on this list of profiles, you may need to + # create a new host profile for that hardware. + host_profile: cp-intel-pod15 + metadata: + tags: + # NEWSITE-CHANGEME: See previous comment. Apply 'masters' tag for control + # plane node, and 'workers' tag for data plane hosts. + - 'masters' + # NEWSITE-CHANGEME: Refer to site engineering package or other supporting + # documentation for the specific rack name. This should be a rack name that + # is meaningful to data center personnel (i.e. a rack they could locate if + # you gave them this rack designation). + rack: pod15-rack +... +--- +schema: 'drydock/BaremetalNode/v1' +metadata: + schema: 'metadata/Document/v1' + # NEWSITE-CHANGEME: The next node's hostname + name: pod15-node3 + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + # NEWSITE-CHANGEME: The next node's IPv4 addressing + addressing: + - network: oob + address: 10.10.150.13 + - network: dmz + address: 10.10.150.23 + - network: admin + address: 10.10.151.23 + - network: private + address: 10.10.152.23 + - network: storage + address: 10.10.153.23 + - network: management + address: 10.10.154.23 + # NEWSITE-CHANGEME: The next node's host profile + host_profile: cp-intel-pod15 + metadata: + # NEWSITE-CHANGEME: The next node's rack designation + rack: pod15-rack + # NEWSITE-CHANGEME: The next node's role desigatnion + tags: + - 'masters' +... +--- +schema: 'drydock/BaremetalNode/v1' +metadata: + schema: 'metadata/Document/v1' + # NEWSITE-CHANGEME: The next node's hostname + name: pod15-node4 + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + # NEWSITE-CHANGEME: The next node's IPv4 addressing + addressing: + - network: oob + address: 10.10.150.14 + - network: dmz + address: 10.10.150.24 + - network: admin + address: 10.10.151.24 + - network: private + address: 10.10.152.24 + - network: storage + address: 10.10.153.24 + - network: management + address: 10.10.154.24 + # NEWSITE-CHANGEME: The next node's host profile + host_profile: dp-intel-pod15 + metadata: + # NEWSITE-CHANGEME: The next node's rack designation + rack: pod15-rack + # NEWSITE-CHANGEME: The next node's role desigatnion + tags: + - 'workers' +... +--- +schema: 'drydock/BaremetalNode/v1' +metadata: + schema: 'metadata/Document/v1' + # NEWSITE-CHANGEME: The next node's hostname + name: pod15-node5 + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + # NEWSITE-CHANGEME: The next node's IPv4 addressing + addressing: + - network: oob + address: 10.10.150.15 + - network: dmz + address: 10.10.150.25 + - network: admin + address: 10.10.151.25 + - network: private + address: 10.10.152.25 + - network: storage + address: 10.10.153.25 + - network: management + address: 10.10.154.25 + # NEWSITE-CHANGEME: The next node's host profile + host_profile: dp-intel-pod15 + metadata: + # NEWSITE-CHANGEME: The next node's rack designation + rack: pod15-rack + # NEWSITE-CHANGEME: The next node's role desigatnion + tags: + - 'workers' +... diff --git a/site/intel-pod15/intel-pod15.env b/site/intel-pod15/intel-pod15.env new file mode 100644 index 0000000..326024b --- /dev/null +++ b/site/intel-pod15/intel-pod15.env @@ -0,0 +1,9 @@ +export OS_AUTH_URL=${OS_AUTH_URL:-http://iam-airship.intel-pod15.opnfv.org:80/v3} +export GEN_SSH=${GEN_SSH:-intel-pod15-genesis} +export SITE_NAME=${SITE_NAME:-intel-pod15} + +export GEN_IPMI=${GEN_IPMI:-10.10.150.11} +export NODES_IPMI=${NODES_IPMI:-'10.10.150.12 10.10.150.13 10.10.150.14 10.10.150.15'} +export SITE_DEF=${SITE_DEF:-airship/site/intel-pod15/site-definition.yaml} + +export OS_AUTH_URL_IDENTITY=${OS_AUTH_URL:-http://identity-airship.intel-pod15.opnfv.org:80/v3} diff --git a/site/intel-pod15/networks/common-addresses.yaml b/site/intel-pod15/networks/common-addresses.yaml new file mode 100644 index 0000000..3f25a03 --- /dev/null +++ b/site/intel-pod15/networks/common-addresses.yaml @@ -0,0 +1,164 @@ +--- +# The purpose of this file is to define network related paramters that are +# referenced (substituted) elsewhere in the manifests for this site. +# +schema: pegleg/CommonAddresses/v1 +metadata: + schema: metadata/Document/v1 + name: common-addresses + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + calico: + # NEWSITE-CHANGEME: The interface that Calico will use. Update if your + # logical interface name or Calico VLAN have changed from the reference + # site design. + # This should be whichever interface (or bond) and VLAN number specified in + # networks/physical/networks.yaml for the Calico network. + # E.g. you would set "interface=ens785f0" as shown here. + ip_autodetection_method: interface=ens785f1 + etcd: + # The etcd service IP address. + # This address must be within data.kubernetes.service_cidr range + service_ip: 10.96.232.136 + + # NEWSITE-CHANGEME: Update virtual IPs to be used for deployment. + # These IPs are imporant and tied to FQDN/DNS registration for the site, see more at + # https://airship-treasuremap.readthedocs.io/en/latest/authoring_and_deployment.html#register-dns-names + vip: + # Used for accessing Airship/OpenStack APIs (ingress of kube-system) + # The address is selected from DMZ network specified in + # networks/physical/networks.yaml + ingress_vip: '10.10.150.100/32' + # Used for bare-metal deployment (PXE boot, fetching Drydock bootactions) + # The address is selected from Admin network specified in + # networks/physical/networks.yaml + maas_vip: '10.10.151.100/32' + + dns: + # Kubernetes cluster domain. Do not change. This is internal to the cluster. + cluster_domain: cluster.local + # DNS service ip + service_ip: 10.96.0.10 + # List of upstream DNS forwards. Verify you can reach them from your + # environment. If so, you should not need to change them. + upstream_servers: + - 8.8.8.8 + - 8.8.4.4 + # Repeat the same values as above, but formatted as a common separated + # string + upstream_servers_joined: 8.8.8.8,8.8.4.4 + # NEWSITE-CHANGEME: FQDN for ingress (i.e. "publicly facing" access point) + # Choose FQDN according to the ingress/public FQDN naming conventions at + # the top of this document. + ingress_domain: intel-pod15.opnfv.org + + genesis: + # NEWSITE-CHANGEME: Update with the hostname for the node which will take on + # the Genesis role. Refer to the hostname naming stardards in + # networks/physical/networks.yaml + # NOTE: Ensure that the genesis node is manually configured with this + # hostname before running `genesis.sh` on the node, see + # https://airship-treasuremap.readthedocs.io/en/latest/authoring_and_deployment.html#genesis-node + hostname: pod15-node1 + # NEWSITE-CHANGEME: Address defined for Calico network in + # networks/physical/networks.yaml + ip: 10.10.152.21 + + bootstrap: + # NEWSITE-CHANGEME: Address defined for the Admin (PXE) network in + # networks/physical/networks.yaml + ip: 10.10.151.21 + + kubernetes: + # K8s API service IP + api_service_ip: 10.96.0.1 + # etcd service IP + etcd_service_ip: 10.96.0.2 + # k8s pod CIDR (network which pod traffic will traverse) + pod_cidr: 10.97.0.0/16 + # k8s service CIDR (network which k8s API traffic will traverse) + service_cidr: 10.96.0.0/16 + # misc k8s port settings + apiserver_port: 6443 + haproxy_port: 6553 + service_node_port_range: 30000-32767 + + # etcd port settings + etcd: + container_port: 2379 + haproxy_port: 2378 + + # NEWSITE-CHANGEME: A list of nodes (excluding Genesis) which act as the + # control plane servers. Ensure that this matches the nodes with the 'masters' + # tags applied in baremetal/nodes.yaml + masters: + - hostname: pod15-node2 + - hostname: pod15-node3 + + # NEWSITE-CHANGEME: Environment proxy information. + # NOTE: Reference Airship sites do not deploy behind a proxy, so this proxy section + # should be commented out. + # However if you are in a lab that requires proxy, ensure that these proxy + # settings are correct and reachable in your environment; otherwise update + # them with the correct values for your environment. + proxy: + http: "" + https: "" + no_proxy: [] + + node_ports: + drydock_api: 30000 + maas_api: 30001 + + ntp: + # comma separated NTP server list. Verify that these upstream NTP servers are + # reachable in your environment; otherwise update them with the correct + # values for your environment. + servers_joined: '0.ubuntu.pool.ntp.org,1.ubuntu.pool.ntp.org,2.ubuntu.pool.ntp.org,4.ubuntu.pool.ntp.org' + + # An example for Openstack Helm Infra LDAP + ldap: + # NEWSITE-CHANGEME: FQDN for LDAP. Update to the FQDN that is + # relevant for your type of deployment (test vs prod values, etc). + base_url: 'ldap.example.com' + # NEWSITE-CHANGEME: As above, with the protocol included to create a full URI + url: 'ldap://ldap.example.com' + # NEWSITE-CHANGEME: Update to the correct expression relevant for this + # deployment (test vs prod values, etc) + auth_path: DC=test,DC=test,DC=com?sAMAccountName?sub?memberof=CN=test,OU=Application,OU=Groups,DC=test,DC=test,DC=com + # NEWSITE-CHANGEME: Update to the correct AD group that contains the users + # relevant for this deployment (test users vs prod users/values, etc) + common_name: test + # NEWSITE-CHANGEME: Update to the correct subdomain for your type of + # deployment (test vs prod values, etc) + subdomain: test + # NEWSITE-CHANGEME: Update to the correct domain for your type of + # deployment (test vs prod values, etc) + domain: example + + storage: + ceph: + # NEWSITE-CHANGEME: CIDRs for Ceph. Update to match the network CIDR + # used for the Storage network in networks/physical/networks.yaml + public_cidr: '10.10.153.0/24' + cluster_cidr: '10.10.153.0/24' + + neutron: + # NEWSITE-CHANGEME: Overlay network for VM traffic. Ensure the interface name and + # VLAN number are consistent with what's defined for the Private network in + # networks/physical/networks.yaml + tunnel_device: 'ens785f1' + # Interface for the OpenStack external network. Ensure the interface name is + # consistent with the interface and VLAN assigned to the Public network in + # networks/physical/networks.yaml + external_iface: 'ens785f0.4000' + + openvswitch: + # Interface for the OpenStack external network. Ensure the interface name is + # consistent with the interface and VLAN assigned to the Public network in + # networks/physical/networks.yaml + external_iface: 'ens785f0.4000' +... diff --git a/site/intel-pod15/networks/physical/networks.yaml b/site/intel-pod15/networks/physical/networks.yaml new file mode 100644 index 0000000..659884e --- /dev/null +++ b/site/intel-pod15/networks/physical/networks.yaml @@ -0,0 +1,327 @@ +--- +# The purpose of this file is to define all of the NetworkLinks (i.e. layer 1 +# devices) and Networks (i.e. layer 3 configurations). +# +# The following is reference configuration for Intel hosted POD10 +# https://wiki.opnfv.org/display/pharos/Intel+POD10 +# +--------+------------+-----------------------------------+----------+----------+----------------+ +# | | | | | | | +# +--------+------------+-----------------------------------+----------+----------+----------------+ +# |IF0 1G | dmz | OoB & OAM (default route) | VLAN 150 | untagged | 10.10.150.0/24 | +# |IF1 1G | admin | PXE boot network | VLAN 151 | untagged | 10.10.151.0/24 | +# |IF2 10G | private | Underlay calico and ovs overlay | VLAN 152 | untagged | 10.10.152.0/24 | +# | | management | Management (unused for now) | VLAN 154 | tagged | 10.10.154.0/24 | +# |IF3 10G | storage | Storage network | VLAN 153 | untagged | 10.10.153.0/24 | +# | | public | Public network for VMs | VLAN 4000| tagged | 10.10.155.0/24 | +# +--------+------------+-----------------------------------+----------+----------+----------------+ +# +# For standard Airship deployments, you should not need to modify the number of +# NetworkLinks and Networks in this file. Only the IP addresses and CIDRs should +# need editing. +# +schema: 'drydock/NetworkLink/v1' +metadata: + schema: 'metadata/Document/v1' + name: oob + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + # MaaS doesnt own this network like it does the others, + # so the noconfig label is specified. + labels: + noconfig: enabled + bonding: + mode: disabled + mtu: 1500 + linkspeed: auto + trunking: + mode: disabled + default_network: oob + allowed_networks: + - oob +... +--- +schema: 'drydock/Network/v1' +metadata: + schema: 'metadata/Document/v1' + name: oob + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + # NEWSITE-CHANGEME: Update with the site's out-of-band CIDR + cidr: 10.10.150.0/24 + routes: + # NEWSITE-CHANGEME: Update with the site's out-of-band gateway IP + - subnet: '0.0.0.0/0' + gateway: 10.10.150.1 + metric: 100 +... +--- +schema: 'drydock/NetworkLink/v1' +metadata: + schema: 'metadata/Document/v1' + name: dmz + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + bonding: + mode: disabled + mtu: 1500 + linkspeed: auto + trunking: + mode: disabled + default_network: dmz + allowed_networks: + - dmz +... +--- +schema: 'drydock/Network/v1' +metadata: + schema: 'metadata/Document/v1' + name: dmz + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + # NEWSITE-CHANGEME: Update with the site's DMZ network CIDR + cidr: 10.10.150.0/24 + routes: + - subnet: 0.0.0.0/0 + # NEWSITE-CHANGEME: Set the DMZ network gateway IP address + # NOTE: This serves as the site's default route. + gateway: 10.10.150.1 + metric: 100 + ranges: + # NEWSITE-CHANGEME: Exclude any reserved IPs for the lab. + - type: reserved + start: 10.10.150.1 + end: 10.10.150.19 + # NEWSITE-CHANGEME: Update static range that will be used for the nodes. + # See minimum range required for the nodes in baremetal/nodes.yaml. + - type: static + start: 10.10.150.20 + end: 10.10.150.39 + dns: + # NEWSITE-CHANGEME: FQDN for bare metal nodes. + # Choose FQDN according to the node FQDN naming conventions at the top of + # this document. + domain: intel-pod15.opnfv.org + # List of upstream DNS forwards. Verify you can reach them from your + # environment. If so, you should not need to change them. + # TODO: This should be populated via substitution from common-addresses + servers: '8.8.8.8,8.8.4.4' +... +--- +schema: 'drydock/NetworkLink/v1' +metadata: + schema: 'metadata/Document/v1' + name: admin + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + bonding: + mode: disabled + mtu: 1500 + linkspeed: auto + trunking: + mode: disabled + default_network: admin + allowed_networks: + - admin +... +--- +schema: 'drydock/Network/v1' +metadata: + schema: 'metadata/Document/v1' + name: admin + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + # NEWSITE-CHANGEME: Update with the site's PXE network CIDR + # NOTE: The CIDR minimum size = (number of nodes * 2) + 10 + cidr: 10.10.151.0/24 + routes: + - subnet: 0.0.0.0/0 + # NEWSITE-CHANGEME: Set the Admin network gateway IP address + gateway: 10.10.151.1 + metric: 100 + # NOTE: The DHCP addresses are used when nodes perform a PXE boot + # (DHCP address gets assigned), and when a node is commissioning in MaaS + # (also uses DHCP to get its IP address). However, when MaaS installs the + # operating system ("Deploying/Deployed" states), it will write a static IP + # assignment to /etc/network/interfaces[.d] with IPs from the "static" + # subnet defined here. + ranges: + # NEWSITE-CHANGEME: Exclude any reserved IPs for the lab. + - type: reserved + start: 10.10.151.1 + end: 10.10.151.19 + # NEWSITE-CHANGEME: Update to the first half of the remaining range after + # excluding the reserved IPs. + - type: static + start: 10.10.151.20 + end: 10.10.151.39 + # NEWSITE-CHANGEME: Update to the second half of the remaining range after + # excluding the reserved IPs. + - type: dhcp + start: 10.10.151.40 + end: 10.10.151.79 + dns: + # NEWSITE-CHANGEME: FQDN for bare metal nodes. + # Choose FQDN according to the node FQDN naming conventions at the top of + # this document. + domain: intel-pod15.opnfv.org + # NEWSITE-CHANGEME: Use MAAS VIP as the DNS server. + # MAAS has inbuilt DNS server and Debian mirror that allows nodes to be + # deployed without requiring routed/internet access for the Admin/PXE interface. + # See data.vip.maas_vip in networks/common-addresses.yaml. + # TODO: This should be populated via substitution from common-addresses + servers: '10.10.151.100' +... +--- +schema: 'drydock/NetworkLink/v1' +metadata: + schema: 'metadata/Document/v1' + name: data1 + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + bonding: + mode: disabled + # NEWSITE-CHANGEME: Ensure the network switches in the environment are + # configured for this MTU or greater. + mtu: 1500 + linkspeed: auto + trunking: + mode: 802.1q + allowed_networks: + - private + - management +... +--- +schema: 'drydock/Network/v1' +metadata: + schema: 'metadata/Document/v1' + name: private + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + # NEWSITE-CHANGEME: Set the VLAN ID which the Private network is on + vlan: '0' + mtu: 1500 + # NEWSITE-CHANGEME: Set the CIDR for the Private network + # NOTE: The CIDR minimum size = number of nodes + 10 + cidr: 10.10.152.0/24 + ranges: + # NEWSITE-CHANGEME: Update to the remaining range excluding (if any) + # reserved IPs. + - type: static + start: 10.10.152.1 + end: 10.10.152.19 +... +--- +schema: 'drydock/Network/v1' +metadata: + schema: 'metadata/Document/v1' + name: management + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + # NEWSITE-CHANGEME: Set the VLAN ID which the Management network is on + vlan: '154' + mtu: 1500 + # NEWSITE-CHANGEME: Set the CIDR for the Management network + # NOTE: The CIDR minimum size = number of nodes + 10 + cidr: 10.10.154.0/24 + ranges: + # NEWSITE-CHANGEME: Update to the remaining range excluding (if any) + # reserved IPs. + - type: static + start: 10.10.154.1 + end: 10.10.154.19 +... +--- +schema: 'drydock/NetworkLink/v1' +metadata: + schema: 'metadata/Document/v1' + name: data2 + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + bonding: + mode: disabled + # NEWSITE-CHANGEME: Ensure the network switches in the environment are + # configured for this MTU or greater. + mtu: 1500 + linkspeed: auto + trunking: + mode: 802.1q + default_network: storage + allowed_networks: + - storage + - public +... +--- +schema: 'drydock/Network/v1' +metadata: + schema: 'metadata/Document/v1' + name: storage + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + # NEWSITE-CHANGEME: Set the VLAN ID which the Storage network is on + vlan: '0' + # NEWSITE-CHANGEME: Ensure the network switches in the environment are + # configured for this MTU or greater. + mtu: 1500 + # NEWSITE-CHANGEME: Set the CIDR for the Storage network + # NOTE: The CIDR minimum size = number of nodes + 10 + cidr: 10.10.153.0/24 + ranges: + # NEWSITE-CHANGEME: Update to the remaining range excludin (if any) + # reserved IPs. + - type: static + start: 10.10.153.1 + end: 10.10.153.19 +... +--- +# The public network for OpenStack VMs. +# NOTE: Only interface 'ens785f0.4000' will be setup, no IPs assigned to hosts +schema: 'drydock/Network/v1' +metadata: + schema: 'metadata/Document/v1' + name: public + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + # NEWSITE-CHANGEME: Set the VLAN ID which the Public network is on + vlan: '4000' + # NEWSITE-CHANGEME: Ensure the network switches in the environment are + # configured for this MTU or greater. + mtu: 1500 + # NEWSITE-CHANGEME: Set the CIDR for the Public network + cidr: 10.10.155.0/24 +... diff --git a/site/intel-pod15/pki/pki-catalog.yaml b/site/intel-pod15/pki/pki-catalog.yaml new file mode 100644 index 0000000..63c3f34 --- /dev/null +++ b/site/intel-pod15/pki/pki-catalog.yaml @@ -0,0 +1,289 @@ +--- +# The purpose of this file is to define the PKI certificates for the environment +# +# NOTE: When deploying a new site, this file should not be configured until +# baremetal/nodes.yaml is complete. +# +schema: promenade/PKICatalog/v1 +metadata: + schema: metadata/Document/v1 + name: cluster-certificates + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + certificate_authorities: + kubernetes: + description: CA for Kubernetes components + certificates: + - document_name: apiserver + description: Service certificate for Kubernetes apiserver + common_name: apiserver + hosts: + - localhost + - 127.0.0.1 + # FIXME: Repetition of api_service_ip in common-addresses; use + # substitution + - 10.96.0.1 + kubernetes_service_names: + - kubernetes.default.svc.cluster.local + + # NEWSITE-CHANGEME: The following should be a list of all the nodes in + # the environment (genesis, control plane, data plane, everything). + # Add/delete from this list as necessary until all nodes are listed. + # For each node, the `hosts` list should be comprised of: + # 1. The node's hostname, as already defined in baremetal/nodes.yaml + # 2. The node's Calico IP address, as already defined in baremetal/nodes.yaml + # NOTE: This list also needs to include the Genesis node, which is not + # listed in baremetal/nodes.yaml, but by convention should be allocated + # the first non-reserved IP in each logical network allocation range + # defined in networks/physical/networks.yaml + # NOTE: The genesis node needs to be defined twice (the first two entries + # on this list) with all of the same paramters except the document_name. + # In the first case the document_name is `kubelet-genesis`, and in the + # second case the document_name format is `kubelet-YOUR_GENESIS_HOSTNAME`. + - document_name: kubelet-genesis + common_name: system:node:pod15-node1 + hosts: + - pod15-node1 + - 10.10.152.21 + groups: + - system:nodes + - document_name: kubelet-pod15-node1 + common_name: system:node:pod15-node1 + hosts: + - pod15-node1 + - 10.10.152.21 + groups: + - system:nodes + - document_name: kubelet-pod15-node2 + common_name: system:node:pod15-node2 + hosts: + - pod15-node2 + - 10.10.152.22 + groups: + - system:nodes + - document_name: kubelet-pod15-node3 + common_name: system:node:pod15-node3 + hosts: + - pod15-node3 + - 10.10.152.23 + groups: + - system:nodes + - document_name: kubelet-pod15-node4 + common_name: system:node:pod15-node4 + hosts: + - pod15-node4 + - 10.10.152.24 + groups: + - system:nodes + - document_name: kubelet-pod15-node5 + common_name: system:node:pod15-node5 + hosts: + - pod15-node4 + - 10.10.152.25 + groups: + - system:nodes + # End node list + - document_name: scheduler + description: Service certificate for Kubernetes scheduler + common_name: system:kube-scheduler + - document_name: controller-manager + description: certificate for controller-manager + common_name: system:kube-controller-manager + - document_name: admin + common_name: admin + groups: + - system:masters + - document_name: armada + common_name: armada + groups: + - system:masters + kubernetes-etcd: + description: Certificates for Kubernetes's etcd servers + certificates: + - document_name: apiserver-etcd + description: etcd client certificate for use by Kubernetes apiserver + common_name: apiserver + # NOTE(mark-burnett): hosts not required for client certificates + - document_name: kubernetes-etcd-anchor + description: anchor + common_name: anchor + # NEWSITE-CHANGEME: The following should be a list of the control plane + # nodes in the environment, including genesis. + # For each node, the `hosts` list should be comprised of: + # 1. The node's hostname, as already defined in baremetal/nodes.yaml + # 2. The node's Calico IP address, as already defined in baremetal/nodes.yaml + # 3. 127.0.0.1 + # 4. localhost + # 5. kubernetes-etcd.kube-system.svc.cluster.local + # NOTE: This list also needs to include the Genesis node, which is not + # listed in baremetal/nodes.yaml, but by convention should be allocated + # the first non-reserved IP in each logical network allocation range + # defined in networks/physical/networks.yaml, except for the kubernetes + # service_cidr where it should start with the second IP in the range. + # NOTE: The genesis node is defined twice with the same `hosts` data: + # Once with its hostname in the common/document name, and once with + # `genesis` defined instead of the host. For now, this duplicated + # genesis definition is required. FIXME: Remove duplicate definition + # after Promenade addresses this issue. + - document_name: kubernetes-etcd-genesis + common_name: kubernetes-etcd-genesis + hosts: + - pod15-node1 + - 10.10.152.21 + - 127.0.0.1 + - localhost + - kubernetes-etcd.kube-system.svc.cluster.local + - 10.96.0.2 + - document_name: kubernetes-etcd-pod15-node1 + common_name: kubernetes-etcd-pod15-node1 + hosts: + - pod15-node1 + - 10.10.152.21 + - 127.0.0.1 + - localhost + - kubernetes-etcd.kube-system.svc.cluster.local + - 10.96.0.2 + - document_name: kubernetes-etcd-pod15-node2 + common_name: kubernetes-etcd-pod15-node2 + hosts: + - pod15-node2 + - 10.10.152.22 + - 127.0.0.1 + - localhost + - kubernetes-etcd.kube-system.svc.cluster.local + - 10.96.0.2 + - document_name: kubernetes-etcd-pod15-node3 + common_name: kubernetes-etcd-pod15-node3 + hosts: + - pod15-node3 + - 10.10.152.23 + - 127.0.0.1 + - localhost + - kubernetes-etcd.kube-system.svc.cluster.local + - 10.96.0.2 + # End node list + kubernetes-etcd-peer: + certificates: + # NEWSITE-CHANGEME: This list should be identical to the previous list, + # except that `-peer` has been appended to the document/common names. + - document_name: kubernetes-etcd-genesis-peer + common_name: kubernetes-etcd-genesis-peer + hosts: + - pod15-node1 + - 10.10.152.21 + - 127.0.0.1 + - localhost + - kubernetes-etcd.kube-system.svc.cluster.local + - 10.96.0.2 + - document_name: kubernetes-etcd-pod15-node1-peer + common_name: kubernetes-etcd-pod15-node1-peer + hosts: + - pod15-node1 + - 10.10.152.21 + - 127.0.0.1 + - localhost + - kubernetes-etcd.kube-system.svc.cluster.local + - 10.96.0.2 + - document_name: kubernetes-etcd-pod15-node2-peer + common_name: kubernetes-etcd-pod15-node2-peer + hosts: + - pod15-node2 + - 10.10.152.22 + - 127.0.0.1 + - localhost + - kubernetes-etcd.kube-system.svc.cluster.local + - 10.96.0.2 + - document_name: kubernetes-etcd-pod15-node3-peer + common_name: kubernetes-etcd-pod15-node3-peer + hosts: + - pod15-node3 + - 10.10.152.23 + - 127.0.0.1 + - localhost + - kubernetes-etcd.kube-system.svc.cluster.local + - 10.96.0.2 + # End node list + calico-etcd: + description: Certificates for Calico etcd client traffic + certificates: + - document_name: calico-etcd-anchor + description: anchor + common_name: anchor + # NEWSITE-CHANGEME: The following should be a list of the control plane + # nodes in the environment, including genesis. + # For each node, the `hosts` list should be comprised of: + # 1. The node's hostname, as already defined in baremetal/nodes.yaml + # 2. The node's Calico IP address, as already defined in baremetal/nodes.yaml + # 3. 127.0.0.1 + # 4. localhost + # 5. The calico/etcd/service_ip defined in networks/common-addresses.yaml + # NOTE: This list also needs to include the Genesis node, which is not + # listed in baremetal/nodes.yaml, but by convention should be allocated + # the first non-reserved IP in each logical network allocation range + # defined in networks/physical/networks.yaml + - document_name: calico-etcd-pod15-node1 + common_name: calico-etcd-pod15-node1 + hosts: + - pod15-node1 + - 10.10.152.21 + - 127.0.0.1 + - localhost + - 10.96.232.136 + - document_name: calico-etcd-pod15-node2 + common_name: calico-etcd-pod15-node2 + hosts: + - pod15-node2 + - 10.10.152.22 + - 127.0.0.1 + - localhost + - 10.96.232.136 + - document_name: calico-etcd-pod15-node3 + common_name: calico-etcd-pod15-node3 + hosts: + - pod15-node3 + - 10.10.152.23 + - 127.0.0.1 + - localhost + - 10.96.232.136 + - document_name: calico-node + common_name: calcico-node + # End node list + calico-etcd-peer: + description: Certificates for Calico etcd clients + certificates: + # NEWSITE-CHANGEME: This list should be identical to the previous list, + # except that `-peer` has been appended to the document/common names. + - document_name: calico-etcd-pod15-node1-peer + common_name: calico-etcd-pod15-node1-peer + hosts: + - pod15-node1 + - 10.10.152.21 + - 127.0.0.1 + - localhost + - 10.96.232.136 + - document_name: calico-etcd-pod15-node2-peer + common_name: calico-etcd-pod15-node2-peer + hosts: + - pod15-node2 + - 10.10.152.22 + - 127.0.0.1 + - localhost + - 10.96.232.136 + - document_name: calico-etcd-pod15-node3-peer + common_name: calico-etcd-pod15-node3-peer + hosts: + - pod15-node3 + - 10.10.152.23 + - 127.0.0.1 + - localhost + - 10.96.232.136 + - document_name: calico-node-peer + common_name: calcico-node-peer + # End node list + keypairs: + - name: service-account + description: Service account signing key for use by Kubernetes controller-manager. +... diff --git a/site/intel-pod15/profiles/hardware/intel-pod15.yaml b/site/intel-pod15/profiles/hardware/intel-pod15.yaml new file mode 100644 index 0000000..207ee94 --- /dev/null +++ b/site/intel-pod15/profiles/hardware/intel-pod15.yaml @@ -0,0 +1,94 @@ +--- +schema: 'drydock/HardwareProfile/v1' +metadata: + schema: 'metadata/Document/v1' + name: intel-pod15 + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + # Vendor of the server chassis + vendor: Intel + # Generation of the chassis model + generation: '4' + # Version of the chassis model within its generation - not version of the hardware definition + hw_version: '3' + # The certified version of the chassis BIOS + bios_version: 'SE5C610.86B.01.01.0019.101220160604' + # Mode of the default boot of hardware - bios, uefi + boot_mode: bios + # Protocol of boot of the hardware - pxe, usb, hdd + bootstrap_protocol: pxe + # Which interface to use for network booting within the OOB manager, not OS device + pxe_interface: 0 + + # Map hardware addresses to aliases/roles to allow a mix of hardware configs + # in a site to result in a consistent configuration + + device_aliases: + ## network + # $ sudo lspci |grep -i ethernet + # 02:00.0 Ethernet controller: Intel Corporation 82599ES 10-Gigabit SFI/SFP+ Network Connection (rev 01) + # 02:00.1 Ethernet controller: Intel Corporation 82599ES 10-Gigabit SFI/SFP+ Network Connection (rev 01) + # 04:00.0 Ethernet controller: Intel Corporation I350 Gigabit Network Connection (rev 01) + # 04:00.3 Ethernet controller: Intel Corporation I350 Gigabit Network Connection (rev 01) + # control networks + # eno1 + ctrl_nic1: + address: '0000:03:00.0' + dev_type: 'I350 Gigabit Network Connection' + bus_type: 'pci' + # eno2 + ctrl_nic2: + address: '0000:03:00.3' + dev_type: 'I350 Gigabit Network Connection' + bus_type: 'pci' + + # data networks + # ens785f1 + data_nic1: + address: '0000:05:00.1' + dev_type: '82599ES 10-Gigabit SFI/SFP+ Network Connection' + bus_type: 'pci' + # ens785f0 + data_nic2: + address: '0000:05:00.0' + dev_type: '82599ES 10-Gigabit SFI/SFP+ Network Connection' + bus_type: 'pci' + + ## storage + # $ sudo lshw -c disk + # *-disk + # description: ATA Disk + # product: INTEL SSDSC2BB58 + # physical id: 0.0.0 + # bus info: scsi@0:0.0.0 + # logical name: /dev/sda + # version: 0101 + # size: 447GiB (480GB) + # *-disk + # description: ATA Disk + # product: TOSHIBA MG03ACA1 + # physical id: 0.0.0 + # bus info: scsi@1:0.0.0 + # logical name: /dev/sdb + # version: FL2H + # size: 931GiB (1TB) + # /dev/sda + bootdisk: + address: '0:0.0.0' + dev_type: 'SSDSC2BB48' + bus_type: 'scsi' + # /dev/sdb + datadisk: + address: '1:0.0.0' + dev_type: 'MG03ACA1' + bus_type: 'scsi' + cpu_sets: + kvm: '4-43,48-87' + hugepages: + dpdk: + size: '1G' + count: 32 +... diff --git a/site/intel-pod15/profiles/host/cp-intel-pod15.yaml b/site/intel-pod15/profiles/host/cp-intel-pod15.yaml new file mode 100644 index 0000000..5708f12 --- /dev/null +++ b/site/intel-pod15/profiles/host/cp-intel-pod15.yaml @@ -0,0 +1,105 @@ +--- +# The primary control plane host profile for Airship for DELL R720s, and +# should not need to be altered if you are using matching HW. The active +# participants in the Ceph cluster run on this profile. Other control plane +# services are not affected by primary vs secondary designation. +schema: drydock/HostProfile/v1 +metadata: + schema: metadata/Document/v1 + name: cp-intel-pod15 + storagePolicy: cleartext + layeringDefinition: + abstract: false + layer: site + parentSelector: + hosttype: cp-global + actions: + - method: replace + path: .interfaces + - method: replace + path: .storage + - method: merge + path: . +data: + hardware_profile: intel-pod15 + + primary_network: dmz + interfaces: + dmz: + device_link: dmz + slaves: + - ctrl_nic1 + networks: + - dmz + admin: + device_link: admin + slaves: + - ctrl_nic2 + networks: + - admin + data1: + device_link: data1 + slaves: + - data_nic1 + networks: + - private + - management + data2: + device_link: data2 + slaves: + - data_nic2 + networks: + - storage + - public + + storage: + physical_devices: + bootdisk: + labels: + bootdrive: 'true' + partitions: + - name: 'root' + size: '30g' + bootable: true + filesystem: + mountpoint: '/' + fstype: 'ext4' + mount_options: 'defaults' + - name: 'boot' + size: '1g' + filesystem: + mountpoint: '/boot' + fstype: 'ext4' + mount_options: 'defaults' + - name: 'var_log' + size: '100g' + filesystem: + mountpoint: '/var/log' + fstype: 'ext4' + mount_options: 'defaults' + - name: 'var' + size: '>100g' + filesystem: + mountpoint: '/var' + fstype: 'ext4' + mount_options: 'defaults' + + datadisk: + partitions: + - name: 'ceph' + size: '99%' + filesystem: + mountpoint: '/var/lib/ceph' + fstype: 'ext4' + mount_options: 'defaults' + + platform: + image: 'xenial' + kernel: 'hwe-16.04' + kernel_params: + kernel_package: 'linux-image-4.15.0-46-generic' + + metadata: + owner_data: + openstack-l3-agent: enabled +... diff --git a/site/intel-pod15/profiles/host/dp-intel-pod15.yaml b/site/intel-pod15/profiles/host/dp-intel-pod15.yaml new file mode 100644 index 0000000..25e8b52 --- /dev/null +++ b/site/intel-pod15/profiles/host/dp-intel-pod15.yaml @@ -0,0 +1,112 @@ +--- +# The data plane host profile for Airship for DELL R720s, and should +# not need to be altered if you are using matching HW. The host profile is setup +# for cpu isolation (for nova pinning), hugepages, and sr-iov. +schema: drydock/HostProfile/v1 +metadata: + schema: metadata/Document/v1 + name: dp-intel-pod15 + storagePolicy: cleartext + layeringDefinition: + abstract: false + layer: type + parentSelector: + hosttype: dp-global + actions: + - method: replace + path: .interfaces + - method: replace + path: .storage + - method: merge + path: . +data: + hardware_profile: intel-pod15 + + primary_network: dmz + interfaces: + dmz: + device_link: dmz + slaves: + - ctrl_nic1 + networks: + - dmz + admin: + device_link: admin + slaves: + - ctrl_nic2 + networks: + - admin + data1: + device_link: data1 + slaves: + - data_nic1 + networks: + - private + - management + data2: + device_link: data2 + slaves: + - data_nic2 + networks: + - storage + - public + + storage: + physical_devices: + bootdisk: + labels: + bootdrive: 'true' + partitions: + - name: 'root' + size: '30g' + bootable: true + filesystem: + mountpoint: '/' + fstype: 'ext4' + mount_options: 'defaults' + - name: 'boot' + size: '1g' + filesystem: + mountpoint: '/boot' + fstype: 'ext4' + mount_options: 'defaults' + - name: 'log' + size: '100g' + filesystem: + mountpoint: '/var/log' + fstype: 'ext4' + mount_options: 'defaults' + - name: 'var' + size: '>100g' + filesystem: + mountpoint: '/var' + fstype: 'ext4' + mount_options: 'defaults' + + datadisk: + partitions: + - name: 'ceph' + size: '99%' + filesystem: + mountpoint: '/var/lib/ceph' + fstype: 'ext4' + mount_options: 'defaults' + + platform: + image: 'xenial' + kernel: 'hwe-16.04' + kernel_params: + kernel_package: 'linux-image-4.15.0-46-generic' + intel_iommu: 'on' + iommu: 'pt' + amd_iommu: 'on' + cgroup_disable: 'hugetlb' + transparent_hugepage: 'never' + hugepagesz: 'hardwareprofile:hugepages.dpdk.size' + hugepages: 'hardwareprofile:hugepages.dpdk.count' + default_hugepagesz: 'hardwareprofile:hugepages.dpdk.size' + isolcpus: 'hardwareprofile:cpuset.kvm' + metadata: + owner_data: + sriov: enabled +... diff --git a/site/intel-pod15/profiles/region.yaml b/site/intel-pod15/profiles/region.yaml new file mode 100644 index 0000000..fd8d987 --- /dev/null +++ b/site/intel-pod15/profiles/region.yaml @@ -0,0 +1,60 @@ +--- +# The purpose of this file is to define the drydock Region, which in turn drives +# the MaaS region. +schema: 'drydock/Region/v1' +metadata: + schema: 'metadata/Document/v1' + # NEWSITE-CHANGEME: Replace with the site name + name: intel-pod15 + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext + substitutions: + - dest: + path: .repositories.main_archive + src: + schema: pegleg/SoftwareVersions/v1 + name: software-versions + path: .packages.repositories.main_archive + # NEWSITE-CHANGEME: Substitutions from deckhand SSH public keys into the + # list of authorized keys which MaaS will register for the build-in "ubuntu" + # account during the PXE process. Create a substitution rule for each SSH + # key that should have access to the "ubuntu" account (useful for trouble- + # shooting problems before UAM or UAM-lite is operational). SSH keys are + # stored as secrets in site/seaworthy/secrets. + - dest: + # Add/replace the item in the list + path: .authorized_keys[0] + src: + schema: deckhand/PublicKey/v1 + # This should match the "name" metadata of the SSH key which will be + # substituted, located in site/intel-pod15/secrets folder. + name: sridhar_ssh_public_key + path: . + - dest: + # Increment the list index + path: .authorized_keys[1] + src: + schema: deckhand/PublicKey/v1 + # your ssh key + name: mfix_ssh_public_key + path: . + - dest: + # Increment the list index + path: .authorized_keys[2] + src: + schema: deckhand/PublicKey/v1 + # your ssh key + name: cedric_ssh_public_key + path: . +data: + tag_definitions: [] + # This is the list of SSH keys which MaaS will register for the built-in + # "ubuntu" account during the PXE process. This list is populated by + # substitution, so the same SSH keys do not need to be repeated in multiple + # manifests. + authorized_keys: [] + repositories: + remove_unlisted: true +... diff --git a/site/intel-pod15/secrets/certificates/certificates.yaml b/site/intel-pod15/secrets/certificates/certificates.yaml new file mode 100755 index 0000000..6a3e57a --- /dev/null +++ b/site/intel-pod15/secrets/certificates/certificates.yaml @@ -0,0 +1,2456 @@ +--- +data: | + -----BEGIN CERTIFICATE----- + MIIDSDCCAjCgAwIBAgIUdJelWxycorv7UHpR0av2SMOejG8wDQYJKoZIhvcNAQEL + BQAwKjETMBEGA1UEChMKS3ViZXJuZXRlczETMBEGA1UEAxMKa3ViZXJuZXRlczAe + Fw0xOTEyMTUwMzQ1MDBaFw0yNDEyMTMwMzQ1MDBaMCoxEzARBgNVBAoTCkt1YmVy + bmV0ZXMxEzARBgNVBAMTCmt1YmVybmV0ZXMwggEiMA0GCSqGSIb3DQEBAQUAA4IB + DwAwggEKAoIBAQDEJxIm1fY9bNVNYa7OQ1xkuhmw4RnPD0lXZ65OhJ+NB//NDU7+ + Gp5mRHFkpWaPx0zl67U2nuaI3Uzvvo+Tg2s9VHRQezzBVFhgWyZumOiIxgBeawhg + B9VkOwQDrXxjadYFCtIL00VsE5YF6qUzXvX0aBuNZ8NuLL4491ReNP96I8ama1N7 + 6bXGGUUPY4GZS4Xn88d6R5xxvH1chMaMotSwvtj9qk9FZLP4jqCRCpsnjwJbz7e0 + U60DfGOnfzs0iGer9cqI191fQVVYYuQ0MIe4/m3Hwltcb2+/emTC31ZqxqHZpHhs + 5BWhGQn2hibwiiMZX1x1SWNAFNTrKCVeLfaRAgMBAAGjZjBkMA4GA1UdDwEB/wQE + AwIBBjASBgNVHRMBAf8ECDAGAQH/AgECMB0GA1UdDgQWBBSh7lNxbWgZTJ6JFE0t + xStgHKxjwzAfBgNVHSMEGDAWgBSh7lNxbWgZTJ6JFE0txStgHKxjwzANBgkqhkiG + 9w0BAQsFAAOCAQEADl0IAa6hee1cclBvb3WXPyT4j3P3fCpzUrD0G/L3HLzEgM7b + iYDrSE+GHfQ8bjx1UaTMSIvAnBNsv7upwqIJuoXG3lJx/9roHPmtGwwGv6z++GwI + gtl87B/LHtW2jVZ7dymJHrUjS6bp1EBPQFj0Rn+pAeBGOclucXOWn14MFjwPLH6Y + wK+T76gX0v5LpTZYb6VwmBst6obpS3RM/gi9VH70nq4jYoKLDYOvWZzZ94XEE0/C + SRE5hH21MbEnY6wy6heFTWYDkZWcHfrntYZDHWIYAMB12xv9P8KUl2Ena01FFL6b + fjPFbeZ0024MuaHYCpfZu6r1nqFhnfvLTxAGRQ== + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubernetes + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateAuthority/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIIDUjCCAjqgAwIBAgIUKGkHzTXaivBQ+gUwIGCuqNdTRUYwDQYJKoZIhvcNAQEL + BQAwLzETMBEGA1UEChMKS3ViZXJuZXRlczEYMBYGA1UEAxMPa3ViZXJuZXRlcy1l + dGNkMB4XDTE5MTIxNTAzNDUwMFoXDTI0MTIxMzAzNDUwMFowLzETMBEGA1UEChMK + S3ViZXJuZXRlczEYMBYGA1UEAxMPa3ViZXJuZXRlcy1ldGNkMIIBIjANBgkqhkiG + 9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwaK9O3pc8epDF/X4wjkTpxWshaTHI3Smjzp + wQMcPlu+T8W2tLsifbptgMce2qOMz5wM0RnMrp3c3sG6ajJFKAiS78MM+4I1q2Jb + buKG1661eoIdYteZMmVRRr4UJwmsmgyR4uqhSTGi6oasmuhK6kiszEI4dcyJNeWv + 59mqdEr/k0lSmAjgKv2NXrlIhtSKmwvEfdFlgKBMU+nuLRkR3HYVb0SKfZG+DuRs + cceE/ZPfT1pmz+z3ghDTKuH668UOT6b0AHS9nfWE/IVn+tDOOlWYO+259cGnnrlm + FbAKFoBIf9NonrYvePkbsVgqQBeFxzwS+upEbHPh/WAJcPYhFwIDAQABo2YwZDAO + BgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBAjAdBgNVHQ4EFgQUFDHZ + NBr3Zu1wNNAcoJhvzFZv7pEwHwYDVR0jBBgwFoAUFDHZNBr3Zu1wNNAcoJhvzFZv + 7pEwDQYJKoZIhvcNAQELBQADggEBAHOqogGrCi3EK0YB4z0lF5tmT0g+i4DC76Sd + +Riw713TdyQV20srigiReaCxSctvVhWOxA3t154lpbwbOwvxqC8mXbFSZ5Cr2EVJ + 56cDpBm2HH7a0fq0Ds4Ywh9tCqR3DgGczpTG5Zn/zdDx/WmE4QHCqqKWQSkuNhn2 + eGouU5mI6JRGCUiOMvOKdFJMcIThewKLbBigkS3kZ/zLBDZAp+HWc8xH4JEywFsE + sktq5xIeXOgeBAkTX1sSmXoUFXl6E4mUv4wBYAqG1zTgtuhnpqnJK4BBScq0gKj7 + fux6YyKy5KwRT/2Z/WVNgUz4O7Ts5Dr1ozWz7lY6EwR0ajP0PV4= + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubernetes-etcd + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateAuthority/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIIDXDCCAkSgAwIBAgIUa1+yWTRwV+ypIPLV7nBySUS+w14wDQYJKoZIhvcNAQEL + BQAwNDETMBEGA1UEChMKS3ViZXJuZXRlczEdMBsGA1UEAxMUa3ViZXJuZXRlcy1l + dGNkLXBlZXIwHhcNMTkxMjE1MDM0NjAwWhcNMjQxMjEzMDM0NjAwWjA0MRMwEQYD + VQQKEwpLdWJlcm5ldGVzMR0wGwYDVQQDExRrdWJlcm5ldGVzLWV0Y2QtcGVlcjCC + ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN/aNSzPmcyRrmmM33YsSDzO + 8p8uT/v3eMk6O6lWPbp59J06O1sjgqP8NEObgZfr19bgs5UieZ5E5RCHsrTndzE4 + BhViPPQ1A8p57hckifHpFUwK4oomMUbsMdUNVc7K6XrM6IeR2yTzijLt8VKD2lG4 + TEbiKhCMoLw5MM9S19IZvRA0CITr+vRjDhpqsBysusO7DUS5bYte8ilsQL1LFYIL + g4di0CFBM2TRGkKQQKt1EQ7b4QqgCnK1fcX1BMRwYE9AoW8yrQ+qK7VqXoWS5VwJ + gRTEz7PrahBO55JtJ5KOqyOuSLhpamTTqC9aFEXNV8aMZdZfPvjxYQwWNf2TAFsC + AwEAAaNmMGQwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQIwHQYD + VR0OBBYEFKr2D34PW5AKaX1UUp9WtygIrygOMB8GA1UdIwQYMBaAFKr2D34PW5AK + aX1UUp9WtygIrygOMA0GCSqGSIb3DQEBCwUAA4IBAQC+YoGJ3Kt8J5LAn+EaePq/ + jmsNRYIuj1g7M4KxAEjG7oLnOJvEzygEYaTEUI1uN0Oet8gWTvcOcTk1YZ0kdfKV + 0H4l/P+OwoVN3f5X0Xk6ZQyTWHw7+TrnNPpbpDqBkODg2rpogYowT+W2wTO5yXR/ + 17BBeWdb77tOzh3Krg4o2MMm74wF4FDBvMCgZ4xDlev+wvlRRogZ969y8K8c47b+ + bfqt1sAoax9dEwagSttX0kLi9yVKDMerZtDz86QdMpmzC64yqTd0LiLuSi/Pdphu + IgpNP8OBt0fuNDgfeqCXjTPTQJ1KBjD2SBAHSyIlk80F1Qr9JXQWLJRcVKOpSI95 + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubernetes-etcd-peer + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateAuthority/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIIDSjCCAjKgAwIBAgIUfcVLKpbbFByekAPQT+jIviRWd3IwDQYJKoZIhvcNAQEL + BQAwKzETMBEGA1UEChMKS3ViZXJuZXRlczEUMBIGA1UEAxMLY2FsaWNvLWV0Y2Qw + HhcNMTkxMjE1MDM0NjAwWhcNMjQxMjEzMDM0NjAwWjArMRMwEQYDVQQKEwpLdWJl + cm5ldGVzMRQwEgYDVQQDEwtjYWxpY28tZXRjZDCCASIwDQYJKoZIhvcNAQEBBQAD + ggEPADCCAQoCggEBANJLb3IV/fXfI0LKe5y/2lBL9PJGie69Cz5CWyPIplr+r4XM + ktri7ljK5lz1W1huZa8YvLWr430Ic6Zzsq4GryKowChDRkCZJ9O2U46bLBl0BLe4 + w1OtSDel4RVMeTk7BMjhNYZWQYTeHd4JdDaTZosa0ezhxqU0iLY8ADokEtPi3qdx + nizBA6pLl0NibakQ1cphyK2hCeBwT6VsAuMvwrronRoCjreMyVJmiNF2PKLBsKl3 + NR1Vf7W3WkiMKviq0D7iT0NQxaQcd8h5iT6BWQhM9sofYAlLqZ4QzcexNnWbNlLg + Mm5BlNGx2WvsumA1zKR3a7T7/wh0581Fi0LhT48CAwEAAaNmMGQwDgYDVR0PAQH/ + BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQIwHQYDVR0OBBYEFMJnaGNECRgVN42A + TvYqehbEBI6sMB8GA1UdIwQYMBaAFMJnaGNECRgVN42ATvYqehbEBI6sMA0GCSqG + SIb3DQEBCwUAA4IBAQB45ezEMQELk1leJYENJS3bvEaKHFNgAFpADUBXRnfD8Fy5 + /Ji+nYsWGFdImSDt24razbw+7H4HBgQrELw+hVMgkhHPTdZgFExm0bu1TJDvJ3Rk + yXOCT64gKFWb+krmuTufyT0Ic53v7uUxqwtys+BvAZAJOboueCMv949xAc2ZaXax + ssFzwXsevM3P3wbF6JLS8bqE03S2aWBpNBsDDEaCF9G7imGCmkg/k9TKAzHEp97j + rAOGwJix1YQmRneZEPOo0PWFqDS0JJx8lSN7N8G1IbdxTlIPPuLyvtx5jfQhbrPP + js/eV4N7JzGw34W0sY/h/RaUd1iKJE/bUPkB4bmL + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: calico-etcd + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateAuthority/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIIDVDCCAjygAwIBAgIUZMOvPKBPJ3zK9tr7Pcmj6WPmHf4wDQYJKoZIhvcNAQEL + BQAwMDETMBEGA1UEChMKS3ViZXJuZXRlczEZMBcGA1UEAxMQY2FsaWNvLWV0Y2Qt + cGVlcjAeFw0xOTEyMTUwMzQ2MDBaFw0yNDEyMTMwMzQ2MDBaMDAxEzARBgNVBAoT + Ckt1YmVybmV0ZXMxGTAXBgNVBAMTEGNhbGljby1ldGNkLXBlZXIwggEiMA0GCSqG + SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFAgF9vAt4IYoSHAoW0Knp708eKMe0GO36 + HCFr95HYaQ1ww4eSi56xi6FdF0TMCTGex+WSkzHnufNM1LjAp5Dgu3C3GgW0Gfm/ + rkPtW7FNnHdUgRm1U02qzRUo8YXj4OYKSL/15JrNCCV3iC97aBccYmsDuKh2ktM5 + CZNOhHpXyHbOmBGup7pW5k/yeOFUW1oo7jhWoi1nr+/69kebjcsZa/LQhZBKe91M + wyloRrrwAB3hmHbEyOEAPgZVhXVXyIDsoIiMJI1Mp2wq2/TUcVKvVBenwazEAp/b + UyxvQ5I5BW4lzLvLyZR1vOIBjS78hPuHnNHqfdUtibQFli/ikdOXAgMBAAGjZjBk + MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgECMB0GA1UdDgQWBBS0 + IBvCEFyceh5MvvW1+n98/fwOrDAfBgNVHSMEGDAWgBS0IBvCEFyceh5MvvW1+n98 + /fwOrDANBgkqhkiG9w0BAQsFAAOCAQEAkrSHoT9YHi8pgjxO6vZmdTPe36gF/nk2 + csX+VJxbhWGE0a/7Qr22wSN831BGzjeJh5wV4CE4s2C/SkGG6fvxFrW05gtX8cOU + rcG7ru8xnWdnXM0UsCsKbeGpKWGkTcBeuQ6Zc+9WRDCzbQDSXBQUwqSHHJy5UX3g + tDDFbc1uWNmedqU78a9n120g8IIEOHLh3Zm6WUk+Ho81NKNzigamROjviCDfuSdQ + pYfuuLDruU2ngBBG24IUYuDU0+Q4iNcgCT/SjwoHhzm83Zw39647LDZURckM3mHj + y6zXCJ7hC86/Tj6JuHp/7tGevBWp1MDvkD1ZE85bF3hhbvBf3y2Lsw== + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: calico-etcd-peer + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateAuthority/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEpAIBAAKCAQEAxCcSJtX2PWzVTWGuzkNcZLoZsOEZzw9JV2euToSfjQf/zQ1O + /hqeZkRxZKVmj8dM5eu1Np7miN1M776Pk4NrPVR0UHs8wVRYYFsmbpjoiMYAXmsI + YAfVZDsEA618Y2nWBQrSC9NFbBOWBeqlM1719GgbjWfDbiy+OPdUXjT/eiPGpmtT + e+m1xhlFD2OBmUuF5/PHekeccbx9XITGjKLUsL7Y/apPRWSz+I6gkQqbJ48CW8+3 + tFOtA3xjp387NIhnq/XKiNfdX0FVWGLkNDCHuP5tx8JbXG9vv3pkwt9Wasah2aR4 + bOQVoRkJ9oYm8IojGV9cdUljQBTU6yglXi32kQIDAQABAoIBAHZltvkmEPnGpYGN + wrvRwQUzp6oyVSe8bGKLvJS8TKoN+ANHUzTh0FaeXWuIwr1qaSom+jy78R8PpQ7Z + EUTTAHoGbibeHC/9v1J58lqzhTh5e2OCa427bLyROr0VjI1dJsfoXhyxK6guslFj + 7s9xNDiQVoEl7rqj2zX7ZDtw9fw8aK/HIb79yYxcm7FNunoGjBe/uu24nF6sIMuj + R02qE9I8eUUqhMDtaBU7kHMmChM+0Zq8D2kK34r7j3K3T9gQby/HxWdBEmVpN8Um + 8x+0Qbd/sdJK0XW7GQEkokyMrZfbew5I/0qIqyzyuSFt1+VAkiMIDM5a46NWaOzf + smawnTkCgYEAz6xsmxy1dQUXc/28WochMM4sWr4eXF9qWa8osCurgfklraur9Zgo + nqifN1LPdb8MMqVr0Bh0XGEFtlvOFPC+5FmV7veJwJNFDFZw8/z+8nydNA6H/9M8 + b8ZrEOxAANEiUf30pnGoxknvX1SWTL65QbF8Nin/HAPH6o1NxKtLrJMCgYEA8cxR + /FkL12JDX2q3tUpbee9DJ9fFhhJyctaVL5k/EdGf9F3WeS8AGUgYETM2nv/mUyOH + KRs61M9HMvt6qy5C2H+XVjWCmURHyYDmBBrTm4B6EUollesYu9bak0pToTW2+5nB + NJjnYFZPJiWWRy5A61Ke5u92HccP8HEH00s0KssCgYEAkjIX4ro7I74J3KXrSu+F + 9g2uO9NLHEwvWiNsyVh0zHLQi4om7CXJsqeSLigl1AZCWAUL+Nq+T6odk1rdoPA5 + 8hb+7dNlLiR+n0jbC2g3Mg13vYXdR8M08JsGFEu8YtbXClF1QRcScUTrNnkdtbku + QYjooFjANsCSpBQFg0XzZ/ECgYEA0SoiMd0FtUe3aC70w8qS3yPuP+UTZStH/bdK + TmaOfGeNquIRybqypywKRba7pUdQgtLU9OYtOjIkMSIBt1rJUGbvDxAy7Up3nwP1 + 9c8PBhFZhuNRKCK6vqLZaVh+h5HjvDoBO/KZFGkVBra1DNYiKm7KLpMu5gtw6lmc + n1cKxYkCgYB6PqN37EeRfiFhxTFTwf/J1o4sx96wY6ZRom4bta0xA3LayHR5xK9O + y0xi0vmH2Hl/SYHpOqB2w0nqPb/VRgM9drPE+Fr/8WL11Efopd51ImMOtqLhHW1S + z9fYuZRAoSj3v9uZilvturnY5atCBItqO70XMjSvYnvlmpvsnWNTGg== + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubernetes + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateAuthorityKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEpAIBAAKCAQEAtwaK9O3pc8epDF/X4wjkTpxWshaTHI3SmjzpwQMcPlu+T8W2 + tLsifbptgMce2qOMz5wM0RnMrp3c3sG6ajJFKAiS78MM+4I1q2JbbuKG1661eoId + YteZMmVRRr4UJwmsmgyR4uqhSTGi6oasmuhK6kiszEI4dcyJNeWv59mqdEr/k0lS + mAjgKv2NXrlIhtSKmwvEfdFlgKBMU+nuLRkR3HYVb0SKfZG+DuRscceE/ZPfT1pm + z+z3ghDTKuH668UOT6b0AHS9nfWE/IVn+tDOOlWYO+259cGnnrlmFbAKFoBIf9No + nrYvePkbsVgqQBeFxzwS+upEbHPh/WAJcPYhFwIDAQABAoIBAQC3ANLGTnCj9Nqh + 5d9eQlDODWJeVVYpMeGHmSp9dFe0PlWPO/kQwyCcqGC/Z9oA8ZFlMPpbxbk0S+JB + 1WFIuBUQD2qkU9pSTQLO59zWhaggVq9c3Gb3ou2qR0Y6Puq1keXEbpccVlCIeBoW + +Cv0BBqMIbitz/TWTHpRquT1JV5bQcKhIAvLvPXQvNfRP1s276l4GeB7jfgJ8Lnr + NFizCBGDDTBJkbEptNetDT+zfniHTeVB1lUs4q8ZNA7Mxh8DuIW8PaiMcx5GJ3UI + uYIU1m1+wFnfIxzokO+Q5XVlSnu8cKJZjZuY4Vd8itjxUSqKSwETegCBw9uHg77O + NXfld5JhAoGBAMFU4RT63KWn+Yu1XNmsvnN3oGmGf3AGztpiqXafChO2cm9DKEKh + aA8u6Kj7PhBgIb33+zRGsuMiMqA9bE8e2UzFOQvN1LOqhfgSlrLEtoR0XkLSxXjx + Vk/7aV1SXj96s88DCJ716rKTZ24HXq+acqj7eUwBqb79+/BG5HIQI5SRAoGBAPJa + clT4BvTwalbnmfYSfcGRUQOpgGEm2mlUFed8vcBiNJgr+Ewk4aqF+GCeF115CbXs + s7DVdk4Jjq7AA4Hj7tkrT+mWjhq8n1III/3cvlXtHo7cPWqM4DqzsHUbiFMSm1pa + wOY9FpqVfyesJW391rrKWakdqycNhAS5DGM7dg8nAoGAPJJQVtdmDAy9tZTj+1sQ + 7HJdctJt2PZ5Fpj0yTJ44MY3wj5DPeT+CkvDHzZgMpc72x33uWAxKdKMFAJKjdt3 + b4MXJWierI/Pm3KPfoD9QjCHW95XelX6meKGF3P4DWFvNnuX1t3rY3mlXSa39sKo + C+OGFFctDKbcqWI8rrP5wdECgYEAoP6UlP1vIafT/Ic+L8l44O2388bWEbPNw8qo + Am9LXlHevnf3Kh4WC0GUDhr3SpDtcn0boY0sWgrfThcgPVk9gebT30i0fe5vp/7g + afQKPOqYMi78XZvYGSblQeZYWVcy/ILtQgWyzl4hailhc//8dXmWtlGPMRI5cSm8 + oO8PLmECgYA0svlz4uRD/TsYoMo5jmHw5ihWMICBkJVIcgv3mzsiw7854JqLTuDA + XDAvtHGJXDfAkOoUNhbvEqTBsyXaPjIgo6A/0CYOK0hDZPb6SIyOFR380Vy4D+Vf + 2EtYBuocbPkbn6wtsFbUTyp7FJb1DDSxTmM28atdmjGUBDPrwDm6Sg== + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubernetes-etcd + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateAuthorityKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEpAIBAAKCAQEA39o1LM+ZzJGuaYzfdixIPM7yny5P+/d4yTo7qVY9unn0nTo7 + WyOCo/w0Q5uBl+vX1uCzlSJ5nkTlEIeytOd3MTgGFWI89DUDynnuFySJ8ekVTAri + iiYxRuwx1Q1Vzsrpeszoh5HbJPOKMu3xUoPaUbhMRuIqEIygvDkwz1LX0hm9EDQI + hOv69GMOGmqwHKy6w7sNRLlti17yKWxAvUsVgguDh2LQIUEzZNEaQpBAq3URDtvh + CqAKcrV9xfUExHBgT0ChbzKtD6ortWpehZLlXAmBFMTPs+tqEE7nkm0nko6rI65I + uGlqZNOoL1oURc1Xxoxl1l8++PFhDBY1/ZMAWwIDAQABAoIBAEAiy+N344/qGXei + Zg/8pgHOJVOYOFBv2gqFhbyBuhPohz5ZBdKZ/P8w7mSEdH/rkZ6+KJXNF91RzfOL + fZc5Tjwq2gtcZyxs2BY2ExJMZL2L049C+x8rzCiO2cQ6GuCx4G1PsjvNfWU75der + tt22a2HIlQomGHk/YXosRKDSEoXeUo0tc+02iRNIyC3EwWiFV2HfBSofS6d3jPYe + mjBJ4eQa0zkQHs78OaVDfnGbWIvjVUdmod1+5C6sl2FyeuaWsHX1hKxgY9D/7yTT + cyz/7sI4BItAQStZIikdaMu47wpnMEtzCAcVHLAxwdJZxbiZU42is0eAYN/WBYf4 + N7gw9KECgYEA4PVv2BbBjrE9a4v8uBHp2dOszI0ehAhyG1EJwRp1Ql4KBmGQG71V + qziorTBh6eZtGkCAaLw5gFo3NAV4QJpipJ/I7007YFkj7Wj7ztBhsT/jXxSfGjy/ + iaRw8SPR3dM3lvXLW+okwNKs/T7Bb4lq1HuMnPnutgVd2pQiGlZws5ECgYEA/r2w + ZEGvsDqPSjPVox0rjz3fEOpe6c0Mfah33zywyw5YgiAlknDintowsSuD6mRlpxDy + DPBpwunJjxsjxjxUEZieJdtiK+6oYVOpzL1e9igG5rezV/iUDvai/4KjYEeCq32x + lAIFE/NTdEfl/IukyMHXNj3UbIkxpNg1/YRN5ysCgYBvNufkXNu0P8utr7dxCOoj + 1pJHTj0X6VUATEAWR45REUzDethT3nbL/2bkuFav3Etz/w98uBF1cyR3g3y/85Nw + 783XAMeqCmfIp25WAI9Lodo212sQ/Zdz5OgxTxQiJpoE999hwZAKBB2h1bSr/7Pg + +HO755QsSNrthO6XNsThAQKBgQC6gEwdCo5C+oyfqdV2R0v14jlnHAADMlE7ylSA + xuE0uLsKAdkgHq9714ignZhFyd02dEySNo1n21vq/taxMsfl3hOi6bw1J9R09Riy + wc49b86lqcaO2HolfmKVqKJOQeyj+zFAiD4JfjMSRfVWcTJinLAgkSHtmIAVDQpy + IiQa4wKBgQCpLeJQaJPoQFYS6YcfwflJUO5IYvwwZZ0L0yM0PG7DF0wfeE6EEc++ + elCELFbVrfxAUWRMVxIAGwpoI8Z6xLkEr4apv/mD0tGd1MiCi25Ra13+6PLKNGsq + IpvdspGb7xP3R9W8hxaaQd0seIo8njHX+KH8XTmTZVZgFiW5jtw0rQ== + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubernetes-etcd-peer + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateAuthorityKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEowIBAAKCAQEA0ktvchX99d8jQsp7nL/aUEv08kaJ7r0LPkJbI8imWv6vhcyS + 2uLuWMrmXPVbWG5lrxi8tavjfQhzpnOyrgavIqjAKENGQJkn07ZTjpssGXQEt7jD + U61IN6XhFUx5OTsEyOE1hlZBhN4d3gl0NpNmixrR7OHGpTSItjwAOiQS0+Lep3Ge + LMEDqkuXQ2JtqRDVymHIraEJ4HBPpWwC4y/CuuidGgKOt4zJUmaI0XY8osGwqXc1 + HVV/tbdaSIwq+KrQPuJPQ1DFpBx3yHmJPoFZCEz2yh9gCUupnhDNx7E2dZs2UuAy + bkGU0bHZa+y6YDXMpHdrtPv/CHTnzUWLQuFPjwIDAQABAoIBAG/jLO+BXfbUexlN + TEmRFiHE2BWTjE3WjUXZ3k4CsugVO+QvfS8ysGfTxI9PCAPb8QQhYD40rzvWJFo6 + kqXe7o29RUfmy1kRY8xT5M8qJmOAhAYQKvS5bIQXINPJNXJKwXfzwxuvhvqfhzqc + wxVKhbObWHf1hFBfzCFReTl1+gJ7ar7nRq+/WgJGRH2zO735uObc9AAWIOqvI14r + msNPTrChI5uW5+I3r2/g7OfI8pX7FocP1VIJYoa9F4EV8sn2PIu3GVeGkgo50zxx + O01r8Rl/80VXIgA+JozgSPpnbrZFt9tKLkWfPBUhHzAvOAIs8HVrlXKXaNfAeE3f + /wVGWWECgYEA74VTjPkIvmcOuA5IV8wx0hP2wSxpN68KmKAQSqE9nNEOvVD5ikMS + TJLBPDpnn7bLx4S1V292Ff1bz6Fh+Dk5llLp/B00CSGu5l5S2NoAB00cEytP/AhC + PI1IVziGZresMMsGbp6UmzSoWFQM5S+tati/1ZXyzeh0OVlQOVL/9RECgYEA4MNZ + i7xk0YmC2RWqnpZBMIH6F4n0LIynseqIG8pgnL9snL4GsaV1YyatZ/R3qd+EyPps + CbOM0GEPOOENI/RvWbKAVKCYdoWdhWMKdjnxcjrfCZjgAKcMNcgo1uwU41x9mQTy + Ww2T5dMfVhrfx6ulrafUjPb68/lpfBfgK1E+ep8CgYEAtBZfon/ftiEQbQy4EeNC + ljxSbB2zIp3mbqjydtpS0+RPm8IVTYJucMpqpZkYLnqnLuU13367n372F9+0JIkK + Jl9C9D8Uz8TWlvjWe5s1KEgu0q7fHZUsEBD+Ei46x2JUAf+0X1m2TBfEd10CsRMu + 5UYAvltWysB7Gl9vtRoVvrECgYAshqabpxO16u7wAHnPduatLGKV/S9REAA8n8Cc + +MeQ5d8nYgHDeYq6vLPHj0eRcIVGp0110osH0OKKGxNWVxskAtenbDUn7apZ/Vfa + OfpZ7c23ggCGQJGLqf5lLVmp/O2ovbEhVpxBAEUJ8sL4NEnbEA9saZUndfZurfAr + xKmC8wKBgDUMzvTHQIh88BpryqhxBEFJeA02VqjeUBwJugAu1mP7NUZqksR+QX/7 + poN0U8rRC0KdL3UepvGR6gDcNTySZKHXOrxrL/OozKuuCAti8kZyRO0edd+4iqPr + TInn69lSRf/6vPtkuVddgWlv3IqF713Dg1/Bzwv9e/Bb0Ix0NaCF + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: calico-etcd + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateAuthorityKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEowIBAAKCAQEAxQIBfbwLeCGKEhwKFtCp6e9PHijHtBjt+hwha/eR2GkNcMOH + kouesYuhXRdEzAkxnsflkpMx57nzTNS4wKeQ4LtwtxoFtBn5v65D7VuxTZx3VIEZ + tVNNqs0VKPGF4+DmCki/9eSazQgld4gve2gXHGJrA7iodpLTOQmTToR6V8h2zpgR + rqe6VuZP8njhVFtaKO44VqItZ6/v+vZHm43LGWvy0IWQSnvdTMMpaEa68AAd4Zh2 + xMjhAD4GVYV1V8iA7KCIjCSNTKdsKtv01HFSr1QXp8GsxAKf21Msb0OSOQVuJcy7 + y8mUdbziAY0u/IT7h5zR6n3VLYm0BZYv4pHTlwIDAQABAoIBACtPrZQ+6yaV+QzS + LUWmyjQr8HDo9j6Z3HfIB3D9FItHTTUlR4DoQRM3Z1pX60AQJWCLAeWfhrEzKFIT + 0ipIrIk7rCQVDHvz2fxSC4z7Q5eUdoeVellq3wBV5fkCYDUhFHHeXJVqlL3OtK36 + urWexLXwzSYcSq0GynkXqdLxPRRfE0DJksXu6NO18WzrZoY3v4G1MUij7iUby2fR + KlJCImXxkLf97iIGK+zsS4B79dR8btq92BbQmKckn61A9SjbARr/qu/RTeF3L+dc + au+M+xvXzyc9GA8Ir8h0Lg6m33ZRIrW36JSvNc3PaQpn0OJFrHio8/KMzZEx5Y0+ + nNTRhUECgYEA4KpEEWdPqNgA0OEPWoCxeQlHOmuD/nHnKV7EyT38iYYU+p0LzzqK + w3DY3Nyu4T150swnMBrVMLfbU5Vi0pAwJ06T2ZfvXxHkmAhffnq03Xl18DJ4JAHM + q/m30d+Us7CQvytBxSdnCoMg0WDr385jhGXtBcuVcLwdtDTGGDwF/iUCgYEA4Hw6 + ouY683T34juvZmOvdqHqB8PLMYAOIfGurw9POAzxpSloTcjvkuj9DerWtSia/KKm + PsNiJLPk7CSeirmpg7ouH67EN7Q0F621tInsmN+tWIO13B+V653gUdcX8ldDe9PV + VaeEClsiaSaDivxDmiDhLmvvo7t878TMgH3HyAsCgYEAy1bPzMCoxLTb6DIK52rb + NiVDpohxKvaEtljj2xCTZRVKH5nMen8N4N5eKWhDj/FINZY5Uby3gCSoCfqHOvTt + 4GWqQ6LUMEPNlhzd8We2E04/hGrpeg125aBa00V9HTWNjLjmCj8jb8xHA7qpQiNW + xxpJcJlWZHaem9+3+284LVECgYBNck6AeNGJwKbshA7lUirs0Lt+5kupzjYR++F6 + P9viyIRtqLV1cIdGtd7n+EcOxO2Dj1GvgZTQeMfXuGKCFb+n1ImpIJBNb3wxVxrD + KHpZ24FgckBBqxv758HGOmDmmLiNde252Usyj3J1uHXVc2aXPBS0AUTxxfM6fTjY + c4yDNQKBgFVXAhGkYN/9GszLS54Km7NDB17kg9bnYNDazX2tgybfXduceyscYGIr + w+5z4SmlqNF/YIOfhGv96q50Em/w7+Jig0U9jgiyXUx6wP92e2aray+NuhgEWkyq + OxsZEhySKh3KfaTxOLEWarqCH0KJ8/ObZQylA8H7ZRVIA33Geoga + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: calico-etcd-peer + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateAuthorityKey/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIID8jCCAtqgAwIBAgIUbLHPFiOLbtIAvW2V084HXL5sV+4wDQYJKoZIhvcNAQEL + BQAwKjETMBEGA1UEChMKS3ViZXJuZXRlczETMBEGA1UEAxMKa3ViZXJuZXRlczAe + Fw0xOTEyMTUwMzQ1MDBaFw0yMDEyMTQwMzQ1MDBaMBQxEjAQBgNVBAMTCWFwaXNl + cnZlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMPvfaW1wuCRZjD7 + rhhx9Fi6FA8jgKaYYc7r9iLSRrYb61sB0LmYilB+sK/ZfBFT5WOecwlOBCcd2q4B + /fQs+1wibqDcMVWzyylemcXZPmXp3mZL0I6NXS2pKIS2DOxDvFvfQ6mq83rC3EEZ + MayHNHCychpxFIROWK9OYfm5jKkYXfUZkU7n55vMRkMQvKWRPbfWZ7MfIu0UYZ97 + q6rdqZyReCdzuD/6y4sf3ZVDoH0sZwi4oaMxDG7dRtQAIQa6AJWTcWCIW62acxqz + yCNeDRHc5rOvDNbpqN0+rUHtXlpiUgkd9XusFtLnt16/U2HYGkSGoIkULI+Vt9gE + O+8uuesCAwEAAaOCASQwggEgMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr + BgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUiWtOJRVy + yVlJNX/Vf8p8X0cBFJMwHwYDVR0jBBgwFoAUoe5TcW1oGUyeiRRNLcUrYBysY8Mw + gaAGA1UdEQSBmDCBlYIJbG9jYWxob3N0ggprdWJlcm5ldGVzghJrdWJlcm5ldGVz + LmRlZmF1bHSCFmt1YmVybmV0ZXMuZGVmYXVsdC5zdmOCHmt1YmVybmV0ZXMuZGVm + YXVsdC5zdmMuY2x1c3RlcoIka3ViZXJuZXRlcy5kZWZhdWx0LnN2Yy5jbHVzdGVy + LmxvY2FshwR/AAABhwQKYAABMA0GCSqGSIb3DQEBCwUAA4IBAQCx+PmFPP7Ja0zF + dsBIJ1KFG9JN8Yxcn9afDTC4FIjs42hBejTcPZBGvZ/F58jp9N3apeFPgPRYAUO2 + V6Y+Lr+Qpt0dGqsEEYfiPsMVpok6lbADyn+otBcb/51AAGFAC5cGYXq7xLsFpqrr + B6OZUYztTMcprTuNGL5u+oAhD2Uhj0xb7aQH0DhwB7A9Tmd9lWNjmGJGyCzc8uLq + 31z3kwAKiCytLeLgNdFfEZI7vJz3leVZTNZ51bkCwrPeYKg2b/wFQJ7B1qd/Klh6 + QQzu30o927tnvP3OzKa30MqHPzMWtrLTbgblQ4vw6UQH5dgcwbNCLQcx+SawOpBI + T3LkeaTB + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: apiserver + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIIDkDCCAnigAwIBAgIUeI3p1Y8Y1g15ej3p8SsfORRKBkcwDQYJKoZIhvcNAQEL + BQAwKjETMBEGA1UEChMKS3ViZXJuZXRlczETMBEGA1UEAxMKa3ViZXJuZXRlczAe + Fw0xOTEyMTUwMzQ1MDBaFw0yMDEyMTQwMzQ1MDBaMDkxFTATBgNVBAoTDHN5c3Rl + bTpub2RlczEgMB4GA1UEAxMXc3lzdGVtOm5vZGU6cG9kMTUtbm9kZTEwggEiMA0G + CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0shawhklpXufNIwgyrYaQpUGwuFLi + MuWKvd2c2UwcPYnkFZVnc1cCI+WNKKvxym9K9olVROIbFJACwnCy3s2O8vZEowq4 + F6mJ2ocAzGoxHp9t3Ce4k7R3t4Miegpg7sIozG3iXRw6VRZ9aq/hICnwjf95DXqT + gNrf3yZAs9B5Y8n62or/G/uo57kI3b2FasdC6Hqx79GTRwZw+MPrIYHOqqVMfCSA + /LucQo6/KGF9l1zrW1Plj5pS9V+XWGm5neDWQ4n/eqpQCE3Lmu9Lyezi+NixTR8Z + G3zHK7qXozCfflb5tT48ko4MIYT4sXYcwPIh9EReqxbJGpIpF3h7+OhfAgMBAAGj + gZ4wgZswDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF + BQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSAvYcbSKcGR0LQ2qgmeFBdQHrl + 8zAfBgNVHSMEGDAWgBSh7lNxbWgZTJ6JFE0txStgHKxjwzAcBgNVHREEFTATggtw + b2QxNS1ub2RlMYcECgqYFTANBgkqhkiG9w0BAQsFAAOCAQEAiuyC6oyawIfh4MOm + HgHeIqsJU2k1Pi+ZQTzT5rkJKWP5LmWd1kIJLqCjm819S9OKRMn1Vgc+fpbdCe7e + +oYV0kaiJAkyTkwDEy44yemHz/iixwrMR9U7KLmOJV5xZyj0sTMSn0FfEo2YANA9 + nz/AEHOAkvLUiYQBhucLZ5lpEy8j3sx7WoxVeYXz6wNUwH+7ACvq4ZkHDCGmu3LN + VLB9GAFLtzjsk+NiG9Sp36OCpbDf4Hbjm7VRdn7CtsrBTQRjpbVtwng8duZaEEQ4 + OmCrZFQhCkRMKzmV4CfsBjUyhQ6ZKGxssfGzWZ9SZ4JKpRBJ27ILW17PrK1IUJ1a + O7iJkg== + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubelet-genesis + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIIDkDCCAnigAwIBAgIUHPN+DEQRbkDQ6xkG/buFZ/NOAT0wDQYJKoZIhvcNAQEL + BQAwKjETMBEGA1UEChMKS3ViZXJuZXRlczETMBEGA1UEAxMKa3ViZXJuZXRlczAe + Fw0xOTEyMTUwMzQ1MDBaFw0yMDEyMTQwMzQ1MDBaMDkxFTATBgNVBAoTDHN5c3Rl + bTpub2RlczEgMB4GA1UEAxMXc3lzdGVtOm5vZGU6cG9kMTUtbm9kZTEwggEiMA0G + CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyittkIOWBVR4mzeKjPTXocjWSzseQ + LmXi4mImf6UkUEDGbb3JxGZW7OQ7R1M7QmvpA7Hesmm2ywLignGyRC199N3BFWQO + 3X/yNlVLwMbFhFtsl1haI0BFGDlwgjOr7UcL2DfAkuunjw9sSTF8ZOTMkTmbxnN7 + bEThev0PWEILEJjdLQm/8BYL4uXoHrbNYX2C8taCn2R9E0eUVjZINMDHvvbQhRek + B3ys+nO44Y3kPkZjm4MNz6/DdDsrOqqDIwctYVn63kH0qsWHonRkpXnpEmFeV5sE + GGuMe463XvLIHQG0g/KeUOvVaNK9Yp7PU1kLDa687rXi84OYbcLDVHYjAgMBAAGj + gZ4wgZswDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF + BQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQR+Vh0QZthupymCE6w/4R7TqxX + fjAfBgNVHSMEGDAWgBSh7lNxbWgZTJ6JFE0txStgHKxjwzAcBgNVHREEFTATggtw + b2QxNS1ub2RlMYcECgqYFTANBgkqhkiG9w0BAQsFAAOCAQEAFtxyTRbfi8LIMDQT + K5pek8o1Xrs/P9tSD5myJjaS4grAayPd481LsfeD2hk+4lymZr/ENJPN6dEvqrCH + ucO0FwrMc51+UhqbXilRtnjylS7Dl1nul137uC1ocA4YPVM9wiTEiDb8SK+p0ymb + oBK+eU+kloC/NRBRFH7OGFM05ujSqgoSbVEOtqeNftzS1ezluvhxXq2m8DQ8PdBx + 8vgMXHmQHwNkMHl8MiwMyznVBgp4JHohGLYGT6CnIdT5z4FcBJ1MHTic1ygAemvl + Q4TeCLboweXJa27ne85HcLZ2GUmAKi5sDk/BiWJ1Hha9Hai4KnU7CJHrepEOsQXz + P390XQ== + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubelet-pod15-node1 + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIIDkDCCAnigAwIBAgIUJJsGBbG+BVMzt+Zn6+FJEAhKyLIwDQYJKoZIhvcNAQEL + BQAwKjETMBEGA1UEChMKS3ViZXJuZXRlczETMBEGA1UEAxMKa3ViZXJuZXRlczAe + Fw0xOTEyMTUwMzQ1MDBaFw0yMDEyMTQwMzQ1MDBaMDkxFTATBgNVBAoTDHN5c3Rl + bTpub2RlczEgMB4GA1UEAxMXc3lzdGVtOm5vZGU6cG9kMTUtbm9kZTIwggEiMA0G + CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDs4LEuWbyPOWbhCLNmV//TnJPpYirp + wzqK9FBq+R7+Pys8Kq7p6ztVY9dQ86WLLzcU4ji+m65KcjxgUVZh+NQYmvVWbAHh + V5AMQ1R3SfLYJSWKJiSiVtklvJa7QeZ3q0CisD4sFb6TwsiMTVOZLItGArOZuwGY + PNmzj5z/16D+FGLAogRmD4zcfroZ4sVaedHYZyi5o4Cud8HHibHpfUZhc5PB6P2W + Nb6HoWQiV1SEycjZqh/tVFDTECBhgvSmn570uW7vpIURD/5voH0yggeEQbAgZwbG + Btc7hcjkbmaGlAlyGlH/Xn2jf0uCnGKoHzQzY3WXh9i2JnkyCme2bZfTAgMBAAGj + gZ4wgZswDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF + BQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSSkEkRzaFIm1Ediw4X00f5VeHB + BDAfBgNVHSMEGDAWgBSh7lNxbWgZTJ6JFE0txStgHKxjwzAcBgNVHREEFTATggtw + b2QxNS1ub2RlMocECgqYFjANBgkqhkiG9w0BAQsFAAOCAQEAhgMQmXZ7RwDnkhD/ + Y+MbfDASKHaFUvnyc7a+1q/2RLKbpWc+SoQLaUrHY0gG6uyJamAIoI4D8ZeXyHrA + 2/50ulYUQ0DDXKQD9YbPHTTBq9Bd9dBaRnES/t5k6nf0VbCmXp1nfHXsBWmIfczg + GRCBB6YT2RObfytzHBojQZkm70gZh48KJfkn21c8K8cpoYkofvCZkJxd6aArbI0I + 8NK0gTp9IJ13GieE7KvFap4rvIXrUuB1kvEMdxlwYJ2xyDIKzHKR/ltYy1xeHGH2 + KivJdMgLDS+GVrWuFj5pNwDB/kK6CTTWvdcH1/klfplBIZs0O81mo4rRWOWQQgKs + uq35EQ== + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubelet-pod15-node2 + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIIDkDCCAnigAwIBAgIUAQ6H7jXX+Sfnj1DQTXDP8ig5hvgwDQYJKoZIhvcNAQEL + BQAwKjETMBEGA1UEChMKS3ViZXJuZXRlczETMBEGA1UEAxMKa3ViZXJuZXRlczAe + Fw0xOTEyMTUwMzQ1MDBaFw0yMDEyMTQwMzQ1MDBaMDkxFTATBgNVBAoTDHN5c3Rl + bTpub2RlczEgMB4GA1UEAxMXc3lzdGVtOm5vZGU6cG9kMTUtbm9kZTMwggEiMA0G + CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkAXgYtT4lJs37wT7kEDefTHNitPPI + aUn9it2i1fjpUslDse+xZTZv7gXm9U05ZYaBqMJuhzpdY0XuRk66ppIh+POayT36 + v6SdlytteE7QiRI+Sp7P6n7zYbRV/4FIJGH3NlUaWJu+UAEVsuZ3YfJljmg/uksr + slghDTW96xaszhynE40r0b37X8iTMXrltitfOex65t27BaOENQ3RaBuaFAXJeuk6 + oYU+tPByFsFsxNNFqTmhhwfd/AaKKNRiEc5MEBd+VYrSSe3/UhKGcBI7o0U3s+T5 + 2Ne6fL05DnUYMT/SSnvGqWJK2CCPsmPsF+OlTSZ0A9D2CeiMyb1fMv8TAgMBAAGj + gZ4wgZswDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF + BQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQbQ6Q+lKgIFD8hn4Ya4ALomzZB + kzAfBgNVHSMEGDAWgBSh7lNxbWgZTJ6JFE0txStgHKxjwzAcBgNVHREEFTATggtw + b2QxNS1ub2RlM4cECgqYFzANBgkqhkiG9w0BAQsFAAOCAQEAdfesLgCg8Yh+6XDj + Ft+0mxuWBGjODNiVtQRU64Zt4u/jqxVAOyw7Ldz87LjqecFOaH78LD3fTvn7z/9j + sefWFaUmuYOxqPSBAO4qI60ll6KfP1uDtBozvo0kNR3/lVI7Aak84ig1tDEHWMSG + mBGdSTYi4tsaJU3g1OOgTVrTxnsd+hZRBLFaoEJCa9kOT5Fmsm6IqLOgnd35t6Xw + vYd3qFEbTj0PeD2HrttemLtuiqWBHRH2pB86mHXPBOqJzqLVBZ3n5lUE1GxzXucu + PUYsCA5j7EBPPwSc8saZWVH4i2N/egohB2mGkmFXgjBB+ROG+I74oZGOZskNFxyP + siHsNQ== + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubelet-pod15-node3 + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIIDkDCCAnigAwIBAgIUHiDObQiv3pMY1koopRzis/CUhogwDQYJKoZIhvcNAQEL + BQAwKjETMBEGA1UEChMKS3ViZXJuZXRlczETMBEGA1UEAxMKa3ViZXJuZXRlczAe + Fw0xOTEyMTUwMzQ1MDBaFw0yMDEyMTQwMzQ1MDBaMDkxFTATBgNVBAoTDHN5c3Rl + bTpub2RlczEgMB4GA1UEAxMXc3lzdGVtOm5vZGU6cG9kMTUtbm9kZTQwggEiMA0G + CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMi13j4TYfCx46/i6AlbmVcoZoHli/ + JEh2I7WIkBNh6GL3fviLYavrFBNeGK2DjPr3dbyY2jTWDbwGXtB73Ak2Yvv6M2H/ + k2peYqvxZ0ZSYw88S0xUazzfKl4Z/nEZAMM2JDimDecQ4wL9xwbJZKTr5i7LzRWX + cqJGeKOsBCf4nti0tCgpquaS6xrXhDKHksVNrkfkniSWedzGHj9cJHRFMVXP5hrK + v+IZloeVCjLHy7YJQ2a7aRSmf0QQgrlMmwUY7bA4FCfsAe1g1823xtqZTpd10i8h + u95aJZXGQOjAkW8UZaS1EJIjm3t/Qf7EqkOi5yLcFlLBbCfBBgAGSDHBAgMBAAGj + gZ4wgZswDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF + BQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQweNNlcW04q1RXdJXxnW2O8en6 + 1TAfBgNVHSMEGDAWgBSh7lNxbWgZTJ6JFE0txStgHKxjwzAcBgNVHREEFTATggtw + b2QxNS1ub2RlNIcECgqYGDANBgkqhkiG9w0BAQsFAAOCAQEAq5/bfcYU0S+T8F1B + XsM95/5KCbs5H7Z0WP96dVs2wFZzwf7Xt9TNmaVd6PtpQHfBzXuEDavg331Pvg7G + nuEywYkqD/7I0looHQTpoYQYqtVkJ+W91iXo0ezwLRV/fzhsLin/mPUCuENg3+XH + +JtQjAnUDbNicpMlJeGYy/UTWxECoH5/yv2/fvT1xEM55KoBf5N8qFhbLoXxxInm + Df3DOx28XqNTbO/h05RNSz5jfpRkt/1wUuDmC+9WtQCKlvuZ6EcyL7JfPnl5yv6W + vHYcmCyMNOvqfArePE5wfZ2L0Y8dkEXpMuFs1k1uPCBdIe6vuxEmQ2l9L94qVZ5f + 2zJk9w== + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubelet-pod15-node4 + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIIDkDCCAnigAwIBAgIUZY8uoWqacyYGhJFTBxAn3s/6OHkwDQYJKoZIhvcNAQEL + BQAwKjETMBEGA1UEChMKS3ViZXJuZXRlczETMBEGA1UEAxMKa3ViZXJuZXRlczAe + Fw0xOTEyMTUwMzQ1MDBaFw0yMDEyMTQwMzQ1MDBaMDkxFTATBgNVBAoTDHN5c3Rl + bTpub2RlczEgMB4GA1UEAxMXc3lzdGVtOm5vZGU6cG9kMTUtbm9kZTUwggEiMA0G + CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDR9OuH068GlLZ8j86Lgc38V5yE+Npd + JZEbJN63IpzlsC3HAT7+Zv5hR+kR5H+IkjsMe4LhRDUAHzPYBv4qZBFocw7L3+F0 + 6z20W4PX3DA8VYUmU4HkT/CL7Pu6vWNJsff8EyVXktPUdkP1CtPs8CeBHAPchgYB + /damSg+FfVXtCprQT3347C/TG1vjEvXOQ7kERHVdkPc4j2fjz0tUsMwZ8bfHmxW4 + ZftyFSxsQUZMEfa5OHf3JQe/6FvfI2SCfmXf3L1VUL6ahsfmcAnnZHd2ggnL+ln9 + hnIcCn06CBSRJZHQpsApR0MiAk4X0lO9EjchTHVmUs8JEM0Xy4UBDE6XAgMBAAGj + gZ4wgZswDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF + BQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRKiM+XWchqU5Nz8gJhACPj5xPf + oTAfBgNVHSMEGDAWgBSh7lNxbWgZTJ6JFE0txStgHKxjwzAcBgNVHREEFTATggtw + b2QxNS1ub2RlNIcECgqYGTANBgkqhkiG9w0BAQsFAAOCAQEAGm+zWf6g+b7NL/Im + WrM1DFyFbZzpnitPlj+aACAFERPdiwIM4s9UoDIAeDXx1W3T97DVbg1zR04CkWEf + V/kbOvFlJkdUJeDzfNr0RCHyq+s+ZxtijfG0lKsoVWgoisVx0PhNxV5uCpJfR7qO + dmcp4/PMhus8V/xzLySBCvvcDggE/rnQeRMo7rkgzHtlrXK2y8Pz/yJgzZaCJUFl + 1B4IgRtxx7cSLbfBm0QDtJc4Xq7XL/LZJPtEINEQO6y1nnGDXBCsKMya38/ZlTit + KyU4uEoY6MqAozENUfy6wPK06X/d7fwAe0xv6LF9tMQwnAMycqfsjE2CTAC8iSH3 + 4vNvNg== + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubelet-pod15-node5 + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIIDVzCCAj+gAwIBAgIUSAEv2BjvmjQ527csIIit7+IfCT4wDQYJKoZIhvcNAQEL + BQAwKjETMBEGA1UEChMKS3ViZXJuZXRlczETMBEGA1UEAxMKa3ViZXJuZXRlczAe + Fw0xOTEyMTUwMzQ1MDBaFw0yMDEyMTQwMzQ1MDBaMCAxHjAcBgNVBAMTFXN5c3Rl + bTprdWJlLXNjaGVkdWxlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB + ANF6rvod+hA4JTryPAXEtUmvF6XcI4dKBa90W0Jhpnnkou1ZBSImWX2IYxUW/wE1 + gK1J/J73pcICM0wkju5ofU3XEe9LRRC7ZRLnUwKqIZUDsCMl4J6CaFjvm7wtxpxf + XEk+5sjNMtmTUmohyRQZkPskfBpwDFMpPhABfunHPxcf7OqcRxZy2tcRuZxLxQV4 + K3opKiKZJh1TFGVlUYxXDw2dG5mNP1vfRZpxsCjZmMKlU6F+V9Z+o4tGUIn+U/ld + pTi4BQgTgd7vjzhJMb0lsgLVWdpsLW0G46OUvAalHQZsSF1cgj6iXeNNmk6ukZq2 + SonAP1gC6pVVJw1Z0IXJ14sCAwEAAaN/MH0wDgYDVR0PAQH/BAQDAgWgMB0GA1Ud + JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW + BBR7ppy3HqgRgC4PwjM+FiwWk3u9pjAfBgNVHSMEGDAWgBSh7lNxbWgZTJ6JFE0t + xStgHKxjwzANBgkqhkiG9w0BAQsFAAOCAQEABSLPj/FoIzeuA5n8iS3ZUcmJmpRc + BCx7L/U/qk5gL/0K/uZnNImtfKGa8JSmOhT3RUPQdfdF2d1MNhyLmDvQ90+6KT35 + OXswNicmdOyAxGH9r9hmUKxYPqq2bYP6tj5J+v8g7ZcQz/dXVO4mC9S0R8j0DO3k + nvfgNBlvDKNcZxHn6HZLFDrEkM6rVhJZBrlquHU6OS1QBm6JuH+/ZCYIbH72eoBa + PRKX5YZxaFo4X7WPqUdVj+2Gw6IPuMbrK0ZsObRwocepzXV0BRt6kv/Supca9kkp + NH25lcT6JlMo4/fZw3Mw9A9DFN46Qb31fjNYgnB0dh0YaQMQ1ek3owg3hw== + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: scheduler + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIIDYDCCAkigAwIBAgIURAnOf9bMH3lTJ63NtzSFdxM9JOgwDQYJKoZIhvcNAQEL + BQAwKjETMBEGA1UEChMKS3ViZXJuZXRlczETMBEGA1UEAxMKa3ViZXJuZXRlczAe + Fw0xOTEyMTUwMzQ1MDBaFw0yMDEyMTQwMzQ1MDBaMCkxJzAlBgNVBAMTHnN5c3Rl + bTprdWJlLWNvbnRyb2xsZXItbWFuYWdlcjCCASIwDQYJKoZIhvcNAQEBBQADggEP + ADCCAQoCggEBAKTUXzod1EnYLJBWr/565EEds6qG7yxb0bvqJLvZgmp/GZMesfRc + dBFQ49b+bRoASGLIRZDJBuYFgaVMAum6vnwyiJQ6zoH/v2KYbLsBXwbfnlWvmxr/ + bq+jXy4I7t0DvOhE9rR900XecJ8IOuMWh34l04GX7k8m5/0lvkZkWurhDjetLcGS + /6f7uQBMJqYg96sOHRP4XnBtlJZWLDFODkgCEDxVHo/yWyS2wwhPRaRhVpVpyrqn + uFV7SPx0SMpmFjyLRfd72coEw8v9N0iVjWQelbJldCW63yfIW+yxW2VcxbuH6SMg + DAhPSr3WeMPNpNHAeieafYj1M520DcjIJ2UCAwEAAaN/MH0wDgYDVR0PAQH/BAQD + AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAA + MB0GA1UdDgQWBBTYne03TtUnu2JQuL3HTpw/d3GOHzAfBgNVHSMEGDAWgBSh7lNx + bWgZTJ6JFE0txStgHKxjwzANBgkqhkiG9w0BAQsFAAOCAQEAS0aQmePd0OYpbE07 + WxRp8fqEcHKLJMZIrUhOcKecuzpe+1arwPMJ0MOVM2tljYcrm2NlYVfNgC+T63yK + 7LIW1ChnjAmdzN6dYHic8k6dbR/Kf6Tx1NXi0w2qhvvFuboHSyB4FlSktN2lnRk7 + FWdzNV19h0xUNt2767hb8VBP1bIVWKjD8yAEClh9HZau6MEcFYdNBrRE3YKdk29M + YexwASFqj7Jih8Up/yps/xjE2J/UWn7un2RIi+7GR1tjDnP4sPEmEp7v71rMTDmj + T1qrlNFlJwhbZgDv9jSjvr3QLCh0EYS7VVE2Tih7QLRb6wBLwZLMjQPNN1GkG35P + SSAwgQ== + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: controller-manager + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIIDYDCCAkigAwIBAgIUDVuOb/s12+4utcSFpn8HPlYHUaAwDQYJKoZIhvcNAQEL + BQAwKjETMBEGA1UEChMKS3ViZXJuZXRlczETMBEGA1UEAxMKa3ViZXJuZXRlczAe + Fw0xOTEyMTUwMzQ1MDBaFw0yMDEyMTQwMzQ1MDBaMCkxFzAVBgNVBAoTDnN5c3Rl + bTptYXN0ZXJzMQ4wDAYDVQQDEwVhZG1pbjCCASIwDQYJKoZIhvcNAQEBBQADggEP + ADCCAQoCggEBAJ4gtveC2VKgWPpDtLMa7wi4hMafPDeEoyH6/0kYGJXAzM4nTNy4 + Yuuet+AeGC6rzpsCDmFqPkVDQ3Vd0K+wNUIvf8jYUyLmeWPFq5+jWnRhzRmErOeA + OT+ILkJE1CwOhOlKc2PtN8OS7EmTu6lddt89s9gS9isfnnIBf6bHMtgjYbkdA3lD + oEK/o6U/KvJru3v/MHEyzUL0n0xPzG+vOT4iEVQWp73z4wh3jSxHCoBbxEOaNNfJ + hB3E1FaI6Lcu8TwVvvwY+Gsvw5DWnRyUw3/DDQzM0cPfG6YCfyhcBEIIBydKpQ7X + /MgJx1euBdGuQaxsZ4xoKKZen/AhBmfCMEcCAwEAAaN/MH0wDgYDVR0PAQH/BAQD + AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAA + MB0GA1UdDgQWBBRLaEUYtQhlLBqBAKIu4kP4pYhQNTAfBgNVHSMEGDAWgBSh7lNx + bWgZTJ6JFE0txStgHKxjwzANBgkqhkiG9w0BAQsFAAOCAQEApiYqUiC24UK3f1Qo + 2zua9S+5ZyfW98/posX5EgLvsnnbbhitEyzmsTPhmr56vZcdVUcopx4W63Inh4Ta + GBPT25ptfHTA5m3TD2+oWEAyJ0xAn4w3Eiw4abf4h+5CBeNoeure9xLbR36vYHoZ + t4iY5CpkhxnwuKWAYNq8kilA9oS5vnnguC1aRDrD9m2KfY5ikbFwFYe3G4KMp2iH + YZb1Lagpedtcm2R6xMgDUJKJnCyXZHqzuXs3OXuM1QW6e1YvUMZAGLWnMbBvKs35 + r1GltV99HtXphNpjxWzkTMKK6+L0CLq5wnqVcW3T+V5WNGnHV18A2HD3CTssQZlA + nileWw== + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: admin + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIIDYTCCAkmgAwIBAgIUalNlJLFfpr/Gh7Mw5t4a05g6uygwDQYJKoZIhvcNAQEL + BQAwKjETMBEGA1UEChMKS3ViZXJuZXRlczETMBEGA1UEAxMKa3ViZXJuZXRlczAe + Fw0xOTEyMTUwMzQ1MDBaFw0yMDEyMTQwMzQ1MDBaMCoxFzAVBgNVBAoTDnN5c3Rl + bTptYXN0ZXJzMQ8wDQYDVQQDEwZhcm1hZGEwggEiMA0GCSqGSIb3DQEBAQUAA4IB + DwAwggEKAoIBAQC4iej5JvHtxmEc6XoriwZvkmpQlaRQ2xdmNJ6p2pM73c80IqlT + Ge19a+jK10xzfoYW8Qz1VBIzeBPqMfhEqTWnSgVwHZ1Q60yS7Yu0zEDZ2PaecLCA + WnOf1BQYquV04b8lcfXVGPyKWZtomtKYm77PHpEMDzrqMXjUQ4xFCJKqSmHxZJTo + zhk39+6Yj6BNfzTPDDRIKrmt23k/4ooo/NWYQrf/9eIl21vYt4fV3kohFOBzHMzf + 3DBmRvFbwaDq0ZHzBSxo06aa51ZVUKDfTTfWmuD4bKnV+bmAbmoUJCOeMOzYuQVB + MSi66WmsMILeAeWlaSCpL+0V4GEUk02PXJdJAgMBAAGjfzB9MA4GA1UdDwEB/wQE + AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIw + ADAdBgNVHQ4EFgQUnMdTKIGmWrYIpxLZFEAZZ8AM25YwHwYDVR0jBBgwFoAUoe5T + cW1oGUyeiRRNLcUrYBysY8MwDQYJKoZIhvcNAQELBQADggEBAJVGzx7vD7Ur9vTf + yDC3Y/610wnWezr2IGFA59j9/Y4NiW+GrqFaipPjJBhm1A9YYAOS8K4cRw1ryyGS + QEOGmSlcDexdP9pFODUpwUy4bmNnIMBoNOJWQA72lA1hreFhD5RRukMLiqSjtNt/ + DembnN3XvI79xzgWiFVh7D43xZDP2kqd7YxsD+iUuZ9/R9d6tSTmRdLzVpIQtfP4 + qKGxl1JpKjnejHB8OCQyj/VfRxJpimi0xSiovB9XNo+2uGx59LDXHS/oy4qJV+zA + 2vQsn5WwXf/PogjgIr4MwKfqJ3n+F9dWWX+MZmpKk0hAQnNGeqZK/rUiz6F6U7en + RdzvX28= + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: armada + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIIDUDCCAjigAwIBAgIUBH8wQBihC5wZ/grBgM2yKeAvOzQwDQYJKoZIhvcNAQEL + BQAwLzETMBEGA1UEChMKS3ViZXJuZXRlczEYMBYGA1UEAxMPa3ViZXJuZXRlcy1l + dGNkMB4XDTE5MTIxNTAzNDUwMFoXDTIwMTIxNDAzNDUwMFowFDESMBAGA1UEAxMJ + YXBpc2VydmVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1OxkNW5Y + UNIyEmTSYt98xvhDrJz9SkoLn+fQeKJwvw2a0/sdClyQQ/zkNiSH9QVD+jzFXSkc + Yz/jbsA3jUxR8cypqjn+eSlItBQwwR8O440i7YoHfMMld8lcOp458/K/zgWAh9U1 + GEsgACtCo2VGZfrhTAtbux1T1eCTTaSWM7J50ulsAyCBTUwZwO5f8zG/C4iKWhu8 + 5gxgExiucQ+ul71lzgumxwAojK2JBuH88IQt2aTrKw+sn16z2G8Z8E4FoxMCNxYD + kV604V5c9dBSZKlwea+fk/pMzwvxIA6tLHT0AbW84CdAoT2hDZbxI4pnrfIhwgqc + vjxKc/gEEESWGwIDAQABo38wfTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI + KwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFM1mjh+7 + d+as2M/vrgKW2pw0tKmkMB8GA1UdIwQYMBaAFBQx2TQa92btcDTQHKCYb8xWb+6R + MA0GCSqGSIb3DQEBCwUAA4IBAQCvg3DxSGSVGydKEoNBpvjHNwZZ3Y5DZACcWXBc + 7lAbfFjFekw8RqTAYRF0FRsXG8F/9RD4MaGfa/JdCtaM6VZHu7vB5QY3hoar0hZE + cFbOAM8QnAPDiyd3XGUWlhaehbn8gOzColcG1gPSncyaHUMypCYmZS7YAwbcsB5h + WfOHUytykwBjddmKwSAgESBP4OtQ3iLRWC6XV1gw1xooVM5O88STmZFmlnmccCQ1 + GQ3awOVPcBCCHHGY1AKRxVCQ3IrggbvX8/rbAXNU+w8Kn5OaJPCbWSaIynZKNaux + y4IrlW+obqh1U1S00TCW3gv5+RdXvCNjuYvett/SJ6UUkOM9 + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: apiserver-etcd + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIIDTTCCAjWgAwIBAgIUOyiZ0qgN1iK/edpEjMLJVafLd/MwDQYJKoZIhvcNAQEL + BQAwLzETMBEGA1UEChMKS3ViZXJuZXRlczEYMBYGA1UEAxMPa3ViZXJuZXRlcy1l + dGNkMB4XDTE5MTIxNTAzNDUwMFoXDTIwMTIxNDAzNDUwMFowETEPMA0GA1UEAxMG + YW5jaG9yMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA37TdSlQy15A0 + EY2FLM1sHW0U79AxBlbd3UG7eErF65fgxAPoZGLsO4bkwH6N9bv/pbKLzq5NIrK2 + 7NzCNk5KK34A1ILBtKIoWwWQBGcI2kEAHLezUj9plygr99rJb/9eOC4dym8jmvV7 + y6TGWDzR/f4ShEuA/Q6iNsBXjCBoNP0LC+z0jcREx3QTVWMBKumlduwV0gJJnESm + 68NZBKD5iCj5r5YJTUWmm4tXLBgB8KWk4hUXv9khNLGPQ4SJf+wATkfNycujTO5A + Qp1GIJniSpwcKh/nJbbeiOJWyUFiW+ObnxAUIFxkaoymuck5xa4XsZrdYxUnJ6jv + 5CyxawaXAQIDAQABo38wfTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB + BQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFLRIY4VeiRS8 + LsFaoaLNZTYBdl6tMB8GA1UdIwQYMBaAFBQx2TQa92btcDTQHKCYb8xWb+6RMA0G + CSqGSIb3DQEBCwUAA4IBAQAdPhcvTbKrxPsqYcguzcFIp/s2Cyq6Fz9N0D/mJ/6R + RnFuzVq0S3TAVsj9ciQbSi/u1sIRJAEggzL6mY5GDeqI3DrW2RgW5GCgMQDcJWO2 + mIzIlzqyPenasXa3/GCkAZIKHyCrS9652G6U4w+3UBrnWvvF3O6abiMLYjYC3R46 + DhixRmhdNHmbPc21JzABJlYTmxxd39IR04NwQ/KKrXKpExqKGMJJRCrDp58nYbMa + JbmPqVRoU4z/JUomASrP/6gljO+sAUZeBVE+t+tpOBwPiHfZWg6g4sdEZ0N+PjyL + sXbbhaa3heBibrz8ZGpzGHPpCZ7PvhBjzEhbEPN+Fj8i + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubernetes-etcd-anchor + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIIDxDCCAqygAwIBAgIUHgYxrRK8asXmscNp6ttCXRoD2s0wDQYJKoZIhvcNAQEL + BQAwLzETMBEGA1UEChMKS3ViZXJuZXRlczEYMBYGA1UEAxMPa3ViZXJuZXRlcy1l + dGNkMB4XDTE5MTIxNTAzNDUwMFoXDTIwMTIxNDAzNDUwMFowIjEgMB4GA1UEAxMX + a3ViZXJuZXRlcy1ldGNkLWdlbmVzaXMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw + ggEKAoIBAQDS2anS2ftj9gOxD53wfeDiZRuzheIKiPnIh+s/qVhgaintqjVgNCI8 + q1phupSuy0G+6HxkU5C7qWZIPANJhaH77SRTnfvRiLXHswS4qfk2tEA7krNPR/6B + 2AIPe2IEQb+44CIOruhv0R3aXoDZClTaGz8mDa0ag8SJ3XLGY3IwdyQEq93boc9l + eB7M1z/ssgyat7RP1ZZdvehFWblLK2LWJKhQxJ4brFh9S4Gb0Vfja4bP41ZxET7n + LCN9LEt9h0+PKiscJkWr1If+jzwR36H+fIF2zk8TheyPPQUHxaSrjzkrwEmnv3d0 + /s7xWBZWLsQ5XjzXaRS6OCibxpgQRaepAgMBAAGjgeQwgeEwDgYDVR0PAQH/BAQD + AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAA + MB0GA1UdDgQWBBTlDSkltgQOMuBMXXcmBxdsexg8hjAfBgNVHSMEGDAWgBQUMdk0 + Gvdm7XA00BygmG/MVm/ukTBiBgNVHREEWzBZggtwb2QxNS1ub2RlMYIJbG9jYWxo + b3N0gi1rdWJlcm5ldGVzLWV0Y2Qua3ViZS1zeXN0ZW0uc3ZjLmNsdXN0ZXIubG9j + YWyHBAoKmBWHBH8AAAGHBApgAAIwDQYJKoZIhvcNAQELBQADggEBAFwKLMiqzzJQ + arSAXrbKA0StyaqqG8JnM/h+OUZYwHRdmZbxxFRi8H0YT6rWwmhQcbeWvvlaI79e + uIy0kzRw3LdnxxpEAkZcZBLBYcvnbN7OQ0bui8+Ip+ghZ7WVPuHeRnvI/yJWOX6V + oNRTC9ngaAyff9k9BD5KYTkNv2Rl10ku6eJKnIRKwpokyMY6usvefKLewf23jwUK + lOZGNiSV45EvflU6Auz6tCk9gxee6w8Q2s3Q8or7p32sG8ciKwnZxRjTLarVwWj0 + 0mDjvrbPh33B1u6p1Mz2bHm5xy3mkBykl3tRQuDkgVVGLvHOvhYWiEJBc1CTsyLq + zFMmvtmUJrw= + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubernetes-etcd-genesis + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIIDyDCCArCgAwIBAgIUPb5OXU60Bc/7xUV2mqnDJDjXqlAwDQYJKoZIhvcNAQEL + BQAwLzETMBEGA1UEChMKS3ViZXJuZXRlczEYMBYGA1UEAxMPa3ViZXJuZXRlcy1l + dGNkMB4XDTE5MTIxNTAzNDUwMFoXDTIwMTIxNDAzNDUwMFowJjEkMCIGA1UEAxMb + a3ViZXJuZXRlcy1ldGNkLXBvZDE1LW5vZGUxMIIBIjANBgkqhkiG9w0BAQEFAAOC + AQ8AMIIBCgKCAQEAujJSrpil7jhn6cg2BX85ij5bGnKZijN0RKzOOQ9+eza/8gpn + N77LXOrd06D2r8HOovoG9T+j6syLycrTYM/MauwGkpqOxCZnLLhpbaD2I0UKm5cz + Kx2y+NOBXZpRf13GNua+fc5hN9gtQNwFYZFeNl5rVzx1HiQO+CsY8ihXAVFF3ouY + 98FKF2YJSC9l4jRCKuY+AkLAILci44S8GKEzQvIb3zLoI+B9mhBtu7C2CBANSCHB + 7rN54zOPJu0+1iD3TXP/8c9USCm4CLfHJUhE0EuFvBpICWIBaN+DwW3GdofWrxIy + OHzHkK9fAAPlA/V4o3qy86nWRn0SeLqzAoBbFwIDAQABo4HkMIHhMA4GA1UdDwEB + /wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/ + BAIwADAdBgNVHQ4EFgQUxWY6iREf0i10/XRR+SjIaD+GEuYwHwYDVR0jBBgwFoAU + FDHZNBr3Zu1wNNAcoJhvzFZv7pEwYgYDVR0RBFswWYILcG9kMTUtbm9kZTGCCWxv + Y2FsaG9zdIIta3ViZXJuZXRlcy1ldGNkLmt1YmUtc3lzdGVtLnN2Yy5jbHVzdGVy + LmxvY2FshwQKCpgVhwR/AAABhwQKYAACMA0GCSqGSIb3DQEBCwUAA4IBAQA/VFJG + 9h3djDv0oed/EPN/4VIy1O4q/quiUnBXjeYDUIJbYNdhqbZ2ienbCimax4VqcJI2 + InoV3O0H/XH0KkDs83PFyHqQ7+a/z7woAn59pb0NMvIWl0sqrQHFjbV+Gm2/17dm + VdpPyJC2kW1DTzRzSIJaA24GgrTuLYT2LosQ6ysq2r8UE8JeXmMEvMI44EyRIL2H + jMMcWXv8LfMFzrArCKS4LoL4p6WfMzs2MQhXXmraCQj62mG+ARZVcdyU1pVAqD/6 + 2Mq8TU1Q9f2e9rpLlAOHJ25yzWwkibLZWbI57z41sBXJio9S3t/eDgZlM1G88xlB + /FhKxXU9Qo1bn/Nq + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubernetes-etcd-pod15-node1 + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIIDyDCCArCgAwIBAgIUM1bBisu94/bruEHMVuWY6qBsG3MwDQYJKoZIhvcNAQEL + BQAwLzETMBEGA1UEChMKS3ViZXJuZXRlczEYMBYGA1UEAxMPa3ViZXJuZXRlcy1l + dGNkMB4XDTE5MTIxNTAzNDUwMFoXDTIwMTIxNDAzNDUwMFowJjEkMCIGA1UEAxMb + a3ViZXJuZXRlcy1ldGNkLXBvZDE1LW5vZGUyMIIBIjANBgkqhkiG9w0BAQEFAAOC + AQ8AMIIBCgKCAQEAr2fk25eCVhfxE5WiNlce2ydF9v/a7rAZNFhzM3aRunB0pI5u + gyjZJsB1nd8wx1Tcp7lMyXKF5n6aFF4PP58oCknizzHvoTgmKl1Z37oWDm8g3DWW + LWVN0Hcp4NvTLLN4ukkSb0swa/zNM3PtaJH9nq2NIvJGST9G5CKVx7dE04GR6h52 + UCvZu1EGiY09OUSCRTSi6sti41HpCZe6LX4PELFMeoQ3fBa/UVWHV8rVE/0ZvMNj + 8TzgstmDk11n+CW2mJOMwpJaNVR9yn9kf8Qg61OnaJOqyLPsgp3VCZwiGch4WrPd + FxE8OpXt10B6Fdm72F6yEG8yLKlL89/6qGsoLQIDAQABo4HkMIHhMA4GA1UdDwEB + /wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/ + BAIwADAdBgNVHQ4EFgQUGPdRHIxbWoYYoXJkmSTwh8YMud0wHwYDVR0jBBgwFoAU + FDHZNBr3Zu1wNNAcoJhvzFZv7pEwYgYDVR0RBFswWYILcG9kMTUtbm9kZTKCCWxv + Y2FsaG9zdIIta3ViZXJuZXRlcy1ldGNkLmt1YmUtc3lzdGVtLnN2Yy5jbHVzdGVy + LmxvY2FshwQKCpgWhwR/AAABhwQKYAACMA0GCSqGSIb3DQEBCwUAA4IBAQCB17EQ + XS+aSKFeUdCASx7frq3D+rQO2LVna0SQYjMI5BZr7uBMwTkN/pWYrtbRyF6ZdF0Q + CWNAmCbF/XYypoVZ/LogZ32bP28EXqr5o2X6XxPl3cFURWDMpd9AYFKHmdBxcM7M + UgbIvrC1dc6a+UjThR91jBEqMB0LQVyMkanm9NWWDQd2qWuYeNTxrulyE11pVOgI + RYhwLgZzYqwyuNh2UpoTq0vkD7QZNand+R2MxBFcNWEwsxUrTIk+jRBEGSZ1VJho + qKdlDLLpN5VgW21wZ0LwlZvFw/GVlUiVkA9p4xX+WN9uDW/CYByf8GG/BJ0c04XJ + ATn60pW4Wh5Byyps + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubernetes-etcd-pod15-node2 + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIIDyDCCArCgAwIBAgIUHZB4Lc0HwU3WW3pdi2M4QirQrtYwDQYJKoZIhvcNAQEL + BQAwLzETMBEGA1UEChMKS3ViZXJuZXRlczEYMBYGA1UEAxMPa3ViZXJuZXRlcy1l + dGNkMB4XDTE5MTIxNTAzNDYwMFoXDTIwMTIxNDAzNDYwMFowJjEkMCIGA1UEAxMb + a3ViZXJuZXRlcy1ldGNkLXBvZDE1LW5vZGUzMIIBIjANBgkqhkiG9w0BAQEFAAOC + AQ8AMIIBCgKCAQEA0ql5A5vFqwFwxADXxs8701D2bQk360Qz/ww43/rY6w984APi + 3gEtYznondWBgTYTp1dr6vHP6PC0UEeEUHb683C+ePg1/T/v2Qc3hV5Q99A4RoI4 + QXc4R8R6GEpncsdHI7gn/7fKPKD9diuE2AfNGJb9Mv3qWMxOx1J9BxxdmyPpYWkW + fQWLKELpC/dK1DmaalkgUeuuaOPrNQbvkqQOItZB4ToR416VyYu6/qIhUBTKavs5 + KYvjrT2WvLAkOQvXqe6rd8gMNcTlLn/u/RR+MYj3gRVfoPDYJdi5zDTeRJ5ya6vr + 5OC9k0vY+z8YIzCqRunmD+2q+sYE3mR2gnxJ3wIDAQABo4HkMIHhMA4GA1UdDwEB + /wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/ + BAIwADAdBgNVHQ4EFgQUWYIFRafHB1YezORb4v6QeWOxqJswHwYDVR0jBBgwFoAU + FDHZNBr3Zu1wNNAcoJhvzFZv7pEwYgYDVR0RBFswWYILcG9kMTUtbm9kZTOCCWxv + Y2FsaG9zdIIta3ViZXJuZXRlcy1ldGNkLmt1YmUtc3lzdGVtLnN2Yy5jbHVzdGVy + LmxvY2FshwQKCpgXhwR/AAABhwQKYAACMA0GCSqGSIb3DQEBCwUAA4IBAQAENv1m + yDDH4xVEJonz17uvDVZ3JHE2v/aTrRPZLn/A+QmjAcQa3YmI0+Mi9SCWKWV66yVw + zumCPymmGFM+LsxxxXDuYZWbM+JEYalGd2Mn5b9BWV5j+wc7hSJUR5yjEYRVQaHP + YntKwQzJq/pFMDQQ7yt4nRXq+LJoFOkiOnbu9cgYDy8Otn344JDwsmhg4hOnKV2U + I9hZv1d4FIPtsQaF57RkTZT1ShHXP07cmoPZqWpSVm16WLliiwUJIGF6Rj49cDEl + cKum6j+5mjROxi9CLi/xc0Qc05jsTeivevWQJkalF6nTIZZakbmjjze6utVvt17N + Uf9pejgkrwqvYyal + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubernetes-etcd-pod15-node3 + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIIDzjCCAragAwIBAgIUFMCgXlXP6dZGwVLeEJ3Nib8Xg+AwDQYJKoZIhvcNAQEL + BQAwNDETMBEGA1UEChMKS3ViZXJuZXRlczEdMBsGA1UEAxMUa3ViZXJuZXRlcy1l + dGNkLXBlZXIwHhcNMTkxMjE1MDM0NjAwWhcNMjAxMjE0MDM0NjAwWjAnMSUwIwYD + VQQDExxrdWJlcm5ldGVzLWV0Y2QtZ2VuZXNpcy1wZWVyMIIBIjANBgkqhkiG9w0B + AQEFAAOCAQ8AMIIBCgKCAQEAoCCx9m9J9KAt5GuuIRwosVPCp/OlWXs1DANK3LmT + F2Wo6BboMYiarxBWRDYz3YRV+3JZ3TCEtRKphYFBnsK3yRTtZROyvulJ2BNRPMN5 + V6cNy81pnk7QPYxZcc0+ed7jG0CnLMbc5qeFp94oqKoXt8MoFdMvzcRrGoQsXutx + YiROTxhgLKIPzsxJYfdZf/kzBzcMPwtyERJ8taLNKB2jDu6ls5xTOGgcTb+Z8wBm + aH9LvgpouR8Tk6caPsqK0BtaD//XHcxPHRgw9B/yLKKnEz8mD0ItwFwBccG6bXhJ + YtpkkVydA3xcFNHoS+fWg1DPallolFLVxL/CGSu5dsZu0QIDAQABo4HkMIHhMA4G + A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYD + VR0TAQH/BAIwADAdBgNVHQ4EFgQUNpp28YWu0JpMHkI6/Cxw0yvQpEwwHwYDVR0j + BBgwFoAUqvYPfg9bkAppfVRSn1a3KAivKA4wYgYDVR0RBFswWYILcG9kMTUtbm9k + ZTGCCWxvY2FsaG9zdIIta3ViZXJuZXRlcy1ldGNkLmt1YmUtc3lzdGVtLnN2Yy5j + bHVzdGVyLmxvY2FshwQKCpgVhwR/AAABhwQKYAACMA0GCSqGSIb3DQEBCwUAA4IB + AQDDY2i2GumixPiT+9OPIqy6hn5B/uncJVTsE5eaHSek70kgxmnE1LX7TMu8jSk2 + m/XeXAuOwzohYZC9f7PnKijtzRFMdpRbyAvdRNrLh+8urr17eDDMFIhfF7Ut1r11 + BiObL4MRQFNOuorthoW77wqd69L/6d8y5NBLUcNp4C+gqfEaTjUnNjcS5dzm1kcC + pvxo/BgZG5EyjCehU1toKUV0AyOrGA3z2gh1jv3dDmAOjyh9baBVdpM4yrP38ppu + UL9DkqVUbb5XhtIUomPh+7XBG0vxpBv0WddMm3HVUk9payuinGnqXMXSZsnZKow6 + uoH9C4KCxUNK/Ntt+COsVb3v + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubernetes-etcd-genesis-peer + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIID0jCCArqgAwIBAgIUOvty5PiB3xzWuzkUkIQZPlVbo7MwDQYJKoZIhvcNAQEL + BQAwNDETMBEGA1UEChMKS3ViZXJuZXRlczEdMBsGA1UEAxMUa3ViZXJuZXRlcy1l + dGNkLXBlZXIwHhcNMTkxMjE1MDM0NjAwWhcNMjAxMjE0MDM0NjAwWjArMSkwJwYD + VQQDEyBrdWJlcm5ldGVzLWV0Y2QtcG9kMTUtbm9kZTEtcGVlcjCCASIwDQYJKoZI + hvcNAQEBBQADggEPADCCAQoCggEBAKg3LmXxJxpsMay5PIGgvk7fjeCNy85Syn8x + XSrwpbqUNmvobBD3EJQYDgSm/NBydQU/v5gIoLgMnZS+RI0X8NuNH32DuKZAmLr8 + MZvq3UjCQla28nTFcx/gEd9kr0UXvQriltHnddLAlEJvlBtDf+Ti6PeglZQph6Z9 + 33EeslxuZT7NkJyvzuk83tH05EO1XJ3qe4NaC9s+67RZeZH6ohPPLo3jOHlMSEng + h/LywX/FvygJg/GmBPED8lml+rNGd+OIiyn8QV042y570PCYYuSX3BtHBH945OC/ + f6q4gFUH+4J5Ni5BqRfjMd65ipr+qHf88d7Sac/M2R7LtJTFt1kCAwEAAaOB5DCB + 4TAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC + MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFHLrpKbEMkNFml9NXFF827eFlg7oMB8G + A1UdIwQYMBaAFKr2D34PW5AKaX1UUp9WtygIrygOMGIGA1UdEQRbMFmCC3BvZDE1 + LW5vZGUxgglsb2NhbGhvc3SCLWt1YmVybmV0ZXMtZXRjZC5rdWJlLXN5c3RlbS5z + dmMuY2x1c3Rlci5sb2NhbIcECgqYFYcEfwAAAYcECmAAAjANBgkqhkiG9w0BAQsF + AAOCAQEAGKMyC/XHF9HJMOCxqo6FPjjUQ76U6zXzBhNTkilP5VuktQhyft0yG+Ml + g6rgWfwHC0omJGEq0xyS5rJ1KMgI2ZEepT+OZt9g8+4Xm7onotnsMx3DMh7csOrh + K7ANvBsjHTP4PtGiFGnU3DR7tq4ixx51W5N+BFIij8AcjHIZoRFfeX9HAC1J+7Oz + Ix1GOM7FhhqpUKB/a6YpJkepa1ObqOA7Var5keacmH2xKrunrF3WiFPfdts56c0r + BdIqWZ4E4pkNgUurDBxuxJDPWQkPdAXpksg5pd693T50YNG4VyFppMFhgJlgqnIv + PXwl80meM3FfE4qF2o7nTFSAOF0O3Q== + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubernetes-etcd-pod15-node1-peer + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIID0jCCArqgAwIBAgIUUeEO1cFHRA6DHGH9rHOuP5Eufx0wDQYJKoZIhvcNAQEL + BQAwNDETMBEGA1UEChMKS3ViZXJuZXRlczEdMBsGA1UEAxMUa3ViZXJuZXRlcy1l + dGNkLXBlZXIwHhcNMTkxMjE1MDM0NjAwWhcNMjAxMjE0MDM0NjAwWjArMSkwJwYD + VQQDEyBrdWJlcm5ldGVzLWV0Y2QtcG9kMTUtbm9kZTItcGVlcjCCASIwDQYJKoZI + hvcNAQEBBQADggEPADCCAQoCggEBAKwoFWLanhmaTJSwSXZRwiwqt1dhVdDx9rPy + BFKw7b1UdtgSDgY1Gc5Fms2OsNY3if9I3ACIDA8Pvv7wmmPAO2RPqaIJXUDOzWSy + dwSvL4Cy7c0S2yqdyKT1s9NVRvNpUpPr3cdEe3uO8HiVjV7iH2t2xHUtFwOryKS/ + MdSl1QiwOGAbb+cj/JGSrzo77Wgk5HPTfSe5YUvXfNgnMwRWTAskY0Mc4NjsVky/ + UEuh3lWKruq5jJR1J53bRu26+n/6fNDzZDd7Hjy0ZA6NJ7OmSgpqaACJcESd67vy + +PovKjWvGw/+Xa6pzhaYSMARL87n0roeDMV2xIe3tELffzwpg40CAwEAAaOB5DCB + 4TAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC + MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFP7mWhypakSNFVKh/VhXlTVD3vcGMB8G + A1UdIwQYMBaAFKr2D34PW5AKaX1UUp9WtygIrygOMGIGA1UdEQRbMFmCC3BvZDE1 + LW5vZGUygglsb2NhbGhvc3SCLWt1YmVybmV0ZXMtZXRjZC5rdWJlLXN5c3RlbS5z + dmMuY2x1c3Rlci5sb2NhbIcECgqYFocEfwAAAYcECmAAAjANBgkqhkiG9w0BAQsF + AAOCAQEAPCNhZ8sW4+hrptDoNeez780AzWkcmQEOSChFygE3oMqWaQ7fFow8rFsP + rgqWx9BfuUWo3eYaJuiozPSBc2wTdIeqzk5M9NvSaiIX9+J8FOEiDV2eZaq6dhXV + 7eQMeSNQB12ZUQ3tNc68MDC1PfOaZbqNMDpNnsJFbYirUbYgNrNtiiOMCWG0G2/O + mXhJKSNgUfAtLZSk2E7g2Buee4dQiJ0nY7/k/kFXPq+SBNvHhG6+NgGLBhVysBb6 + 289/XH8HUl20Ih7nKHgcRqFuCbGpAVRuCKKpNUWTdTmCo1/daFI2+l+zoDg5fJli + JlwLxlcgA17iD8lBKyFfMn3Y7LXKYw== + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubernetes-etcd-pod15-node2-peer + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIID0jCCArqgAwIBAgIUBue/3ultcQMirSS5fZE+55lQFxIwDQYJKoZIhvcNAQEL + BQAwNDETMBEGA1UEChMKS3ViZXJuZXRlczEdMBsGA1UEAxMUa3ViZXJuZXRlcy1l + dGNkLXBlZXIwHhcNMTkxMjE1MDM0NjAwWhcNMjAxMjE0MDM0NjAwWjArMSkwJwYD + VQQDEyBrdWJlcm5ldGVzLWV0Y2QtcG9kMTUtbm9kZTMtcGVlcjCCASIwDQYJKoZI + hvcNAQEBBQADggEPADCCAQoCggEBAObILFMOukNF58pL0piHn/YTaA/akcLgKdsp + ZO1dkEylxTd/JQzZSNr9wcoaml0otTYx0zrFMeoKUBJdUFC5FuAA+F4agdCDax7h + LUIrtTEypTSACthZXyArnPlkXFRbSSpdGdV6W46LMNgSDrbE53wOXK4ceeHbxPLz + WicOfzX/ra3SbwTMWht8ggaj2ouipt+veOE881qqPEFKFVitjAp7n6feWUb1miD1 + zSoe10Lokw3mPCArzJQ/DhXjZ9buaVgU3zx7RiZ/ObJL9gSjQ5EZc3a+dj2nphcB + zOtfk0YNp2Sww6IngkTELNsg29wIdtICmfR/NsFBp8zmHupfBUECAwEAAaOB5DCB + 4TAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC + MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFOONvXm0HriRGwH8KAMYmqUszJQdMB8G + A1UdIwQYMBaAFKr2D34PW5AKaX1UUp9WtygIrygOMGIGA1UdEQRbMFmCC3BvZDE1 + LW5vZGUzgglsb2NhbGhvc3SCLWt1YmVybmV0ZXMtZXRjZC5rdWJlLXN5c3RlbS5z + dmMuY2x1c3Rlci5sb2NhbIcECgqYF4cEfwAAAYcECmAAAjANBgkqhkiG9w0BAQsF + AAOCAQEApnrsB1DhRvtJEoCtu+5lA3hGUqSn03aW8cUKNl0SM4uvabUzejtDXgSn + qz5oLcUp6J0gytQRT+eDn2nnt8OpIWy4I5KwYXKzKk3att5ldftA1cLu2rFpjQrw + XrB85cBfB5Tj7qMN3ItELeAlzQDS0woJCzLV0svODWOpXr9Tj5avR35bWBK9+RHO + vdnPb60rmG+TDcA0VT652tddOo85dS8c74sqFCqkodBSSqBFyh/OVgwZX9+r6dtB + ZyM5dDJYk9XcVI3JiPZWr++DPnaUGwFELUyvSlSRDR6pB+ytg9yEikcNwUMjKzj9 + ePjtS6OiwU6m25uFQy0YRh4BY8gOtQ== + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubernetes-etcd-pod15-node3-peer + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIIDSTCCAjGgAwIBAgIUBlqdKQx4oYac7e5/mxYUpzfbejgwDQYJKoZIhvcNAQEL + BQAwKzETMBEGA1UEChMKS3ViZXJuZXRlczEUMBIGA1UEAxMLY2FsaWNvLWV0Y2Qw + HhcNMTkxMjE1MDM0NjAwWhcNMjAxMjE0MDM0NjAwWjARMQ8wDQYDVQQDEwZhbmNo + b3IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkj27h21b+EyTaNtl5 + kWTNo58XlsuAmyPVdN+JGhAdcHcoDaHkn0KMZscJfYGqkN5cjSLBXSFOvZbCRjht + dCekytzjtbiaBRvmNjL+jX9SyUys5fKFt022hIreBolT7iRH8/x6RuVFIW6caQBp + K84XaFZee5l7nkbVBPWmTlggCYFqOoadIhyHp6FaFY4etSE3i1iDfeJDJS9oae6V + J6LBKV5EGFfCRv9F+wBb4P1OkflMscmkeUkhhqStcdNHV6/6U5efY7HxHte3H2rh + 496Dn7y/W4YApTKbKSxqwlzxUQR0GrzBQ/zcW8/5Y99eqs6dnP0KJ8iRD9UkUHzm + fJIRAgMBAAGjfzB9MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcD + AQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU6BjXSGqt0eyRJO7i + uSm7mgqYzQowHwYDVR0jBBgwFoAUwmdoY0QJGBU3jYBO9ip6FsQEjqwwDQYJKoZI + hvcNAQELBQADggEBAIt2zRWc8qAJN6NRRhXIwj31JeV6A+28lM/8e9t6R5+wzogk + 2potk5b3EjB2nquL1WsnPx+/mKTp+KpazcgVQypvgca472mQH33pM68gfns2KckO + kuH8+8sTbtxNJgGBVKBvREMjCeUu/h/8L6rELHOTIQxDunA3LATsOefGlmiEPc2x + fH9GTdNnhyYhig62gnkgcA7jsOqRIYRT2SyRYS/yIFf8Zx6o4IfdvyIxfRUITYY2 + mgELgXMIL0POQ/SCg4c24fHktthlNQaiyWZdDi+Q1KmN+IV2TnIxqTM0vw/+osTZ + EPeYAPO8zGwSVSrLthbc8mIqHRwpUu+xfFKxs2g= + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: calico-etcd-anchor + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIIDkTCCAnmgAwIBAgIUaUhNNlUtZXqu6lIjcxiK1gjaLsIwDQYJKoZIhvcNAQEL + BQAwKzETMBEGA1UEChMKS3ViZXJuZXRlczEUMBIGA1UEAxMLY2FsaWNvLWV0Y2Qw + HhcNMTkxMjE1MDM0NjAwWhcNMjAxMjE0MDM0NjAwWjAiMSAwHgYDVQQDExdjYWxp + Y28tZXRjZC1wb2QxNS1ub2RlMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC + ggEBAK+82kj2ahlXwvy/vhmOjid2EVjzS5EN5zORkYfNmf2j6Scqlk8VR0PJLzTs + hsVwEtvUwTVOvMk9umPbWRaiOVL4h1ny+otvvpVlF8FBi7N+a0CtJVNf/tTG5yeZ + 2ykLFrGMbFxsyD1Q1/gqby1Rz8QJPg1sStRKuZyc6zgRUCkyc61iUOUuU1ZNySlQ + DmpWWlGsGeNsvX6YZZKSP6BtcGDqR8v1cOhyIW9m4M3X4uFzC0KFWRQ8948Ce3x7 + 4bu8Qj7st9DE+UQoxu8tzRpz0RfziZsP5M4F7WZibPdboSsHq4SVLlH2Nw+FtHkq + RjyHA8QSw8gvSCJlBkOidORYdFsCAwEAAaOBtTCBsjAOBgNVHQ8BAf8EBAMCBaAw + HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD + VR0OBBYEFJPFkweC3RTeFjQW+30mTlgp0EkqMB8GA1UdIwQYMBaAFMJnaGNECRgV + N42ATvYqehbEBI6sMDMGA1UdEQQsMCqCC3BvZDE1LW5vZGUxgglsb2NhbGhvc3SH + BAoKmBWHBH8AAAGHBApg6IgwDQYJKoZIhvcNAQELBQADggEBAFQ7O2NYvxk5nCed + ZVDGB8ASlH7JVQlj+99DQrjngDlJKJ9rE9CXzdoisY6hLGTb3GFIqFamhNjp2zKl + HVEMQQv7TVrnXHXwOnCKLynMSl4w5r7LbKD9zvZ+/LsjwM+1gmGQJ9DQ2Re6rNUw + EElRDOwRK0rgBKLg9jF4g3Znz2VTroDqT9rAa3ERDUCgLMXsr7N78hbZiDPnEJIX + GuUBRQraczt67SvrtqMKEnLpqD2PZ0K+2qjp92GFRIGqDJJLFQGRsM12KYBLd8vS + 084hEGRs7tWKhPTyJAzwsZw2BLuKSKEVZIZAInFynjeaAQJz1A98OShYrDtXqDQP + NFG/iJ8= + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: calico-etcd-pod15-node1 + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIIDkTCCAnmgAwIBAgIUG/HxJEfNK8c2J9T7ljGinRbQRXwwDQYJKoZIhvcNAQEL + BQAwKzETMBEGA1UEChMKS3ViZXJuZXRlczEUMBIGA1UEAxMLY2FsaWNvLWV0Y2Qw + HhcNMTkxMjE1MDM0NjAwWhcNMjAxMjE0MDM0NjAwWjAiMSAwHgYDVQQDExdjYWxp + Y28tZXRjZC1wb2QxNS1ub2RlMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC + ggEBAPYf37iyRGEDne8OambcL1884sIsCDzWdUvgEfi4NS/tK0FntK3+rNgVP8rf + G10fsTHniiXUlmnP6KqQG6r8g5iyRAzmW61DICIPJv0k+wJxAPCWYG9404WtQ1ij + 5MXKHQYaAWP72+dPLeDZrji6H+J3mePLuPusFKDeEzuo7WDXHu1uVzhn+/lryvHd + +u2uTKv/Wo3nEMoA7Nr7oox0th4RzOfJ4bH3W/yVwLESEy9kdnRwOXGeK0jC33ig + lDQzxDysb9mVq0xF6FoYxGmPrUPKdLFljNsKXNYRdr6bucuayCBxHcnk/VPGyFf5 + 90YZjk1RGsR4tt2YFpfJrrjyB98CAwEAAaOBtTCBsjAOBgNVHQ8BAf8EBAMCBaAw + HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD + VR0OBBYEFO1E1SrKiRQR0e/Rd0SVV7ENJh63MB8GA1UdIwQYMBaAFMJnaGNECRgV + N42ATvYqehbEBI6sMDMGA1UdEQQsMCqCC3BvZDE1LW5vZGUygglsb2NhbGhvc3SH + BAoKmBaHBH8AAAGHBApg6IgwDQYJKoZIhvcNAQELBQADggEBAEOcXCuPlGzhUQQj + ucNIjRV2Tq8k3Vhbh7sUaD8SU4rulfQ/IvfeXucq1V4Ba5BG6wB+TGp5NGBumFsX + faybLTu15sslS79gXPI+2zgyACDH69WEHQm1c1Nw2z1UytZ738iuEw6p4CeJe44e + WQ903+gYSQWtxZNtCEbth8qrzq47PbLNGwQmZ3KoBqpbsWJ6vZHs5inN4QSR9JTW + cOiI+nW367YfAjIjwYs4scoHPWjGTtPuSkILY3n80bsWtZuZtHNXlFWK497z6x0y + XLeYy/gaE1rYkq/9jFx/ij/5pJ/PkNPEIGM/2peL9jYqK7HJoczle4aej203S+6D + F2RxWpk= + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: calico-etcd-pod15-node2 + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIIDkTCCAnmgAwIBAgIUZ1VmiYn+1QtFYmd0Z7+742YiC+0wDQYJKoZIhvcNAQEL + BQAwKzETMBEGA1UEChMKS3ViZXJuZXRlczEUMBIGA1UEAxMLY2FsaWNvLWV0Y2Qw + HhcNMTkxMjE1MDM0NjAwWhcNMjAxMjE0MDM0NjAwWjAiMSAwHgYDVQQDExdjYWxp + Y28tZXRjZC1wb2QxNS1ub2RlMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC + ggEBAPb7nnKOp8yW9k2vW/JhMYtS36YEtPPp2hL7g0Sp29RQbI2RX97ELFZFSLvt + y3A1J2OwQnYhoJQWZwxOXESmKdO9+X2qcMPkAQDdjrUEXdbsvaFQ349x913CWLpk + lPznP8JlcLzy1x05JKxQccgyZjwlxFf8lwLnjCWHA+KTqiHzil3hk6DeHh7b5miw + PD3HpRyup6oBNMOJrDffHuHZCAnqzZvBt7amUtIFpXcXgkR0fqaNkrM1zy2OBdDn + bW9kmt2G0lv0yNPsBwBbPOeXKqQS102WK/PAbY1OD865QeuZFiN0NggN5sqHw4Ek + +nK76zYsGLixgztpVMm0DI39WZsCAwEAAaOBtTCBsjAOBgNVHQ8BAf8EBAMCBaAw + HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD + VR0OBBYEFOlffk1fIN68LBcIsmT4CPCC9IlgMB8GA1UdIwQYMBaAFMJnaGNECRgV + N42ATvYqehbEBI6sMDMGA1UdEQQsMCqCC3BvZDE1LW5vZGUzgglsb2NhbGhvc3SH + BAoKmBeHBH8AAAGHBApg6IgwDQYJKoZIhvcNAQELBQADggEBAJlBEC/30i7sLtjA + XUYwUAo8DYF5HOZkXKQ+LtNW3N2KKTNJHuqSG+cO66nyEDDFKOUECOgDcEL75SRu + kCb4e3bCEOcc9sVyjITQ+jg3jhH4TzuZcHkIWqNDCVTHnHNRXfJqPRFntHakhbDU + wblxOaHe1eee9edGI4rx2aEybYBwhhisxNaPrI20cjR0LClPcDJBQe89L7DSXVc3 + saw5/+Mmbwj+VlplbgKE6o0WRjR6b5fp7oVCV+WM6QxQc19WVoi5R3j/TJWh+inh + Mcer46YxNf0Lc+jxxRGXU42A+Bjw8vNy9C3QJA30Nr8D8LXrSHWYfTGpHqgXaPSN + VOMkgmU= + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: calico-etcd-pod15-node3 + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIIDTzCCAjegAwIBAgIUDIR2JwNf98wq93B/4iWlP4Nl0VwwDQYJKoZIhvcNAQEL + BQAwKzETMBEGA1UEChMKS3ViZXJuZXRlczEUMBIGA1UEAxMLY2FsaWNvLWV0Y2Qw + HhcNMTkxMjE1MDM0NjAwWhcNMjAxMjE0MDM0NjAwWjAXMRUwEwYDVQQDEwxjYWxj + aWNvLW5vZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYbqzEO5VA + KCLQ8p4/OH2O9lC/yvtYvltJHL185BFbOVUmkSDX43UAuOngW6BjTJKCEcuAls6M + EVkL+ZZk1Yy5ylLXQMr2N1rEMyqLQwGaYVEAw4Waf3/aaJDK4HgbvqG1SUZ/xQDe + F9aT3bHNGu0ZHU365Z0Fk46GmqqLJ4P7jps0slU1kwmqTvn/0fdZyVttlS3Qz6lg + 3kD0CjNnUwmjCWhkddzlzLDdc+4wj5YLnxvalScLrACn3jyrbo5buXHHAgiwiVnX + TgwcnHiCgl36TOK8TIAyvKKFCJReM5nvShWZN1AM2kKMhOMA0fNlYRG6pLB8tkvZ + TT4R75fzHmizAgMBAAGjfzB9MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr + BgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUDqis5BI9 + zFsEUrdnnugu+HiHf7cwHwYDVR0jBBgwFoAUwmdoY0QJGBU3jYBO9ip6FsQEjqww + DQYJKoZIhvcNAQELBQADggEBAMa68AQlTLVOJ0dt2UQR963MfWX1aiAi0R5Ivzw/ + WqJCThma4s9EuOZLTSpBnqfvifaG9mBS6YTI0jnQJsJ+yOSDJWwlQFmAvUP/bcuw + aDuf68SbsOAlqS037kf+/1CkeCfGzsG/Y/ZZOtht2tMk9plEz+KUXDcMNr8LdrkO + O/QtdMwLp/omXy7hfI8J8X8tI0c1ujflkBdkSXXPPfnXHfUpiJdgMsFj1rgX66ef + mGFruifunzHuSeyPA1Zb1IivnVvjjUVwcEHV07tRmkorlMhkNGs3vVpOMfeJGxEB + ZyS8C0Egmb5BrWV9LO/vLHHxkNXk9QiJ62pLEkk6rRuojVs= + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: calico-node + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIIDmzCCAoOgAwIBAgIUG9jvbCvvsge+8e/APRQxIucg+RIwDQYJKoZIhvcNAQEL + BQAwMDETMBEGA1UEChMKS3ViZXJuZXRlczEZMBcGA1UEAxMQY2FsaWNvLWV0Y2Qt + cGVlcjAeFw0xOTEyMTUwMzQ2MDBaFw0yMDEyMTQwMzQ2MDBaMCcxJTAjBgNVBAMT + HGNhbGljby1ldGNkLXBvZDE1LW5vZGUxLXBlZXIwggEiMA0GCSqGSIb3DQEBAQUA + A4IBDwAwggEKAoIBAQDQV3ByAkViREt1058UC/ao7YHv7ozK8Divo+SCk/NypO6e + 7usteab6JaSsaS1NldHkZU7w6ACqQx1jJLKV/Ch9TSMRzyvn7W+DupI01/SW3nZy + 3BtT5Jkhl6DUUvoBIAlilKk/wAKot/CcK5jiDJ1uPwfsFELBydWyVyrBzZ8/MCAY + hfsnGXkP4THeA3+IwV1m9g+lCAvTqJp/zxz3uUCuQkMmO2QNMccTk/+YyBDMqmT3 + gVAqX8pkOS/NCzrC9Bni82bw5qSWg9oPu86iEYOwOH+y4bHro6sgYlz5RaoQYg3X + kAczztUUrq03N3rn3Yv01/RlgRLj+Nodzt8JEgnHAgMBAAGjgbUwgbIwDgYDVR0P + AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB + Af8EAjAAMB0GA1UdDgQWBBTDYcLwNIFmkKUiGVHNgKBXWZFECzAfBgNVHSMEGDAW + gBS0IBvCEFyceh5MvvW1+n98/fwOrDAzBgNVHREELDAqggtwb2QxNS1ub2RlMYIJ + bG9jYWxob3N0hwQKCpgVhwR/AAABhwQKYOiIMA0GCSqGSIb3DQEBCwUAA4IBAQBW + k0ft/7ms8XH8X3j4OcQzoCFR//GJO5g4xFS8rNOXHBfMON4dfUWspnke77XAs8MA + q54KXkFH1mdrzZXvdSiEFAk40aKiVJkSs70s4MMrWdRNpRTVvjLJLqsl4J+5fIhq + eod+VsFvWhlC60F2CjJo40qQld13XdcXXDNld4vKGN5RLRwsGtsMdlQFrcFaIRAG + s9fEfkuO/F1srbAlCMXDj/YpGE1vc8r6fsHTRqIzfipvc3xM/0kFjBMSa2crscgE + X4dSZd2+fiwoF1t9s3qZJ0+T/sV3va3ulWAhxxnvAHhMKhAXNAJuVlWcqVfgE1lZ + 4IjTQSXYnY2hBSWTKBzf + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: calico-etcd-pod15-node1-peer + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIIDmzCCAoOgAwIBAgIUUvmYVREsxZHDafAANHTSWzEdSMUwDQYJKoZIhvcNAQEL + BQAwMDETMBEGA1UEChMKS3ViZXJuZXRlczEZMBcGA1UEAxMQY2FsaWNvLWV0Y2Qt + cGVlcjAeFw0xOTEyMTUwMzQ2MDBaFw0yMDEyMTQwMzQ2MDBaMCcxJTAjBgNVBAMT + HGNhbGljby1ldGNkLXBvZDE1LW5vZGUyLXBlZXIwggEiMA0GCSqGSIb3DQEBAQUA + A4IBDwAwggEKAoIBAQDj6Wxk0Dif71F32qT/JjHfZCCr0d7ruvZuVjoGEZt9+jWc + D4q1DuaFKfBhU7XWS2nfn0JSkAPAKJfj5C5LV4FRRcaO6UFvRgGMyVjkrPbltMeM + XiGSmRJqJeS+9Gd8xkufp7NjVJ2L0SBhJhweCMqDYJkW9L06RIkLg1I0xijjc9Lq + POMEhDl6S5x0fguYZsqDP3LdwLaXS9ePhm1a5+ZCNi51QsiInSqWJBTMc8xkUbE7 + /6eLaL9rapi5urIeaWKs+tcGGbVsqRQR0+IGOd3B2s39NJBCw9k2V4B7Mokt83CX + cWPNn/woGYooAW8szdV50xr9PzANslT7Be57KoExAgMBAAGjgbUwgbIwDgYDVR0P + AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB + Af8EAjAAMB0GA1UdDgQWBBQJuhpjAzLe2vdm8CWmy82GudoJIjAfBgNVHSMEGDAW + gBS0IBvCEFyceh5MvvW1+n98/fwOrDAzBgNVHREELDAqggtwb2QxNS1ub2RlMoIJ + bG9jYWxob3N0hwQKCpgWhwR/AAABhwQKYOiIMA0GCSqGSIb3DQEBCwUAA4IBAQAL + Os2o4RPiOIi1voK0wFlTpNzxJ8VxvJnXKmURIH8auRunp8m7qlyl+00qYvsApBLH + TXHXXdg0wrV6FZI5L4rj1j3kEfCgihkcK8lekWxdtGO9NfDqjWNxGnU8VfJu6601 + or9Qfv8eWk+WvzAi3dgFoBKTcaIRwq8CThzy5FJ5kyxtS17uBX8/z1k2/VnqcR9k + nph8zwpH8PLYuohDvUhjGgYbwG/VnV7cptorxYRaqsawPbY4xWKiiKNsY9EjVWKu + DfntG4d4MKe69KngeFOrzQJsmlAbXCMWuFpuOGGUFzPFjrNH0WtsgB+PcqWBP0mb + 96CRdMYZ+G3Dh49Dyz0M + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: calico-etcd-pod15-node2-peer + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIIDmzCCAoOgAwIBAgIUTTCCf5v++d+aOhIaLHgtb4aTcmEwDQYJKoZIhvcNAQEL + BQAwMDETMBEGA1UEChMKS3ViZXJuZXRlczEZMBcGA1UEAxMQY2FsaWNvLWV0Y2Qt + cGVlcjAeFw0xOTEyMTUwMzQ2MDBaFw0yMDEyMTQwMzQ2MDBaMCcxJTAjBgNVBAMT + HGNhbGljby1ldGNkLXBvZDE1LW5vZGUzLXBlZXIwggEiMA0GCSqGSIb3DQEBAQUA + A4IBDwAwggEKAoIBAQDmM7Z0DT/3y2AOvC2CLLWALbjALSzfE/92aJZjq3SZrlOz + 1HqVZEqOfdtV0jVBCv3cXVGCELO1zv3pY0ZYmcNjv2ZX5v73WaPruaqVgvLr+mKK + rlkottOqmH4u4Ra/uaq5XmwffnxLSqMPGXGY2+1a8X+FJfktULpGiPreQByyWjFa + UpMN68l7IRKsdFpHIk7e4dlYPtO7WmqJdD2mmsOHKULdAxd1SPYGP2Q/L/bOGiUJ + d8ZEuNs+GQE/ymkZnI4iP4EAWjWI3mZTUFzo379wNR7t07NmdOQmCqKIJIoGLhxP + vHdYW+9w1vURi/4iJY2xIMUL2C9Y6HId0v21rS/3AgMBAAGjgbUwgbIwDgYDVR0P + AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB + Af8EAjAAMB0GA1UdDgQWBBRpEPZFqz8zNV3TbL6HcemlogcFBzAfBgNVHSMEGDAW + gBS0IBvCEFyceh5MvvW1+n98/fwOrDAzBgNVHREELDAqggtwb2QxNS1ub2RlM4IJ + bG9jYWxob3N0hwQKCpgXhwR/AAABhwQKYOiIMA0GCSqGSIb3DQEBCwUAA4IBAQA1 + 8yxX6tUPWzkuEo0YFRnUHuOiurbwSx/JnxKfA289qhFbD/j3BuOak5a1OBPK1KRh + gtDE9MXvnncGtdXPeL9uKRltUQvAA0XdYNxx3oZ17zbcbietlXAjk99pnMNhhvrt + /s56LJc7HUvguQ/ld9E/Df2rxntQUJbAaU6tnpjoG4dU1AIqnFZOg0T0aQyNGBuf + HwCzcfUxNovXaT2zm90SjlmCn4QJy9hYIGu1JQGePFxVobm0xbNxKDGc7Jo11aGe + eICmo+kfCMWFv4y/fZ1yeAxu1Zj4CYGZZqt3PugH4m01o5NEXjbQrPf+bJsz3mP2 + OLvSK4XeGUPYP+nUkCUw + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: calico-etcd-pod15-node3-peer + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +--- +data: | + -----BEGIN CERTIFICATE----- + MIIDWTCCAkGgAwIBAgIUfplXHaHBvz9QeeSG/58btMVizQQwDQYJKoZIhvcNAQEL + BQAwMDETMBEGA1UEChMKS3ViZXJuZXRlczEZMBcGA1UEAxMQY2FsaWNvLWV0Y2Qt + cGVlcjAeFw0xOTEyMTUwMzQ2MDBaFw0yMDEyMTQwMzQ2MDBaMBwxGjAYBgNVBAMT + EWNhbGNpY28tbm9kZS1wZWVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC + AQEAsHi7aYU3sxlIsVQDmhvZXt2gmTuKs07xIqY+iSoFaameLZj1vz4yHXphsahv + ly6Fh/HUeWA8P8idCjcMKWETam5NtES1vrolZnxqE50w2fVzbFMXxWr3nQeFWZNY + qYJUSciVEzni9XmNm2BU8Lb+Lj0caITkZwb8x2hXVtlpic9fQPQgjElYB30fe4mv + vDe3dd9jxa6amfLPAdnY2Q9leIoPx2QiFmx5zhx1yImnq+gDVZi6Fl1pncl80SNt + 6K+/Ls4/S9KxDmh3bkVFqcv0/xp3ivAhdKsT+XfXh17gsv2rJTT1a7wM9smPZih/ + Fwbpj52Ivy2oSBDqCJ8C6BHq/wIDAQABo38wfTAOBgNVHQ8BAf8EBAMCBaAwHQYD + VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O + BBYEFF1CJ9BWDtBg3NOVSu4+HPcqAmsmMB8GA1UdIwQYMBaAFLQgG8IQXJx6Hky+ + 9bX6f3z9/A6sMA0GCSqGSIb3DQEBCwUAA4IBAQBA5evcYNDXJX/VMsmiZhfG+JM3 + TuICXnrB4u5CsODY+mocGv3xDPxNbVp8ZQrEUFO9Ip0qpTnDt/Nx3julIt6k9hDb + MmnEHfVCMbqUp4Pytjg+B7ourQUl2bwPd62uW3SzEsxeA/BGGCRigCuwrMdTEW2f + TsH58LYDFJNIgeZHWuBuGXX910ik5tZV9Wwe14JwJ7qfoCisNsKR9nqGvgJPjV+S + qShGGsUsA7SeC2HtsOFthpx2XmLQARXqBaffyIk29ZLrd5GnH6Qv5pwFHGdTDMkR + jybfPuQUFK9r2r4KSXUjmouOJkLgGRn431Jg8seAnivID4BabwuR7wNJdzoh + -----END CERTIFICATE----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: calico-node-peer + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEogIBAAKCAQEAw+99pbXC4JFmMPuuGHH0WLoUDyOApphhzuv2ItJGthvrWwHQ + uZiKUH6wr9l8EVPlY55zCU4EJx3argH99Cz7XCJuoNwxVbPLKV6Zxdk+ZeneZkvQ + jo1dLakohLYM7EO8W99DqarzesLcQRkxrIc0cLJyGnEUhE5Yr05h+bmMqRhd9RmR + Tufnm8xGQxC8pZE9t9Znsx8i7RRhn3urqt2pnJF4J3O4P/rLix/dlUOgfSxnCLih + ozEMbt1G1AAhBroAlZNxYIhbrZpzGrPII14NEdzms68M1umo3T6tQe1eWmJSCR31 + e6wW0ue3Xr9TYdgaRIagiRQsj5W32AQ77y656wIDAQABAoIBABh0qAYq7awB+fNb + NpuufYUllKNfFwu0MWEWap5mCJVqXrH5RAgmVf0+EuegCbBP/G22tT0QE8yeGVFm + xj/X7XfOhGhnk3DTBCShvifHudYWnr+97sYcNukgGAKYhnxm5/e/oj5nLATClaM6 + dczHA3CdlUhfnOP2s3MOIYR9+GSSghelH6W+Q0C12+HQIU8bGGkNiApOOf2rnbKe + L6EsM3JmHMI8EPFGlCmZC4OjAqYqZrpGgG2Bqc9rKeMq1s2BRbYaPjaGzr1ysF71 + dO6JfU7StkH6CisW4J/JDJp13iA+q4PYAOZanyUPr9HgPodAQpDzh+Ldw5pS6X/t + amexb4ECgYEA50yplROvmbFpbjuSjAhzc1Rx/LRryxeNBxMTctUmNnknX5rcLf4D + vuToQrHqoAC8e0n12N3+MybPA0+nQk1RneTqAdLrb1oPKRvmSiwSD7yMdUoI2WWs + FILGN54m1yiCb7rz0PT9bDUU9j8f6RldC1FLFtQrRuBAUeyi90gPn3ECgYEA2NwJ + m4AC0eQXlxHB8Qtj6I2ErllDK2Wwjw451XWUwSvgy80JG22rRLnVTSC700IRoT1o + cURRylnNIKSfKVKhPkgCjnMKy2UmdaH8EE45N4ijh+yU681XwHW1SVcWAE5kNdli + M5l5irRkkMD7aYw+KZOG30HQiMvL88ndYIi0+RsCgYAfeze5qqxD5vnKnyEbHitY + jy3Uj1n8koAHbnk/L/O7hlHtmU5OlDw+Rzm1mjGtBWyh+zcTBWQL4kRa1wSU6aEq + NHYFOYgB5+gYWEvH3Ke4rJkRfbomnMgHIqWH/Gac8k6OlouI7U9w4uive3gEagdX + +wCVYtthEjSu8d5cedpmgQKBgBq9Xw3mhfJ9jo8ZKHHhdqtJL/ATn52tR00McwMo + IXSERY67tIDGUBUEWRHOlHpjLitUmBlHVFKAKjP5OIru3mUAmhgYhV85FLnyhFM6 + YgG//nIXMPG2eziHCxiE/XiCMgcVy+8S4JLC1ZenxBhqq4uS3lGPGviTMI3Z+Usa + 8D27AoGAHO3PqaR4VV2Zghmdwu1ekv78VBgJIq9DJgk19BS3oeTA8NJ098Q0KQg/ + vbEDhg2yvo9I8O5owXhJCdWc9Dmw57vlIRX05RIGruIxn44+3oTeC1pdrynx1NH4 + 9RiPdNHc4Cgzj05pkgEmWC+/nrboz73D9bW02frZ6Ijc3WcMfig= + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: apiserver + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEowIBAAKCAQEAtLIWsIZJaV7nzSMIMq2GkKVBsLhS4jLlir3dnNlMHD2J5BWV + Z3NXAiPljSir8cpvSvaJVUTiGxSQAsJwst7NjvL2RKMKuBepidqHAMxqMR6fbdwn + uJO0d7eDInoKYO7CKMxt4l0cOlUWfWqv4SAp8I3/eQ16k4Da398mQLPQeWPJ+tqK + /xv7qOe5CN29hWrHQuh6se/Rk0cGcPjD6yGBzqqlTHwkgPy7nEKOvyhhfZdc61tT + 5Y+aUvVfl1hpuZ3g1kOJ/3qqUAhNy5rvS8ns4vjYsU0fGRt8xyu6l6Mwn35W+bU+ + PJKODCGE+LF2HMDyIfREXqsWyRqSKRd4e/joXwIDAQABAoIBAQCYpl5+sGNyTgfb + h/3T+j5VEhbluUHj8AV06SM/717Z+K717bny1ECsATFayAJCWLceiBnK3E97eyqR + +juFEK5tVhnwMCDNFshWOjOU3BvV9T3QbI1t4/IwtOpmhN0huHJ0TweBlRFUwi8m + sqt0r1xe6UbquBVWaSP+vqCtRnsXIGfH4KTA0+ylvmE0U+BRlhngZgKwRMAxCVtz + E/wPuEqI4sPfKBYiVsagmrrW9liLs51m641L5d9cEJlku5FVv+zu6ISq8lCbVSwl + vIjhdvZSTFqe84CrsKeu09lOk+HYt4FYMzRGYsiyEjfxvqqzCHwey+6TOovN9Wys + ntSUMW1hAoGBANUu5ALeCaPMVaZUJH1CX9PdltMF3/TaHHnQdhgKgKsVI3+elXgb + e7e+mjBbiYrgM6ECm0P9QW000eTCMz3ua/BA012E/7q3PymwlHR3rbHnk8SkMbBm + PVSjPHAQFgvrdy9lbgaDqDBACLksLxW3lt6dbCEYq7hTDLKUV2A4bwyRAoGBANj8 + zrjW4PG+xQrIMcAdNVqikACweveX8iP/DEDyi0pX8KHmT/ZFGuD6IThxStf0m9SI + i+KwSok8C8CvB+k1bCRLCvWcDK1r+Oc9+7CBx09AdoK5+8Pt7nV0JaFO4WSL9ehG + eq3U23Hf7dJltEVDhTKsBiCDIjbYoRNdC12cw93vAoGAL4mTQqhskeAAwWRF9sCU + SdRBy7Clrh3s96TqkJXW909xaQXd4riOL/0KuPnQg+1W1fKU2OZibo22uEIt1wOR + gjOSbmo39FTketFraUU+sEspglHy2pkR2AvGcF7F68aH/0Oo8z7shEXjLBeUME2O + EPodoIu1zxaF4FR/3272JGECgYBwC3LvbT2wdvKmU6Ok8TAowgKb6IVGrnZBciSw + sM2OMQS3hQbLQvnTLDXVQGMGSm/g+jVJdAC5BoGHGJp8KLLTttBM7Sx6rGNVfOMn + TIxPdxj6/fBsRsM4cSYxOlsWoVL0gtg8RMqf7aKPXycMEQaJmNx9E1mqeogKSKRi + zV0yjwKBgC/nxzTLAZ5gM2rk09mOMDdODIcEo2scYM8x2QLKmTXu2GGvoLWjYCeW + XAh4Rqz+aPLiFx5lxpF3aLgiRpfjGzJQOC50X/Jvis1vqcjLPi0jeUWYN3tggSHm + ym6CsjKp0rnOO/WXbAtL5MP0+SP7e5YjL5nVgWvWoLq8FqzBH2xy + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubelet-genesis + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEpAIBAAKCAQEAsorbZCDlgVUeJs3ioz016HI1ks7HkC5l4uJiJn+lJFBAxm29 + ycRmVuzkO0dTO0Jr6QOx3rJptssC4oJxskQtffTdwRVkDt1/8jZVS8DGxYRbbJdY + WiNARRg5cIIzq+1HC9g3wJLrp48PbEkxfGTkzJE5m8Zze2xE4Xr9D1hCCxCY3S0J + v/AWC+Ll6B62zWF9gvLWgp9kfRNHlFY2SDTAx7720IUXpAd8rPpzuOGN5D5GY5uD + Dc+vw3Q7KzqqgyMHLWFZ+t5B9KrFh6J0ZKV56RJhXlebBBhrjHuOt17yyB0BtIPy + nlDr1WjSvWKez1NZCw2uvO614vODmG3Cw1R2IwIDAQABAoIBAByPD4bVqEBm0Bre + 5fi8isnystUX1F4gvdVr5s1Hr6++Uo4q8ae7ja8r11oQD6Uz+7TbDXGU0koV8REw + UmV0eF5kc7A17rpd/eBNhplGbcUcZc9Z6h0I9HfY5x8zBHbkzm97l3drSNyVip8E + mjDOprZ+KFvdg41jhSUYGjCBKpdAPMQL3v54MYB4pYjxAuZdZpIpU7RFZajGhxa0 + /vrQ/1vOTZRt8fKiuHpbnP0rw9dnkTVnBUt1O74ScMdhJbfG8yvwLveGP2UhAuDI + RLmoK/XoySA4EHoncUIbcDduSwZYLrbmQVbFIVi7cEBNahV3S7trajC49Wp3ZUWC + XAdEUXkCgYEAxQ88+CIule2HBU842MswGcZZkQJS5DQdhjSUYkK4E711mmJ3U0pi + 3pP4xY/mbwcEKV8IqcQffO5aRGBW4vC3B8SmovY+33nvOcQS0wAuYtIeGjTc7mzs + f49rKrfNFQRDQqohuTse8dsFXLazBUvEKpB8PEw38+brzgBnGU4sKs0CgYEA5/HF + gL7dj3A8t3VzUIgPCBKotWGZjKl3FvAORaFQkXlodp19bsQ/H4x9JE/KhgMeHMx/ + oyLMRvjMucUnGr//pS2ZQttfA6U9HvOE8kAhSTLS/fMEUMOea2B2fBrDA3qoRNaj + LUY4l3Hb2r4XjFqrjacChf9scVyw5qHs4pxYBK8CgYEAtL6QTouTrSKrWFxcqMRd + fxamKlI2U2fVuLXbb/EAQ+LfzlYIWpX872hLonGliyqlT4kCOixQMVex5ctzhj4B + sxdVPF2eN33wxUwpc+1TnoJY5/KavfmcRjf2tLzXVzKMusWvnuUyMeWRGoPc2buv + 1taljOzf2U9x84X9CoHgEvUCgYAsP/TVDhTI47nBqleYmox7lsu25urbag09RAkF + AbSUPFxQnNUsR6ZfR3cscUiK7pdVGTKUlfPw6lBsdI90TALiqWNe3OkwkdqqR/0q + FlADXf3g0vcUzW0wwRN5s8VWqZTmpSg2X/o18lPmVHO7pCSsfps9ozA2JF/fcC74 + QKmOIwKBgQDALkdij+ZKeU1IBoQasSAQ0B9elpjgqccxfsGYS4UVyBmM58zfiCI+ + IeGFusEFpvo+00vNDT316xsjlNXx6F5ng5+0LSF08IOHzDbyO/s6FSfgHlM01NJM + STd7+Q0kA5yx6s0e4b5QomVhOgn6iNODauMNi+cDYuWrkIl07wAVyg== + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubelet-pod15-node1 + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEpAIBAAKCAQEA7OCxLlm8jzlm4QizZlf/05yT6WIq6cM6ivRQavke/j8rPCqu + 6es7VWPXUPOliy83FOI4vpuuSnI8YFFWYfjUGJr1VmwB4VeQDENUd0ny2CUliiYk + olbZJbyWu0Hmd6tAorA+LBW+k8LIjE1TmSyLRgKzmbsBmDzZs4+c/9eg/hRiwKIE + Zg+M3H66GeLFWnnR2GcouaOArnfBx4mx6X1GYXOTwej9ljW+h6FkIldUhMnI2aof + 7VRQ0xAgYYL0pp+e9Llu76SFEQ/+b6B9MoIHhEGwIGcGxgbXO4XI5G5mhpQJchpR + /159o39LgpxiqB80M2N1l4fYtiZ5Mgpntm2X0wIDAQABAoIBAGdGS1l2/FPBZg5E + udqsETiUcpR1HVqPqI1+mTUaah3VMqdnwJzx1wuSnQSJRaqaKjyrqKvJukJw7cvc + innqf6Y+oSpNqsAxafc+v6vGjN8ZyvUhTiWNEd13DIyV3cJc4rBLgL+9tzo62S76 + Y7FLj2k1slIbC0XxecTkn0GYJHPBXtMncTgceefAtSbEemqnC7wUYiwggOiza1U0 + aB7GNPG1Mr8DWV5+dBKvu/kLpAUZugUsUuWrzqLBl2qNjAJsO2dKOaWzd7VHDJIP + rdQ/0YCxK+PdPCCVgQQAJ9AsqNeS9G2Xs7HYvh7qbKBJYi3hRN1VC4Nj+rvcWdur + RJCaOukCgYEA85OVfxZSXv+qj81QovRTGkOTPrZZWJ4WkkpBSIg5SRTjfCqXqj8x + qk5cha2g3vo7WrPxTeFp2a8fi9ZKqe+9rXTBITXu9NiTgsd9c6EdBCpdCfZLdQHY + 59/h2/lFX0/jP5YUWPtbioSmj4+qNqn0EH2NUvs1DxzluvszAnJS150CgYEA+PWk + E5DJqNtPIqS3wPH+/LiDL8s7ogBEepv4tHfLun9suZO7p09P9gCFbymyv9OrEFME + pOiZo5DHH4EmVPt03OgAibgM+kSFY+CUW7NM7qHXRro8+HPus87+EZiKWKBn1xZ3 + DE89lwdeKcuPVdlr60TbnqtFu30la0agfVdlai8CgYEApjUe3gmtS4XKLTY8v/VY + f6N85l4nuYCmhkyFH6lU7bmDQUcPFuzoRv4RxGYmUAEQX2RKVIpsYE5PiGxBppQh + KitxXegflpPylFrsD+rwkdcWhaW696y7Bf6PcDs4S0GIH+uZFt7uKCc8QNoXnBV8 + pYQG24jvO9DMMjsXI6Q/Q0ECgYEAnHuBow6pwmn+pq7UFQHGnUC4rIzYsa3rXQm2 + XHDD7Dh1tXuHQtWWU/Dl7gZOpUY9Sqhzzdep4mZ40nOSDW50ePmWhPnbpl71XN7n + QXBE1eWB86HR+vSbwAdGKPcxVh2Ux1wGfgU8mDZ4WFrrgDGGJL4GMQhEb2Fs6K3e + 6InLY98CgYANO5sW1WkdeKcBNT34+L6Pcxim2MRP7lmJJDcZ+guWltXS62VTNIvH + m7bTOcU6PCTxOVQabZiRXEQ/8Tez3h7RZDWFClmDnRNTC/d+QXZRCXvoqzgmNLH1 + AWOlso8sgjJcTVN9XEckb2FB0uKl9GLhkd0XqL1Kc2JgrDGUJC313g== + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubelet-pod15-node2 + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEowIBAAKCAQEApAF4GLU+JSbN+8E+5BA3n0xzYrTzyGlJ/YrdotX46VLJQ7Hv + sWU2b+4F5vVNOWWGgajCboc6XWNF7kZOuqaSIfjzmsk9+r+knZcrbXhO0IkSPkqe + z+p+82G0Vf+BSCRh9zZVGlibvlABFbLmd2HyZY5oP7pLK7JYIQ01vesWrM4cpxON + K9G9+1/IkzF65bYrXznseubduwWjhDUN0WgbmhQFyXrpOqGFPrTwchbBbMTTRak5 + oYcH3fwGiijUYhHOTBAXflWK0knt/1IShnASO6NFN7Pk+djXuny9OQ51GDE/0kp7 + xqliStggj7Jj7BfjpU0mdAPQ9gnojMm9XzL/EwIDAQABAoIBAA/IgGlIT/G9WUdo + IohKM0AmWFhgd7GKyG8ZBRldpDW4HNxh7GJTDjkZXAINC2CBr78coZGHfAtuuVUj + +QGndBrG3ZLA2TEfblUoLiq70EHrXxEVl1EFDTCY74TzMNrjfXYQCYKekmZvRpty + +xD0ISK64Ld5UzCiWi7cGZbsX+NDTyk3PhMiAuHUj0dNB1/Tci1oxJZf1kHwemJi + 2PFEMSiGygigGAE/bQDuFB3oQE2W9qO3UdyyzkAb6HetcczAATfqhsuZxjl8rpBO + WRf5BRG89qU4mJ5+StIepWPmnpuQO8proDjJTZQGmeGcCeNhm9jFDBoLIeX08Qud + EtVG9UECgYEAwgGtmecTu8HhXf96S5YVgA+UZTzvOCA4wi+opiaHKZAhjengfJfY + aPZQQ4o/DZ1fJaAXk/QzSvDWG5oYH5wkwr7+crzyLuIc+PyNtDhN/XYD80P3vMFY + CfS+vbkWS3gYlc8cHxtcZ6C85hroq+q1+rVz+rOkpsG6gaHY2clVmXMCgYEA2Gmi + NuA9A31CyRNmDxav+K5irU89zRErxBxxpJaUDRVGGeQk5Ci26oFWYsoI44J3+Zpy + 8BPUc0zFc/H5/z9g7irPsmNwrgAMztD3iTIUubK/KuWuXPF5fCEsDpO8eZR0GT4Z + wcL73auFDL5XCEZn06cI1B1Ft6f/Zj7qnrsYG+ECgYB9AkHPeoNPp5VFUVqHG/VM + qD1RopruSmzoS3dbYFYVpQbJ/9qjzeAneher/Ye1iSMHBopKzr7CWj9MV9WVgLJ7 + PkCMxE01goNyuKHCb8lpOcM/3Brk6JyHBcpmS74e8Qq+dU7EiIfZSkyN5Obp5/pM + yuEpuNmujgRUhWpKox3iGwKBgEgipcxu4EeKeDl3+tvqrwtQbVnhgPMa1yDObl7z + RjQ6NByrPFTE8XunUvko6N+U/JK5lbhKk9U+8M4eCTu4j4GzyXlnxgZpw9soMmqL + w/bGCwysdHtMjjb/A6V0Py2zeyNy3LkGWlfgNUAzLeV3OmKFWd8CRtvZ5rrZG/F+ + 4aFhAoGBAIn6awJ8O3l/6djm1gVgcr8TuWaj9FIQ19phdbHov6rcIYezOKKU+E9k + RNy2qtcnJz7Upz9HvtBJ+8c16WmyknCPLFZQhNbqdICBHf+3AZ8S6o7o5kZT5R8o + aHFNlWg1NeoP9VxCdJshsQvbDTVI3O/1rYu+ZPvvjJNSt8RF/k4w + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubelet-pod15-node3 + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEowIBAAKCAQEAzItd4+E2HwseOv4ugJW5lXKGaB5YvyRIdiO1iJATYehi9374 + i2Gr6xQTXhitg4z693W8mNo01g28Bl7Qe9wJNmL7+jNh/5NqXmKr8WdGUmMPPEtM + VGs83ypeGf5xGQDDNiQ4pg3nEOMC/ccGyWSk6+Yuy80Vl3KiRnijrAQn+J7YtLQo + Karmkusa14Qyh5LFTa5H5J4klnncxh4/XCR0RTFVz+Yayr/iGZaHlQoyx8u2CUNm + u2kUpn9EEIK5TJsFGO2wOBQn7AHtYNfNt8bamU6XddIvIbveWiWVxkDowJFvFGWk + tRCSI5t7f0H+xKpDouci3BZSwWwnwQYABkgxwQIDAQABAoIBAFkIxRq/Wl6S6VrG + b5l7EugxjL3fj8PL2FrMWmWSSU2R6RpQQ4HwRvQxreiEl2quwENdFXX3bY5LNjAT + r25qrfvlhEc5fIvSMDfbfXq7+Ik+I1CceiI496swdvubnMFEarSzeZEWdiEMn621 + p4ecbolcjbwaji55MJe6RYxH1tpKCuYSTZeNdfhtqHcuLCAa8gdlHUuylB46tPK9 + gcfNIzD4+K61NlyyAFpG6l87UHhpU/H3WW3JUBUYyp1gCYkHdTg9Wk1n3P0e2Rj0 + NCrLbptaZVinD7+mwW+3UpGEM4loFeY0t3cYXIEjuadAFhGF9s935tnXJDjLpXN/ + 7WDc1e0CgYEA9Ha7BmrtbejDbYzTxGPr2c6FDoUjL2at90NTiO8sBbK/4Gr/xvTJ + Md852sz+mwYB0HZrTL/jtio2s3CA6svMP1dQ6A634Kc1bDLthRBMm1AjEC+FvUi7 + zv7F8zkxDvyehZ6TLTXsQHaDIQCfkXqD9auFupsnAnrixe2Vx4nLvUsCgYEA1jJi + z+dmkBi+jpWWzEFvmm6TbLbzWFLeRgorOQnvQrcglFSKiEMw+5a4NBSWQtIq/ePw + ath4lRacFEMxTDEXlb1IJxKAl6qjAdBVAoy4hdmWfd6VPOLN4sUkjELbvQjKnbxD + HF4qBWbqr9ieYHXciSCy/JGJ+Fu3Y66mlgF4IaMCgYEAn2AAkjCH1g3XysXzEagr + DPaM3GiEBdUlOXyVK0LyKkzctwxK8ISJ3o+vgiv/GUYTTLrHPWQkqpBe1SFVir2O + zQS55HAkBLw+IeoZ25RCvUbDdTvmLv8KIesLVoRErYaYOnilbuYmvegFmTB01z1O + Zo2KQ5v/FKjUy0EXUt1NDH0CgYBBZ+lcauCap7Oofm0pueGGWrWRwNvV4JgW8wv3 + wtzYlmrQYHBc44eVi5R78r1fciXGmU/UkH1hqSHH3iyzg1ocU0wxAilaJrTX3PHY + cXf3B1Y44TrY+Li9wk1Ctze6JXEZcV9czjQuqhqHz7Gs6tCI3v9IuHhU6ky5l58u + twwj2QKBgAEde/Wr0xNkuPKP3C6y62Gom9KwYtKkCws4xRrMymxzcumv9CJeHNF7 + aTwu07X8KD6LSpm205c9sTKfCBhdZOKZVXKXfErbDFbOoMCV+WG2GKmgHgjMMKbt + VNp722ccuQ9ZSmk40QpzdviaG5Kua2tCVqd9aw2tl2sdHhV4Fxeu + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubelet-pod15-node4 + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEpAIBAAKCAQEA0fTrh9OvBpS2fI/Oi4HN/FechPjaXSWRGyTetyKc5bAtxwE+ + /mb+YUfpEeR/iJI7DHuC4UQ1AB8z2Ab+KmQRaHMOy9/hdOs9tFuD19wwPFWFJlOB + 5E/wi+z7ur1jSbH3/BMlV5LT1HZD9QrT7PAngRwD3IYGAf3WpkoPhX1V7Qqa0E99 + +Owv0xtb4xL1zkO5BER1XZD3OI9n489LVLDMGfG3x5sVuGX7chUsbEFGTBH2uTh3 + 9yUHv+hb3yNkgn5l39y9VVC+mobH5nAJ52R3doIJy/pZ/YZyHAp9OggUkSWR0KbA + KUdDIgJOF9JTvRI3IUx1ZlLPCRDNF8uFAQxOlwIDAQABAoIBAHsSJj4oR6CD67R4 + V4pPPH9+m7EWbmnLa5ONuT+Aepfo/ex5PoPBu7sqe+SRHHDhxts6Sy3g3XCE2c73 + ymTu44VmbHX1diMjAbiHLHGMEHpNZw9gQ/OhKE/dSnHcMicwuzx3vJvo5WLVMGCj + SDbLT1zPHzRVG5BvSzOOliqZnZSkYu3sH/tWZOZMIGiYBt6LXGVw7CP+ybxRKN66 + Szafg1QUfzYlUAA2SIa49R5BNPAYkoa3pFgOctslJ/YIbrfhOAXznx3j3pXTXT4k + BbdIXywkPGinI1VQ1Yts4spZAwfECmS0LNQjYi6VN3BFpLr/aM6iYTXvSladQ+cq + 9bJBNIECgYEA5piLvDKUDdQRqjkmD1bc9d/B7UoB62Bd91CAS+8f89NEwQfkcGXV + RkbsHIH+54AjVxLttPULn9sJkyF4tokduikN2M/Drppz21bl0e25gn2fjmxtX2mx + Ns8InmfsgQJD77biLtLrISKA7+lewEdgfd5gK2urZIL1XPQ4QYV7JZsCgYEA6RZK + peWKxts0uYW5Z8Fh5DCuxOzINf4vRdIWhzo0qCpeXICQHTxYkO/eWQKG6DlX16GI + bBzzDkR0/oKztff98HAKP1qP9vxvju+0alUOSSx3lucLPw12DV8d7IbcQqBtS0B7 + M4+dV++Rv2JlXKbRyqdkqqFNGvG+tpYzpPQ3qLUCgYEAmkrZvMwu6m3KgBaLE9pw + MIhOjwJk9GRfm1qe7bALti7Xoz0vqdFJeiN8WrrUn3vKqbl9mgYYiBacenj7908Z + t/U+UaL68PphqRKk5ellph1+RGLib+Qdcmnm/27T/aJRaLT69I+mSl523ZBOGOPp + eW7w9DyvyqohmNfESHsS4h8CgYB/nByyRsF7rXdoOrYO/+jALYcBeUEDjm4DI8oB + rvQ1PTz8F8bOusMiVrC8uo1xhjN5co5l4lOPdBs5XAVXkrYMdMqndMVsyzeoYcO8 + k2SG2zl9/HBDzPLczz5qyEq+j2ZG1L6es/nIsvhwd0ZXO12QPaT3Zef44HExNXqA + zNPMIQKBgQCsuDhf/RZvd9msACdAWY5EkXxinKgsSrCKwdhHSQYtDHOK6+BFCw1Z + 3tDbu8tGkrn3q7yXW40+000+qjKVzc8OknWRycgpZajPaTfrMAsvDtdaNjAb0iYC + sBBBQz3FVaC4xt3R6hzch1oOvueryqD1b+tQN0Mmw/3QI29Y3gdYsg== + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubelet-pod15-node5 + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEogIBAAKCAQEA0Xqu+h36EDglOvI8BcS1Sa8Xpdwjh0oFr3RbQmGmeeSi7VkF + IiZZfYhjFRb/ATWArUn8nvelwgIzTCSO7mh9TdcR70tFELtlEudTAqohlQOwIyXg + noJoWO+bvC3GnF9cST7myM0y2ZNSaiHJFBmQ+yR8GnAMUyk+EAF+6cc/Fx/s6pxH + FnLa1xG5nEvFBXgreikqIpkmHVMUZWVRjFcPDZ0bmY0/W99FmnGwKNmYwqVToX5X + 1n6ji0ZQif5T+V2lOLgFCBOB3u+POEkxvSWyAtVZ2mwtbQbjo5S8BqUdBmxIXVyC + PqJd402aTq6RmrZKicA/WALqlVUnDVnQhcnXiwIDAQABAoIBADNS5LYhTBhXOT/1 + A6HCLUytWpTnl8jY6QWw838TH8+zpfuTGP/h94EbPnN3W+k2650JiJyGPpWHJnxc + ZKyi6zh8HkfL4FMWJtB33s3DU1EIQ0qJSDxt5RUNN9HmQUgk0R6dC7xdEj1erA2W + 04ZaMTxnFwT/OPXTIAKZ6zdp+to2JTSou1z0PM+kdLQB4MUTVu65sjU8N2o4ZnOt + vBaKT7n4emVGK0hv1PbDRL0FV1ubRdLb4YOoXh+kbEXQcqhFoXFOh6byIoRxizCm + +AdJDFSAHS6JWps/vaXp3i+SAGVpP2WSUAxCIV2sX+lWuf3MTd2VNB3a7KG7mwJ8 + 8pfWKxkCgYEA0cJTAjhl5TbmIn1bmxaq0gHzsAsIuyJ35ICVqZOZqT8mmZmtvmWG + 5/012uYBLI79plzmmH6v8z6fDEDbSgB/FcM8nI5iSZVQMzws2UaA9FPKE0UxxB4C + FWDSUWkhBM65d14xZGqAf3N8edd3Atzq+yfYFrwKsFoxO75vjiW7mt8CgYEA/6iQ + 8wUeKnqzEfSyATsGXLyknjhup+A//Dh6ZUbfAG9j7ZqoF52q0UnhAziDT9LepGKu + qvWA46sThb6kib7U3xihGTbQXZHL4OqF2MlGomVtXQVEuW35lVVG93dsuO8132Fi + GEFfTdXHHwDkcL5tXLZ38HC/OQZZPMK2E20JhNUCgYA/BS0/W4ZxqV7XOeaN3++O + jPuUBpym7KIsyt0sR6ZBDTIhr+Rdcc9oX9EQZU4w/v0CQKMfaeCfKk9KtSmtQBzu + guvw9W5eQTgJTKkE1oPj5FCwHXfoPkPN/Hrz7qv2780VKf2Y986HfEEHsk6VU55d + uwjXO8PSXCaylnKZuIh27QKBgBaaLoZts2cKBf7WZU5ai4tzWhJq5s2Ms9t2msuN + YnXFY05EWAwOcmWiZHRGcMWD3Q8nck3G+qgmHcm7Owy6hFNc+BEkmXNMSnwN/9tU + oBwHX43Tw2mpYWFkcqu6MTCAZYDkOSnvzZ8yATKqf4fALib+MshdD2rZNtZ6WGKL + R0YpAoGAJgeBTTEJLFGiRnoVN4Rrkf0RRVNSfbBYek6IKrp432DzZ9zJvicvxaXW + exmXsCCmqFxwVHD9/hayVNbZI0uPxgEtZQCp0eUtfaH+D3Gg7PfG3t0/d/O/A7iV + +bwUTN+AtXQMzrxVwo5jffu1XoYcpHZseCKf+uKmFaM9YCg4UHg= + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: scheduler + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEpQIBAAKCAQEApNRfOh3USdgskFav/nrkQR2zqobvLFvRu+oku9mCan8Zkx6x + 9Fx0EVDj1v5tGgBIYshFkMkG5gWBpUwC6bq+fDKIlDrOgf+/YphsuwFfBt+eVa+b + Gv9ur6NfLgju3QO86ET2tH3TRd5wnwg64xaHfiXTgZfuTybn/SW+RmRa6uEON60t + wZL/p/u5AEwmpiD3qw4dE/hecG2UllYsMU4OSAIQPFUej/JbJLbDCE9FpGFWlWnK + uqe4VXtI/HRIymYWPItF93vZygTDy/03SJWNZB6VsmV0JbrfJ8hb7LFbZVzFu4fp + IyAMCE9KvdZ4w82k0cB6J5p9iPUznbQNyMgnZQIDAQABAoIBACFXmF/AMvYxFWqp + Lnay00Ncx8BCBVWayUVS6tVY/WmfhkPdXLAKl6v9Cemuk9FDp2DcFD5ie9PB32TZ + iGlRTkD/U+NwNd/UJRnDrZLyhw9z4qqAmEaQzwoWaSV9xxvMKsVtVd5S6Y7jnTJ+ + TrMrFoNtEWjQm/NE8n6hyOiiWkXSp3oQooIqM08bp1vYqBM/q9/smuFCrM4mSMl9 + a+N6tjoLYECr+dZwiNVAIihA/9v1jAyrmET4s17DDUOrT/oULWfewBtcNfTnFtcz + hL4bLmt+adANcQpQFy5Vv0EfLusH6jgRCtlDbnTfBz1nxrZicwgglrFhhkdeBnoN + AWti+QECgYEA2UAas44dmqv7A8feiC/9RI+B6Ne69CLdMbkjz00fiZrryS/zxHva + HZeJv6gRT82eF9O//sRuIntmWi38TtXxx3TZ1Q3QQ248SBVzeV/vKRvbfEiWOoYS + HEGGolDtwWOvF8xSEusaKG07xmsBANnZLlbhxL8xTWAfPd/QOHzsXCUCgYEAwjqs + l+x/dyZQGpdW2nYRLa3zdhswVzpAcRS617BmBcCoAi+eHMJsVScyjCUmEisVgge/ + hbL3hHGzOI8UjZ16A6k8xGPhcDfOg1q6j1u5F+9DUzhZqSCmtHJqA8hm0EjNa9DA + pIbhw7LqWDqtEYa3AjMyTrcFG6xQwj0x9GD1GkECgYEAuULoQjwr1K1aJlQ32W0L + Dn9OahAltnFQrUlTV0FOZpr8/RjuSJzRWLDUX+LjuGkAqxMAxDIgNTmEA9z5LwVU + 5CEqbXwVIJuNvm7EhTmhCi5eUjLYIVoZcY0TUbGvvl3Sf3nWd5mTOexEsCSpu18K + zHB8oLnmQjR5D9ufhbxKFx0CgYEAotB+h6f3PdD/Cxtb8itQwSL1WEb4YdZx2JkQ + +udizmWuMI7sEp2kJEmEZNhrLoWxNNv73z6joAGTw9Ck4QVmF5WRW+uCOgh987xl + cPDpmre1jxhIiK7XL6JNXjhqfyTYFg3avtBWhi7/pNAi7fMojA6QmE1xWb47wGd9 + 7aYtMEECgYEAt238yyJe9dBrPW5KxDOh8A9A+6hqAmwpCnnZr8c4W14NaFwt/UJH + UDvauYTtTNv1x22s1+eueLyWHpnJztoWJkGspy47sTik0eYGSkQXjQ7eaLZvSwgS + G4e3fGBO0PkWCfVXDw8tLV+yZEIo4/EmkETw9gACGBxoRRzvRDmWFuo= + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: controller-manager + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEogIBAAKCAQEAniC294LZUqBY+kO0sxrvCLiExp88N4SjIfr/SRgYlcDMzidM + 3Lhi65634B4YLqvOmwIOYWo+RUNDdV3Qr7A1Qi9/yNhTIuZ5Y8Wrn6NadGHNGYSs + 54A5P4guQkTULA6E6UpzY+03w5LsSZO7qV123z2z2BL2Kx+ecgF/pscy2CNhuR0D + eUOgQr+jpT8q8mu7e/8wcTLNQvSfTE/Mb685PiIRVBanvfPjCHeNLEcKgFvEQ5o0 + 18mEHcTUVojoty7xPBW+/Bj4ay/DkNadHJTDf8MNDMzRw98bpgJ/KFwEQggHJ0ql + Dtf8yAnHV64F0a5BrGxnjGgopl6f8CEGZ8IwRwIDAQABAoIBABypY2Czt/6RD++0 + 7AD25dLX10FFRZ3ujb8wBqvSEUq7mqPXXcg4J737k+qsqcdz3swb8E1Z+5WEXqrc + aWIe91ha0beu9krCKcia4MPb0R59R7bTZJ/Fjxrj7TaX0Tl3HEJI+2dmbRAnBmtD + uuU1CsHmJj4JGdOxNIAHo4KwYpfocO0OZpXUdYNBKpIHlxXNZ2xFBbW8zkQQzFz0 + eZd7c6MRiZdTOwJj5ixsAVK+AMuFFARjcfsQAfKeKbvaGCLPoBaRjNTKFz0EaZiY + SS3cX04BNy45cOUiG+tlJX1xHFON0z+m2P+ed5t+GHpwQH8jMYC8dfRBQWRxcBN7 + zgw5jyECgYEAxC8DEOZoP5xNpVpmpz9P/ccbTOWzGTNVig1argR0/tEdQ+IJBZCv + j39VVOEx5+JRGVhfHoMs9WeVnJbRe1r7T+YMV9QB9V/l5avBhsEasSii8lTJsOwW + bQL4207uAXFzah0xOKnwOh07ztM0E1t0XUkGPEK16nWOlW8+r28A/JcCgYEAzldH + JZ9E51OGfeOzcePueteOObsoYU8xxNiH42+JYZJ4Uj5V6Dl88wDi/u5SU9PmQc5t + 38ZgqwQF4EZISnM+lIJfynRhfYOXepxlBgTPUogTxf5nncf3NXfkURqQebeDjLGc + PkmMKlOd+mcFv1tb8yxsmQ0n8EUjeVGKOrJV79ECgYBu4/PjtZjve7YX5QVpO8xH + MigoSx30/KM5KVs8SaCn+COGn1liH+pcPilJlRDUdYRJwz3gzVy4ShizLjyycTbk + brBDZL7Gp7IXJAJ73OLtiH6yY2Kt8oSqkaeArxixECOgs2eDE+uJrcSEn7Ury+H2 + aLRxk3OoV1KE/SB9oUz5eQKBgEgX8oHQnhB8/Harwhy+2KoO+mBtZfRp6Sevx/rN + E6EFvghuQzG6NE/rNWSA/D7RwJepenY/J7NY2ny70bJBhdH5o2JnO1DRU3HBhwKN + V6qsZMw+0REtts/1rc4wi94bIllcDQ0uQUzgnkfJCxcK4puaH+9xy0yFu5k9xiAw + AxqhAoGARW7Bz5R9R9fJUJwdHo0jQVhk/ysIifAdqCwznZNqS8qOJ1zlHLaZJ31w + mWc707QCzCpN2MXWig376URiuqmpBSemxo1QzwaAba+F/wR5W9grwsNfvD4zNEGn + vtYeI/miyI9QZk/OVG+nTK/VHdLakqNTSJAIzY+mgf8IjaQ5+Uo= + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: admin + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEowIBAAKCAQEAuIno+Sbx7cZhHOl6K4sGb5JqUJWkUNsXZjSeqdqTO93PNCKp + UxntfWvoytdMc36GFvEM9VQSM3gT6jH4RKk1p0oFcB2dUOtMku2LtMxA2dj2nnCw + gFpzn9QUGKrldOG/JXH11Rj8ilmbaJrSmJu+zx6RDA866jF41EOMRQiSqkph8WSU + 6M4ZN/fumI+gTX80zww0SCq5rdt5P+KKKPzVmEK3//XiJdtb2LeH1d5KIRTgcxzM + 39wwZkbxW8Gg6tGR8wUsaNOmmudWVVCg30031prg+Gyp1fm5gG5qFCQjnjDs2LkF + QTEouulprDCC3gHlpWkgqS/tFeBhFJNNj1yXSQIDAQABAoIBAAQQLUwHGn6UxqCf + V2xMBFlCjQq3MMYC/PHoKLIuuN0xlhVcygOlZ4BCdv64XNuSJpustQ9VyYzOkQmw + DfpdC2xiidodHNCiTa5Sgqf5c1gYmd2FN62r0C3tun+Mi77WFaJabwJBKZZWQMC9 + 3/MyQrJGxwTP9QkhC7sIvbbraGdNcGBe9Egts6mLo74lSvqkZZoj87gsoVaFQjux + +eMRTYmSj8DHgDnMBXJDTTYsDH9it54ZWIkJMA/d2d4JNqIZUhTHEOBoYs3r03kU + PmAT3cZpKNA0T47l2VLkULbRYBf2heFyZA8Qz+BR72VnAzsDq8tw10wqc6DoHQag + 1fPejDECgYEA6Q2CIRa/X8ph4GKLkRMShjXXGSPdyfRXXg8CUVeYD1tngNa8w0Fn + T7rRvQVN93JJgmTrpipliP4UHrDm9WniXRD214s/GCp0NL5aM6GBqiofPQNzOcFv + n7PLi+Fd7zAdY7HtGYKppGIxzh85RGYP7jcFxxNlfnOw+E8q7FwIf+0CgYEAyrWF + usKgOi6658BjTjg6nA19KJo3BjqQNrKGLDbWYrvc7opl055VUAOCLpyJdnEyFg9w + umwQzeUb/AYHFKa7BEF5uYyith/LaRoeFeZKP74O2Xg8AgzWs6iCS3VJUz0t/0+N + YiwDW7JXgLO+5LH5oQN5v/LMELiVm7uswZXg8U0CgYBzklNZ/WHiKwbms3fq9b5V + +BU3TmYKZLV+24qWtA2gb/+gEN2DJsgI7ehdCGhlsbNqiomh2ZyIlxd7MNcYFO5A + oM0IjvE3FraSAWPR/uHCdSkQpMlbduXYGN1z/MsMdpvceLvPztA5yMhSI4HOvZ5g + z8B5vNC0KMM2IGx00h8U8QKBgCjI8Qksk5RhRpXObayVP6WaSS5cKOoF6nI25SwM + NIJVDhSon+g+GSgqLI04TagZClzJ6oJ3r8HdcQ36IH6VNVeb3OPqWeqO5xxUdu0t + Eo9UrCQxPtGix6gKJX0NMh2fV5vg4692744JifWJNMVK0dEFo/9s2IYcvW1CC3Y/ + s6yZAoGBAIKALyw69yO4W4t2su4UcCdOT4QTM8z0JBMhMZO/7NBv8BHcO719dpYT + O7mZeF+OoBIx4KDf8TJsxZCl+fxgWdYyE1UUfCwe7+eI3Uys3fse2NhXeneZ9YKL + +3MNGxvIeEZQEc0BoXSaTQzlpQ3rscOZsI8orK2gy7gh27Y/1i2b + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: armada + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEowIBAAKCAQEA1OxkNW5YUNIyEmTSYt98xvhDrJz9SkoLn+fQeKJwvw2a0/sd + ClyQQ/zkNiSH9QVD+jzFXSkcYz/jbsA3jUxR8cypqjn+eSlItBQwwR8O440i7YoH + fMMld8lcOp458/K/zgWAh9U1GEsgACtCo2VGZfrhTAtbux1T1eCTTaSWM7J50uls + AyCBTUwZwO5f8zG/C4iKWhu85gxgExiucQ+ul71lzgumxwAojK2JBuH88IQt2aTr + Kw+sn16z2G8Z8E4FoxMCNxYDkV604V5c9dBSZKlwea+fk/pMzwvxIA6tLHT0AbW8 + 4CdAoT2hDZbxI4pnrfIhwgqcvjxKc/gEEESWGwIDAQABAoIBAQC3XJO3h706bKl+ + OaEMUJXt6yKsZc2iyj1UiZd4K7uYbCjnYJtTrv717bTCA5epo800lF0KqzqtJfnA + CHxOjGkNKEj8NVE2Gh1oJvMNfKefwo1Prsxf3tZHX/qy6EvUDzqqOwbC8xL0Rs3a + F2cduzty2yhmCmoGq2zlBK8V8CUBgp+4H56fuJ5H0OrOuRYsNQi8oqxfdr3ZRzbg + la+FLwIDpn/DNDaMd78vn0SApGK12LLKhT8ASMYpUtKMelmlo+9t2p1Ct52DPlns + 5YB2EfBnLSdcKf4v3qVLEV69ja5fkCjguOyWLR4YDdJdQsn5eEqWSsYJfXjO7ohj + AIqbVmwxAoGBANV8CLGUkZTnXCDtU35xzbtpqpYN+w6eKh0oDe+ehT8vcLSRKF+4 + sXMVOmhyo5kA3gSY8OOlmviujsGJZkfuWFs1j5IKwZvNRAHnj9aVtdYwA9p/CdzS + CU0EJRrC6j7U5q3v9dX2CSdizvnS0WLDoH02mjN1obOK0Fa0GhFqwVPNAoGBAP9T + wEP9+rvhM3IqNwW7lNpf8bVUJGTxhgkmMC9GFlGH2W1q6zLN55lkVUoJv37cSIJO + WzVkFybDZyhVx6WxA1Bog73XOzYs1Ljk47hDhB3DGIiS7Bydioktw6hK40JBiSxd + WL+g0WT62NHfJjrUkW/3NK0LB+UI99pgopCgC/mHAoGAIQ6HuherQ0df+KlHGHk+ + xhpik8GucmEDXGhrYANH1rTd2tfvTIMo1w0ecjXuJy7/Me8MvfNSv9cnu8gu0kyR + 2e29QXvw5tMuCK12lF+yPGxK7HZnbI4JaqeNp0svQnNtFNnnUy451KN0MTL3wTdR + jpH55qX8V/TStdpFfxTswrECgYB4ZU6ZAQ8VPsjagYt2eZBkNK+uGGIc80KH1+kK + sZrekRd2n98OEsetrgEFq3kP4eGTCE277Fl6XtOq0mAVAlYUuWO9xdrW3ebk1JGI + ltWajx9nbxhFGgh0TQ8gsUdeO7bqI44wti1m114cAIRvY0K9MC03l6b+We89myms + 1rsuywKBgDxtfi8NxWnrTk29AVwn5t0DrcZD4XUkPohGkIdXNCJgSWGxeIWFiwSD + hbLUPtzxT07SJzG+77MxhYNv3+oQA3Id/p89u5OOEf1YCiwJ8jAeMIUWBnKdpVc6 + RJtuKTznGl2j5hYCh98cbnUT914xc4zNX1WzRrsyON2wvPEMTJzD + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: apiserver-etcd + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEpAIBAAKCAQEA37TdSlQy15A0EY2FLM1sHW0U79AxBlbd3UG7eErF65fgxAPo + ZGLsO4bkwH6N9bv/pbKLzq5NIrK27NzCNk5KK34A1ILBtKIoWwWQBGcI2kEAHLez + Uj9plygr99rJb/9eOC4dym8jmvV7y6TGWDzR/f4ShEuA/Q6iNsBXjCBoNP0LC+z0 + jcREx3QTVWMBKumlduwV0gJJnESm68NZBKD5iCj5r5YJTUWmm4tXLBgB8KWk4hUX + v9khNLGPQ4SJf+wATkfNycujTO5AQp1GIJniSpwcKh/nJbbeiOJWyUFiW+ObnxAU + IFxkaoymuck5xa4XsZrdYxUnJ6jv5CyxawaXAQIDAQABAoIBAQDHF5pSSnktK+OL + M54wb2onDiux+mGHOMwf3B5SQom+0N5y1N+AaCHCIJ15S6hf6L7u4uZWPP3dQZxX + VWlrF2YfKvbmKrDmZ+LujxbLND/Grk7BQCRRsKnyowfugEMCcA2UhkZxIVRY1t0k + MjNr2EUzfWlRYDkd/mYTwD6qMTVM4bTyf6im7nIRYgC7rGkBrQw7/3p2/njK1ime + uTUGN/vDzjNjxHtVqGJQavZKOgt79qC2vNtZFKndRoy2OVPuQGpEeTHkRL+x/mDv + xutU0e7cAlDGscHgGf30Ku67F+uSkOsRn0uY3blPurDG7Tl0dTg00t0c24on+brn + CoStswABAoGBAPuSEl8AyqFd0HNVR3/n+2FaPlZdhzs2Ad6EKv3TklwydCob13eh + pazFrk3uwPCft4+4V66d1h3f0H8bqLa+bhE4TJ9qpWwBLMj7a+m6FRFsQWci+bzG + BLdHawizUTduU47ZkgtYLGP4si5yRJb78VT0xn5rXqhw4DycUxbtRNkBAoGBAOOl + Mrrzw3sfCpNlcoDN+lhnGhiCG/QjUpKpDQdsYEUYxtGNaDZrgETeSzDyek4GxVk/ + +iEiSulW5XYIWndiiT8u92em71okbcmgSusXjY05QbZHXk8GC1TQanefznKQq0yW + QUZTV98rNv/F9cAt0u5/OlkfXsCAFBWDvxyps74BAoGBANcYnxKR168/SnLCcL7h + N+OWSISJtY2f8Ns0AJpEovinvwEeCw3jrYdbAlzqDhfvSADfakEH/UJP0rJLkOan + Te71RzZq9gOxwXwa1Lrj+w2JlSY9FnEckn2u18p5n7CYaWNTjfabLmFQC/GAjDrY + MhEktO70mNvGn0PTmYuZ1WsBAoGATaTd3bgg15Cp2cZDPL2Egrx/wRY3lJirpEw2 + nm6Pk2G1BmpVviICePrc6I/7uTtD+oIAvWZl6Jpz30NQH+Ii78MELX1ZrAQ60gdz + JiY9aIq76AEFoKxuFvqTJcQC9T50vsWM9ACfOwYRV0Hc5TR7+k64xwcVGVFWCFSM + TalwHgECgYAx+O3EkmbG67IKRvz0x34jFIUv9eTbg3W6BsaqYgsYIQm5uY7tWUNo + 9DkKnc7WgzJK/Qe+yyMTa9rJfCzqP6j2gAp7aD0HTFg6VoF00gxP8wy+5sVAcXdS + l+C8WBjp0LcZPtDOQKbdrhEES71Q+KUrnYb9J8o8lH6SbdR73JPICg== + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubernetes-etcd-anchor + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEpQIBAAKCAQEA0tmp0tn7Y/YDsQ+d8H3g4mUbs4XiCoj5yIfrP6lYYGop7ao1 + YDQiPKtaYbqUrstBvuh8ZFOQu6lmSDwDSYWh++0kU5370Yi1x7MEuKn5NrRAO5Kz + T0f+gdgCD3tiBEG/uOAiDq7ob9Ed2l6A2QpU2hs/Jg2tGoPEid1yxmNyMHckBKvd + 26HPZXgezNc/7LIMmre0T9WWXb3oRVm5Syti1iSoUMSeG6xYfUuBm9FX42uGz+NW + cRE+5ywjfSxLfYdPjyorHCZFq9SH/o88Ed+h/nyBds5PE4Xsjz0FB8Wkq485K8BJ + p793dP7O8VgWVi7EOV4812kUujgom8aYEEWnqQIDAQABAoIBAQDOIw7snUAxEiu5 + x1LZ87cQn1jdwl6jfhb1/iv4KU/FswUa3fUhANcYCU5rjUYfPYghZJl4XFp7nbnp + lQKBtqwO6GFDfoja6ZUOj+5lu4dx+/dwRpQXRoOD3fLlv/Krxrvxuu6Q/F8yMnfF + Le86QeeC9HBge65o5boYLvAvFLpmtc1h2cQ93kF3c78DOUsAB3vEPtc5RZhssGCd + 3fECDevxJtVJn3SuVF/oWmBK6s2qHuU4zU00INv/1Bj1HLxQNhJkvND0xU9PdIIO + cnuN1XMuAHYKBcOJNE1t1uc0A+NFvD2ifoMD56izJN+bWtNohu19+zEBLCPJpQUy + 2E8TDcCBAoGBAN/uBK5902KRjX85bvKTV07JyX9CZ1ES/UL/OPvBYgfy4sAJ+6YK + oi5QElYaUWjQSX9Qo0iV7jpbZ3Bh/eGyRFZNhtDVR8C21SafIce+Ncf8xJnIRdKb + BBu+lqJO918WR+9bT7slMkGRmEOfsvLjYfBYvgZM0+8Fy9Q84KULuL1dAoGBAPEM + G7vJMg9HONBC21kK55+w7JAudlnNxRlwMsXI86bGKLnUt+gwdMWZUQtkj1aWKtJw + HwLi+cicU0m/dCcxcO1zUDkwDccisN7iPP0p4emXZDT+LB6xPnDh5KnUicaVYFWt + jOMDY1G3v1RO0pB24dX/2hqeiiHABduD4/3ncaK9AoGAFkVf5dLR0T3UqtCVfj61 + MjrTdXqvN9sBoUYs7qz/CPdZIexcQNlR4/VGvZWEfz4n8Sed9bwjo14v3XeBfo7y + SPsQ63gq2LnWXS76dxkt1CQJkZnfh+Cu+etso9vismxO3zlfpqc+ZlMKp78cVxfS + R8srqwi9E0qqSQN8/C08RGkCgYEA5BFIzEx5COuiXapkT8N5lCaaLXFImX+P1ZnK + 8EhKAKnNLsaNmyr90VhWzii/VnWO3r0nGlwXajA+vbBf/hVRe9l3NiS5ZIj2QGxe + uEpAbfvH3DwBEqkxIy0YZXerRDFhjK9AdipmdpMcfHB32ighVZFWk4kduQEuiZwo + w7uQUSECgYEAjvONrkEtfwRwyjtGGJ7tzRqdlTheR/bo1mfiAjfcvMz90iI+YSNZ + n7e6HlJC/guDpWHoBH7wCStryf6UQA2oDPwRv1bpjsjLRRP3GOWI94nncZk3ARQq + eDb6ZJXfMSrIHX7/lFM/izokHrOFfe1gvjhTAXOjImoY+HGDrGXNO5Q= + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubernetes-etcd-genesis + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEowIBAAKCAQEAujJSrpil7jhn6cg2BX85ij5bGnKZijN0RKzOOQ9+eza/8gpn + N77LXOrd06D2r8HOovoG9T+j6syLycrTYM/MauwGkpqOxCZnLLhpbaD2I0UKm5cz + Kx2y+NOBXZpRf13GNua+fc5hN9gtQNwFYZFeNl5rVzx1HiQO+CsY8ihXAVFF3ouY + 98FKF2YJSC9l4jRCKuY+AkLAILci44S8GKEzQvIb3zLoI+B9mhBtu7C2CBANSCHB + 7rN54zOPJu0+1iD3TXP/8c9USCm4CLfHJUhE0EuFvBpICWIBaN+DwW3GdofWrxIy + OHzHkK9fAAPlA/V4o3qy86nWRn0SeLqzAoBbFwIDAQABAoIBAGjeFOFPCg1saWIr + J/namN66lfcEWmOS7UYMia1rg5ID2QGKSG4GIGV5xmv9+VIt9qKl7StNp5WDlKuX + d4vMHVaPDnidYhEpi+yNBJwBDv/4T6wn8WK0PGuWPAMq+gGhIBUlyl3y0aBxObOQ + 99rm08gNT6l3XIMYTfIJ2+fvPml3lS7ihzoPKA1ZJzIeos5vdUl3vVPOSYevedgs + ydAoCbZR3BuQWHpRwGzrzmBtvZaVkvcqaqVhkRtFPiAWR60349iBsfb1H2ZkPWi4 + r7yekpOVCbmHL+3CMXUAyxJKyeGtySi3mVLtM+ZxS1DOCtyrFSbf1NuGRB84caXn + TLZ12rECgYEAyxtRHrdl5EZ7lUpEVV10XBl7v2wPXlL7LwbcslmJC8zWUsOGNHJY + 5Ac/dSKFYLkRp42hdFisWQFSNPsJnkj2Grems9DYcJWU+SKjNyAMBljTKHLQOU5s + bPHV7L5Jjt51LAxUwt45ZsqYCbQUqH01jzDpkC1LwVhKAG8jZycTKK8CgYEA6q+k + 8DG01N9Tm17NhPW6jaO+PkhxAKZhrNR2CE+pO+Xp1RjJSINUfkNsQA3fs0wvBqg3 + Xp1GKan4UDIdUbJ2kfurFnTgrd3nPv4eUyF0QvItcaNrBPAHmN4j8A7Qp+Rd6XnH + rbbAsthhBMmXXVrFebqpol3eMRQlrcDQ64JpPhkCgYEAq72VgluhlLzkkwARd/1l + /tqtgNdmx2NzcfhjdYuwDoJOV/1s5bwq3eYjCnD+RyM2gm+ILlEsqrYrRRFguK8J + Kt5P34yg99ID/gYD7QD0KgnBw1oSJ+LgW97B/UWJ/Xytp2ll4sD12K1Gki3rqez1 + 9PZvCLLEc+Cr8mIHlZm84ZECgYA6eFhXn4q2Ho3t/8ikf7Ri5ZDYY6QDzXA4Zxah + K3e2fKmtdedwMYgzjQjDTLGXMjvlJLPm1rhMWRSMpm+3kwcHh/QwPB5eMxMSFq3n + eEZHB59a2KQpLsQ1yeKaRJanvbXIHZcqKIYKCO7jCnazw5G/qknpMgnRoHtits9W + Xb9qwQKBgFN8A/e2J9uR3YQ7CKWSkmIXJyvCZzoNeypH4Me8BQHqxlZcfgJWhmI2 + jUGlTgHkdG48h+MzAwxvsPmm2afcWklQuIp21hSBvrKbYIm50aMf4G2otJOMmT3w + eiHBMtWqNk6ugk5BasU6/wgx76sZhz4Yal056NYalK4/ewueXg51 + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubernetes-etcd-pod15-node1 + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEowIBAAKCAQEAr2fk25eCVhfxE5WiNlce2ydF9v/a7rAZNFhzM3aRunB0pI5u + gyjZJsB1nd8wx1Tcp7lMyXKF5n6aFF4PP58oCknizzHvoTgmKl1Z37oWDm8g3DWW + LWVN0Hcp4NvTLLN4ukkSb0swa/zNM3PtaJH9nq2NIvJGST9G5CKVx7dE04GR6h52 + UCvZu1EGiY09OUSCRTSi6sti41HpCZe6LX4PELFMeoQ3fBa/UVWHV8rVE/0ZvMNj + 8TzgstmDk11n+CW2mJOMwpJaNVR9yn9kf8Qg61OnaJOqyLPsgp3VCZwiGch4WrPd + FxE8OpXt10B6Fdm72F6yEG8yLKlL89/6qGsoLQIDAQABAoIBAQCI4DT5mshNcI9i + LgEQEHn2oDX7ofpxCiAQ9finrx3W9AxBoRfh581UbRkbIeCJm9I4W+Psyx5sGF0a + CbAygHsZVEDWWGxbTVqS8pfAexDdIKDu1i4jrIrFY0fdvQyUNFTAYWcuS+k0S2jB + fvRDBrF30oxxOcfZPrSOL+Lbn0rpFEZm93RIeNqKbAmipnpDWXLZ7knPQ/DEWxRh + k228Dh1wng1F9SKDB/4Luuv1bgMRUMnCBg8d9jiCWHN8e0b2u5NlMB3dTugsx3Wy + ed4NHEDf/YFj1iSCmDQM7qq2vxsziW3HMs8vseYrWeCsLrZ8KKNdsJTLiQ9rPU+q + AFGWixeNAoGBAMSVdYUEWWvjf0JEeYeeTQ6o/wpoBwBk0XE0SyFhmPmB187OCYMt + ZzTQJ7f8UW227Ta8sh78y6dGPTnaqt3AATMw+GRpGnb3MF0yBdBvNTjMD6Gd11V7 + jGPqxkpgYIMVBlprHh6RnRY9tiC95fTkrZsjoJ6fYUZoFxELkhlAft2DAoGBAORr + zWSwhHBrbTXkb2AeIRLU7xxet4J+mktPAWI2DY2pqbs+oXTmAe+DK+EbI+capXBN + 1T6WYJAQ9xA8TiWiIxdNI1WTENn9F85FZC+jmeT7d7H9GJZ5CVNWCZxxyjc7E+UE + ZBcPkUM68MVGVBgzvqYjXX9KUgopUEtrftgOTSSPAoGAVAueIc95N6Icv0UtPCkW + wsTHvTg6fhWcYay8zjm+wDWeAWGfOYEI1dCEmql6WtDRXAySjqL/orVp6bkuQf4b + xToTiEJTOTd3avC/AZz6AR1lNXCZJofavsEaI6ROvtwXSkLvrpwMr/yUSC1ICkpW + WrSBsC9t1D8eVYA/5yHm22cCgYBy6Mxtz+MATvqktuNUnjOTLq2PPxLgQeJK6lbO + 2lRdJLHvMWW10hO9Mua7GpUoKJ57bZxOHQY801wGvd+uTO+MRFD3NsGueAUmzn/E + +29q4xpm3uUkpYUMeGbjXdcVi9HJTzku5LT19kuzYlrhxf4tw/LAG1pEJF5xYoVw + GVmzfwKBgGQwWJkjKynqctKnuS7U3vNMhN/5erMrtCzEx0/w2pKRpGCDX4z9A70r + 2yneajDGp48KWU3ZDD0VkvR8OCWPwZ0rL6Lm1lqeYjCdFCDmz58c7WkNhEc59gbm + au+m0N2FkdW1r5bpwobnPvsJiDWQRzAHm2KUM4MOJ9otngKSLJE6 + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubernetes-etcd-pod15-node2 + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEogIBAAKCAQEA0ql5A5vFqwFwxADXxs8701D2bQk360Qz/ww43/rY6w984APi + 3gEtYznondWBgTYTp1dr6vHP6PC0UEeEUHb683C+ePg1/T/v2Qc3hV5Q99A4RoI4 + QXc4R8R6GEpncsdHI7gn/7fKPKD9diuE2AfNGJb9Mv3qWMxOx1J9BxxdmyPpYWkW + fQWLKELpC/dK1DmaalkgUeuuaOPrNQbvkqQOItZB4ToR416VyYu6/qIhUBTKavs5 + KYvjrT2WvLAkOQvXqe6rd8gMNcTlLn/u/RR+MYj3gRVfoPDYJdi5zDTeRJ5ya6vr + 5OC9k0vY+z8YIzCqRunmD+2q+sYE3mR2gnxJ3wIDAQABAoIBAFUot0fTJ8QqT+ic + Ip421gtltkh7qoRLzO00hqVcpWXYm/V+/K4cMbnkBfoP/ks6jhVezLxsRkz3SR0O + 3BkfD/FrSURjqoeW2iGUvkgGyZp0LNur9ovYYwL4FRdOtKT8k/CHmHvSU0nRFsU3 + cHtYI/vlxbNgW+TLqqj+2pYOTHTTAkhVSAMWXyMaIb3iGJSs8tWWVjFtRDBjbjZp + EsBI7yh0TIK6CoESjTwLRixG1yO3dEgnyjguUDGxcvwGq3Xy1h80e1v8YGjZk0QQ + zr01T0UW/EmKakojXRpgk3WSjkl0FpM9JmYKv7pErgaVLNS0ZN0Vk04TY3jFUVsi + BGaCLRkCgYEA1s5V02dAk+d2NaPiIi/A2G8uNomBchvPpUmky/QkePOgdvBHNhhS + MTLOd8QS9nYwkxMqjGyvNX/TGrJJw/jrX28Z0h5FQCc1osLUlZB2jshlD6Ci+UXM + V2Qk2Z6lCvsZGO25wShZZBKHykuMLDAd77hoLIfjxRaeAmKByGqK1zsCgYEA+w+x + TjuEzUNbkZiIvgOlff9Kw6ywBmKhlnEz16y5qY9NtXXT9EwYpvenUOV/EJ7dU5dv + Z3H1ote8+uaQPaHEkxKyCaZuLqe8jGnBX34RVb83FUIpSq+KvnxnOKQChpK2xnKw + +YL5kVNYnMb0pRog6I6oN9RKs7XJMiCig1bzFa0CgYBijGldwsoi0Rcvhs9xZb0w + ztlB1hYYNuAt8bp0g77T6tncl2HkVIYo4ilNUxxsDE8+upVTtW0wu0MrxU4IZcP+ + lacf+hlFVHfMA1yqfYuW+CM9ZzI98KLOGTi6yojnn8mk4TPOhWd1fPblfYGCqFSj + rVPF0lZSDo1RhMYMH60xDwKBgCHFyqQrfYHfPcIoMrzc4LZCUVxhLoytV+9U6xRo + N9GHZXyzjP+f/PD4/5jyRlWGCV/lTycrPU/alaFqwpyH1lmyeiCyMsAz8DkzQMAH + xW0ze8VwUP2q/48ATSJhbbWMpumrJANsiwXxoEn2uZI8IZEnH5njBOmH2rjTiwj/ + +VNBAoGAYRppdPv7sLR0PbBdL/VJMhRFGgQ+4ovaGXWm1M9FfxkNzS/5uzC42e2A + 4TUAE2/jcAR7LS8UojfX2/aoIJhDUsj77EcV22ghUd62n62i3eU3AWal+RPyGF45 + OiH/iGRP8hB9g7n6LH0C/bUrrA6MwXFUEndlkbFb8NR2Qdrubr8= + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubernetes-etcd-pod15-node3 + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEowIBAAKCAQEAoCCx9m9J9KAt5GuuIRwosVPCp/OlWXs1DANK3LmTF2Wo6Bbo + MYiarxBWRDYz3YRV+3JZ3TCEtRKphYFBnsK3yRTtZROyvulJ2BNRPMN5V6cNy81p + nk7QPYxZcc0+ed7jG0CnLMbc5qeFp94oqKoXt8MoFdMvzcRrGoQsXutxYiROTxhg + LKIPzsxJYfdZf/kzBzcMPwtyERJ8taLNKB2jDu6ls5xTOGgcTb+Z8wBmaH9Lvgpo + uR8Tk6caPsqK0BtaD//XHcxPHRgw9B/yLKKnEz8mD0ItwFwBccG6bXhJYtpkkVyd + A3xcFNHoS+fWg1DPallolFLVxL/CGSu5dsZu0QIDAQABAoIBAD6SyDhu4M2RUp2y + Xoddw6EYBDcxhOnktaQOHVEHy60W8txPJ0lEAn5quetJ6xajQh5SXz+KWDGSK2Ca + VBRALyWK4gHforfr3glr8xD1qhNQmpmLmbxdPA7xK3rHI6ToLoNVzn4279fKmvYw + YF8YqNAMmTt+HW4hVWE1SUmGY/Zfb14qXlQM8gkC2u6G9+AfVcxE1PtgIV4wQaDq + zEb1Jt0T6YMMDAiZT7s1kQDdVjRuevQ2qA30SOpTEWkbKlfhwJvPGfUxqsucZ++7 + xy0nI/Ic5WAuVw+T2gdwoE8TlGq+4KpKAXbREVCH9wXPNgbRuYVheSffMez0Z6xa + KefO0wkCgYEAxq1ESRm8nHeCqUrYvXYIUJ6G0PXnKPjEFOcyDYjZTMiurzT81vLG + C3Rwk7PYSLG2q87QxGEx0y9nkdkIGzIgOQmYeV1/49qxuy+avxbPpm5Fyu1I4zec + sxEAkp7LGW7hAJ8hDTU6vGlpcbGXV0XSKlfs3QXBizd67AH2DS8vPMsCgYEAzlQZ + +ldBwO5cFCaxybrmVE7zwLEHsHON7Cm4ctWmwqZYNR7dY/R9xtUjKM8Tu7wOBhZv + CdZ0NcomBoGpsPDteCzkQn+1HkG1X6zFvsgIDQHPMpPpgUDtHLl0DFIvrnC7hT3W + H7OFfvJEgHYQ9qc8YyWL7XH5pwjB4ZQfW+5rC1MCgYEAvt1V7KQ8/lQRwnGVJu5t + roWdHsIeAM58EVjKTRZbK9jfeJJ/FEDG4dpLDJqJ/cw8oXFePkrhgvDXntXRY88U + BbeiM3YPluZSOHHTSCCx/EGT6w9qJl8WuzBqTHEgzJ4oqmA1cGrisn7SPddOfRkm + fmdZtjwBY604+eIobyIVT2ECgYANZvcdBMf3oUQH5w+LXAGUHmDE9nraYlcorPkX + NHuVjzqRkMSutnXpEXUsNG9CtY9vo8topy57Q/s+VvPP04aJVNkq3KLGKVx/r3hU + 0Sd8uM5dqa/0PmRohj9cgYYpXZdAq2iaPI4CVfhPI9wsOWa5xfmV3d5qlC4L2hRD + Y3Q+kwKBgGY9mBnMw7tSncsdCljw+wwxWXYIry7C9X2cEdXQN2T39Q4K2DztcnmH + Jb1vKBRuF7phH3Wn9DNB4QI85DRkOeI1BqujJdgeNjnbU68T6kwNChLskAlXEsfv + WijNjfE/AC1QWbq/krrZh9KKXJ3S/KLxgqAWipBvvaj5SF0lGlzN + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubernetes-etcd-genesis-peer + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEpAIBAAKCAQEAqDcuZfEnGmwxrLk8gaC+Tt+N4I3LzlLKfzFdKvClupQ2a+hs + EPcQlBgOBKb80HJ1BT+/mAiguAydlL5EjRfw240ffYO4pkCYuvwxm+rdSMJCVrby + dMVzH+AR32SvRRe9CuKW0ed10sCUQm+UG0N/5OLo96CVlCmHpn3fcR6yXG5lPs2Q + nK/O6Tze0fTkQ7Vcnep7g1oL2z7rtFl5kfqiE88ujeM4eUxISeCH8vLBf8W/KAmD + 8aYE8QPyWaX6s0Z344iLKfxBXTjbLnvQ8Jhi5JfcG0cEf3jk4L9/qriAVQf7gnk2 + LkGpF+Mx3rmKmv6od/zx3tJpz8zZHsu0lMW3WQIDAQABAoIBAH+W40WFZYCAIil9 + kuxLrS2MGUQCqVyEpX1WRvGj+ECN3L16XEV98IAzwqY6trWwqxvhH4TEvor7XqcM + rlhKmXEeGI2OVIcdpfrmAQbfXRqr5b96Imr5vPmnbkcASoTgnY3dEkKCCndhhNLj + aPZI+3/zsHrqvanU2kQpY0qc2vKJupi1xJrIMFq1b73BRWAzqpifTywqBfOf4XOB + 4jTiNn+plyleTCGAORdGsEr6h3qh3eKyUjD+qZHwCYn18ODDOe+dfKN+YCU5hLiD + CDl67SKiQy3wUtnKRoMOWNrJdzl5G9TM+rGcDS+p7fjYXfXWclXOthHVUaA65FiJ + uvxolKUCgYEAyF5d0K7X6UObs7LU9MV74QUdhy+wyoH60MnzAvYyzpq8WSfjGjVF + FlfYjyvvQvvRVRTMg/jMOMVVZECNh347j0oldzTxU9xuHBxVbyRIspXslwTxVZjF + PZoUXAPd5kEMTn5PlagI9WPC2KXPiMVjp14YsS7/3Qp4TISQES8BUZ8CgYEA1ut3 + RF47dfXGRt5fw3vuvgZfNaQ3TRzwq4evEF9ZP8BzpMhspBqxTlMJg4uNkAeYuLj+ + hrGYtEGXhEwyO0uj4TmoOwEf2+2kvrh1kxNWxElLqV3RokM3GYq8hqoaFeTek7G+ + UIQ1i8xGJBITjuLNglqV2FCNFa4V9WmZ88HKBAcCgYEAs2bCyxFxopr1Mz1grVSQ + 6VYCLUOHIJqmrwDSxAkaTqB/Gbi7/4BIvoujC/YDgU8lC+/Weidu+zm8jkm6LuHY + hCCYURanKTYJpMO9vwiWysewETvMtZ5WpCRsLEMOEJaXZUR1D4Nnmgdbs00q98P8 + ySNYKnTxhMFWGvTqZWhX3vMCgYEAx35gAe06Yl9VwfiuiYUjce32OJOK5aBkYcQb + oyXucTfR4HZOKfHA/UQkw58pMzVp9KV7VUnKxh9QZnRX+CRZJTngx4xep0Wqs4ID + WRcNZjvm6Hp2mZisr5/RKWsBtarxU8UcNB7UmURvIxJIZ0xtmH8/MkBrBWHHbjqs + tc//FccCgYBSPPXIk34uoARzoWBhmpa76lPIRcfvJihPi58dtjWoVI34ZrO8GUxD + GAuj0jgHWunsM1HKgp6/KE1i/c1zz0lijHFmXFwrarmIJAJzoyAGtrZu0F5PdnAk + J42lOkPRU0PTvLtl1FrwBgeL1lfyHj9ena3jHK1et8FC4OpjMBfYXQ== + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubernetes-etcd-pod15-node1-peer + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEpAIBAAKCAQEArCgVYtqeGZpMlLBJdlHCLCq3V2FV0PH2s/IEUrDtvVR22BIO + BjUZzkWazY6w1jeJ/0jcAIgMDw++/vCaY8A7ZE+pogldQM7NZLJ3BK8vgLLtzRLb + Kp3IpPWz01VG82lSk+vdx0R7e47weJWNXuIfa3bEdS0XA6vIpL8x1KXVCLA4YBtv + 5yP8kZKvOjvtaCTkc9N9J7lhS9d82CczBFZMCyRjQxzg2OxWTL9QS6HeVYqu6rmM + lHUnndtG7br6f/p80PNkN3sePLRkDo0ns6ZKCmpoAIlwRJ3ru/L4+i8qNa8bD/5d + rqnOFphIwBEvzufSuh4MxXbEh7e0Qt9/PCmDjQIDAQABAoIBADxuUZuCvC6mkC09 + eHwVFQDl+betji8rUHs4ADZ6rulf5dvQ8qVRLH7QxhdT+FUp58H59GgnWXxL/bKG + CNvtFawPnq8ndFmUflrTnp3BVP5rULhE3zQlcNIfAYG0lJRLK1aLXC1fp6zmrxjU + /mwJGhhh93JeYo7CVUsnZjmMAKzsgwVLhYZgV4k/Offv1TqyxCn1w3DGlaDsPZmu + uoe0fiG+qqrLdx86MwB7kk7EOCvmvv2k350+ht1cMNyKKch0DBrlo9bq4v6ZpwOX + rXbd7RR4LpbjuNgO5EmajIMBnn6Y/mC1g/jFxgdKCTlhfm5uMbA0cj9NsFQ+B96X + CPzLewECgYEAwxRFf9CbrhcORcELcnn87qObecMsDri5jrofYBxonTowVBiIovht + jp+IQTtnwx4b6aTx2U+Wayww15e5Fdgq4nE1hi2+VUw4wPRAZU1MSsTkZfwA34DQ + /ankEZvUZkeci2uPw2gikxUhjncnzV/d+e77gtHP/gprDYDlZQE+A0ECgYEA4es/ + 5purZOf2wtc2Ug/zsYYVs3zVRZUnoMGWIz7TrbNmS3x1IPKQRUsPQZpi9Tw604MY + 0hTIylrz7tgBLWosvQFHXjcnZ0ZF04pOhzFVVcmZViq+XHzlTr7HKQGt0bzH9Yt7 + 9bYRMqXbc+gXBchg2wDna/yfEVZWE1lf6tlVSU0CgYBdji0+fQcMWJZJsakRv5sj + v2bi4E0SyliDMJO3fihVrwBadGGi9s1j5vJrhlfe5WOxi59I/rg+sbTC0Eq9RSxb + 6LsonGt5cNKPBxSTAJ0kBoUau96XUano3T85iqg0XQegfXc22YwrSakML+zwu5cz + M/9+36yGQuzQTw60gAIDgQKBgQDb/H9UxvC2aUnXoEi8z9u0WaR4Cm6COyNDXj4c + Q+lLkw1hI+fKFWh2kQhiETubIPMHUviwWJzMrpQpVxyOZHz77mrYS0yLO9pyipK9 + AkTeLFirlyOWW+fOLecw/vmK6hCsAQ7LzGYis25mBvGkJ+JoXxD6Dhu2fiOC49yK + iuaJYQKBgQCJty7Mq/YFgvd3iQbcoTHHHe3E3fD1JQjUr9/GojiQzY8M4WVbI5wJ + nK2a2j4tMogPfxFMRcAkrFaPDAp6ajFz/7lu+MM+bIojucrOIQTK8QYV94lDctJ2 + MW9wlqo4IxQuhgZXlsuZMSaeQW/aSe5BrlWTNxrZAQotnNL4//gzwQ== + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubernetes-etcd-pod15-node2-peer + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEowIBAAKCAQEA5sgsUw66Q0XnykvSmIef9hNoD9qRwuAp2ylk7V2QTKXFN38l + DNlI2v3ByhqaXSi1NjHTOsUx6gpQEl1QULkW4AD4XhqB0INrHuEtQiu1MTKlNIAK + 2FlfICuc+WRcVFtJKl0Z1Xpbjosw2BIOtsTnfA5crhx54dvE8vNaJw5/Nf+trdJv + BMxaG3yCBqPai6Km36944TzzWqo8QUoVWK2MCnufp95ZRvWaIPXNKh7XQuiTDeY8 + ICvMlD8OFeNn1u5pWBTfPHtGJn85skv2BKNDkRlzdr52PaemFwHM61+TRg2nZLDD + oieCRMQs2yDb3Ah20gKZ9H82wUGnzOYe6l8FQQIDAQABAoIBAQCUEVpe79QR1Ygi + AwPbWSkIeOsLQPDEV46DTsuyf5VVmAYw1SKwW7iiyKzNPsRLgRLC8rTTwDGGN5eo + MLaXFCnZDsZLmjYv0iGoblDbY6+dISFdzcknhi/CNDlCyWFzvh3zUEiC7z5O9n8g + InXOTgc3UP+lth99CcQTHI96/5Ie0fQXGhc2DM7W0K+WNaiz71mAFCdQQZaiC4Za + uQzvDFFbFi2GvUH5wFPWr2aGY+Lu5Uw0fb43DqD4HmbJgIeHPPe06I+QcBmFjGd3 + eHBzifFZ1uURGnAhlZY12uRLBZZ7IaQzQxy87qkVbVnDKEkR7rBLs0hjEYvBTpaI + gbmB7MEBAoGBAOd75Wn5ZOPQHL7rVTJSBiEgn+TEOOiEUiiudRUB32xDMLyIUeOS + 6dfQVzj1eeajlE6u79UmPdv8o8Np/vtgygK+aujgvA92BM52/TIyKAi5Hnc6qLCx + TeBWW7Ov561SBg3kiQ/KuyS9Cy+WAYG6kSBLh+P/6NqWJLXA+FdGnn5nAoGBAP85 + PiywyTwFC48L4ldQdE6EVd2JFuX+RSCWu27Bal8NMFasV2oRjELCYKQ+UnjisEEY + w9QlffbJGJIfxMIjHo/9N8SGnEeB4QMr6sWAsGMmP/XBvOyJlpuZxkfCbAE5b3IE + yU9PwXecoIsyaCRk7P+q48tABYPMRIttlVEp8sYXAoGAZ/FmTnPCLdmhTsl1dCcI + wY9YvOyvcRkZm1LbGBfDL2XsWHwN6VZq0pGm2NjBaCND0SEUaG3HkSSclH7gFBie + HSVL9E4VpAumlN8xSnzjJSea2obogI7dHUMp4kG2kkkmls5sDT9HUXPhtfhxrMMN + r6a62lJrSNvqmAKSgP4g5TkCgYBemPX9lI0R7QDKxWngWRay34P/98b/+k3e9V+F + frURhA7toTVJQDXPrMIrPlpNKiCQEEDNShQ1O3Ya+yFvn5q9XeqksgwMyQwAo++B + wuAd79h3G5cNyTWEeOuwP1TO4132UeXXusUHs4sh7M4C51Gctdd2x0UEA9tIHpbg + nX65gwKBgEuw7wQ5O+LEElmr1LtjJVG13YwshOobAaA7AKxp/JOnMcnU5KTuOQpw + bq0jkmIajBev3aKLRMI8vozJ5pUa45dzcIX7xJ9LYCojeIRa0JywTZFvtFCj3OPk + z/kpSEEtAY/7My/MM8VfvNnqGmuGeRpMW7fjGP5kiYuUcUJ/TGQ8 + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: kubernetes-etcd-pod15-node3-peer + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEpAIBAAKCAQEApI9u4dtW/hMk2jbZeZFkzaOfF5bLgJsj1XTfiRoQHXB3KA2h + 5J9CjGbHCX2BqpDeXI0iwV0hTr2WwkY4bXQnpMrc47W4mgUb5jYy/o1/UslMrOXy + hbdNtoSK3gaJU+4kR/P8ekblRSFunGkAaSvOF2hWXnuZe55G1QT1pk5YIAmBajqG + nSIch6ehWhWOHrUhN4tYg33iQyUvaGnulSeiwSleRBhXwkb/RfsAW+D9TpH5TLHJ + pHlJIYakrXHTR1ev+lOXn2Ox8R7Xtx9q4ePeg5+8v1uGAKUymyksasJc8VEEdBq8 + wUP83FvP+WPfXqrOnZz9CifIkQ/VJFB85nySEQIDAQABAoIBAFLHUCjPFDCU4rne + U4GCsOl8wD+2fEICSIFM3FF0Sdz1QQtl6CVAM9K6tK7CcqKhYym9WVlZhrK8TgUG + G8Z7YqHT5k+pjuXzYfhpFTfVZ9H2LtrehSPcdHw2qkBLm3Mb3SZQxpWf6h7fVWva + qfk9rts5ghDfLfLwSINJjmSNDml2cBBQJO3m3IVZqElKIr9hSVg6HF10YcWGjHqA + SBTN/Ybv0yEA/VHlG3QIobwG+zHTl9wu58CRmz0yNewX4+dm+kPMjaoP5GM72T97 + G8A/tRIXA1NIcII73gJXHMqUhU4SOtBOLYzqSfRfc4ihsj7S4lQR0g3gSLAgZ6Cs + QYPKlz0CgYEA0tGZHggbxiwIGG9rtR4nLJYumxBzC+5MbbOmKmEVVoRkwxQtq16c + RXdGzCKjlzyLFKewmqNCRZqkTXcNsnlP+YHGX7muLqjWy9mETwcFrvXkiHubmS0h + 85kF9lOwBjpBP6qXQV9K4QU4NABPqDVAq7Rp0msawECrYIlcozYgUAcCgYEAx9Pm + 2CV8KlOnkSf1tP2Cns3Eyn+fyFDSX58n13P4zzNOnIA3mCdbohNRXFuGqbk7XbFC + mW7N60zxhWADypV92XiViAvfEcZ/WO0kPjDFtvWfhHpzWkn8Tk/uBoOm5/gNqEy7 + fpbNTDacXmqdPl8qT9Vzkj6OYBkYPZZVQ90yVycCgYBW4q9aYzkfKZKEj5cyZCT9 + CUBYBCWGK0YwiDPZj3191L66b5yK3klFj+0LwNLvR7KCZsIwWUy85wkELCbnAXxm + dofNd/dDn643AYS4FUrQWuM/JMJyFNnDTbPZW5BWYLf3h1UjSiTQLJiHRgGOb7Qh + kA90+1NhHMYE2VfmpC4ZDQKBgQCPKRjxManLCTO7os09ZYH3E6QxD04BzSVqrDN2 + //b5OuDO7mzl7QyRCRX4/Pl1DuehMCVulxufv/gofak5se//pYw7c4XUzkjeBMc6 + Zua/NSmbV77cqLTBxjHZKOiit+vQ72hEQPXD7DwKyIbu8G730wyBcZ++6Tuco99i + R06RcQKBgQCYhpXKERi69BQ5yHJtl6eOu8qP4oF1KTHOSdVGbUkVn/rVUhVh2z+8 + eo46X3/9OVWcSgklBHy/OfKj9PYSEs328R0QI2BiVS0fb5ijkRXITizQYmJygIFt + F5uzGVhQup7saN+QanzArCmv8WGMFkGvPm2SgbuFyT5mYJpHcD86NA== + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: calico-etcd-anchor + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEpAIBAAKCAQEAr7zaSPZqGVfC/L++GY6OJ3YRWPNLkQ3nM5GRh82Z/aPpJyqW + TxVHQ8kvNOyGxXAS29TBNU68yT26Y9tZFqI5UviHWfL6i2++lWUXwUGLs35rQK0l + U1/+1MbnJ5nbKQsWsYxsXGzIPVDX+CpvLVHPxAk+DWxK1Eq5nJzrOBFQKTJzrWJQ + 5S5TVk3JKVAOalZaUawZ42y9fphlkpI/oG1wYOpHy/Vw6HIhb2bgzdfi4XMLQoVZ + FDz3jwJ7fHvhu7xCPuy30MT5RCjG7y3NGnPRF/OJmw/kzgXtZmJs91uhKwerhJUu + UfY3D4W0eSpGPIcDxBLDyC9IImUGQ6J05Fh0WwIDAQABAoIBAQCUMBylT9xx2FZc + yNblOBdY4S+JoUbEX0PpcUOVj2LdxbzSQRAUSa4ZU+mRqC2RCYttgb8WU3nP/FRS + 5eD+u/a4p0eDKufocmb0FRXt6XaC+gQ4uohyAM2i4MKE2zE6L9aICxBI85X6VlR3 + OFkdjxIyjVSc/wcucoCHtq6GTdsZkMJYeJkuKqJjGwpKD7uyNAPIe6N1Xd736eL+ + 0HKfHV+GMkGBvFvTCXICiDA7f3eyh05OL9UEnmFzrbZLUHpBy0sXatEiXE3/bidh + aBRCmvfviMw5rynXH9abPx1OB0abGzskMy/QHbs9+KbxQqmXY4HFGZKAxTqZpQDr + r9XaDKsJAoGBAMl49N/t2wFvvr63lQ5tnHULiZCBopLOGbvescJzxJCzqlEoDacU + g43Dv8/Ir9etGYk6lYy/Mp+fYJxiF6BNc1qtnYQZSjDr4v82i2ZiryJMeNlBGAmQ + SKurJIynkOjQZ36KcCpIlpzVowlzQC3Ku4HjUo1YoLIrLv7Pi929wTdFAoGBAN9M + 2+gujvDfJ3onauESJv5BEKt2ZdBLPGbMYVZE3SumZ3l5Fr1fyF0vNQEO8QFhE0zV + vnxCWMry6UoL4k9FaR5nESc2i03/+BwURAD8v4r/fQZTka1hDuKrbsEzKmY4Sofl + J1iGg9qZZ+fHAPPQ4QdZKeg9RzjYirO4QUtCPmcfAoGBAJniWl9DpNinCnFPdXlM + vYkk49DNQ2iQJVW61dlpZUUFBdzxE+R/JbA9SJ+jcLPykiOf7KRRUZBcQoWP4u3c + 2nPzUfGZA3L0aTB37+enDo/LCy8dqgd7/hWpJcSNJIC+1Z3wjZWuVeO6xcmtDuMr + Cyc9g0tU24DavQ2BZxpaGl9lAoGAF68IN/UQNh4FCuC5ZkvNlPQDt5vkKpaAPor4 + 2/SL3MBWgzzDm6xYDQIfxg/2oeXQ7TpSbM2Aq23eLntaMnwzLQVTfWw8lDZM83V2 + zQABtNVqRkyAy/naYVI7egRaP+NCjG1SogIKZBoXOi8SO8nwxB3B4x70uePFulAV + pMzO35MCgYA2+BkZ++422WXjDAAsRN2XK3UQOH4iMnLcmCs1qsy7r8Iejr0Qxq7R + a/ZAhBul9k2kCwASWCtnZeMUbCAuJQ7FOjrqUpbfU5Plzdwvv6Z/d9qamYXFRFE2 + noIvW181do+yULCy97YZnQel32fSEJXi3MSDBqFCq2gBWtkZObbiTA== + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: calico-etcd-pod15-node1 + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEpgIBAAKCAQEA9h/fuLJEYQOd7w5qZtwvXzziwiwIPNZ1S+AR+Lg1L+0rQWe0 + rf6s2BU/yt8bXR+xMeeKJdSWac/oqpAbqvyDmLJEDOZbrUMgIg8m/ST7AnEA8JZg + b3jTha1DWKPkxcodBhoBY/vb508t4NmuOLof4neZ48u4+6wUoN4TO6jtYNce7W5X + OGf7+WvK8d367a5Mq/9ajecQygDs2vuijHS2HhHM58nhsfdb/JXAsRITL2R2dHA5 + cZ4rSMLfeKCUNDPEPKxv2ZWrTEXoWhjEaY+tQ8p0sWWM2wpc1hF2vpu5y5rIIHEd + yeT9U8bIV/n3RhmOTVEaxHi23ZgWl8muuPIH3wIDAQABAoIBAQCXvrMalp5eCfLX + rtWfMWXrnAhamvdBOx/6dd3esQPp1pnyq1PUas56My+vjrq6QY3oLM8Z3+YUuuDC + ODM2ypUAEfiu01/2hQpMtXbeYGx55t4jdzNhxuby5g49ml60K5aVanctA91i0YiB + tvQZeXerEv5IWhRk5oWZYRIOmGoyZ3nYP6S8kyvUzhCF9obn6IQImOBFkib1JIZa + N5exIYutXigFRT9ag/XH8wM7+/qRpXTHsAC+6phey2vYr9TjkCnG50POMDViBfJk + 4x3Ns7nDiOjD0yl7p8NSLgcGke20fN4aF14dw+FHfNkEeKX+DtZAMrBPV5saJqn7 + A19fRMdRAoGBAPgAKjdQxMoHhLtidhQgg7mOFZagWA+1gs92YdZjdbIIhwClXuw5 + n/lnJaUd5KRjl6iwS8uZRuPs4+eBSB6EJVkm6AlDZDL+dN8lT88cJ0sQ8b7Um+iP + WBVLwmEGfTOovm0YfsM0jtr9rBU55Md3toGPnGhBlw0urtHOdtJn8IetAoGBAP4Q + N4+ghrhMvpE57kNwbZgQdon3WdTsu6z0f1PaefYW0rL/D7VQ/QYIUwg064aBspV/ + e9iiOcJJsFi2Jz8qpTMFIr9T7zoFy/B94GvWhx12BqRsBoT+ABAaczdLawT2IIyb + rE4bhsXgk45f82Oj7rl4htyXvTeUNs3XmINFQi87AoGBAIJe89Job0sVcL1hIVmr + ThP5kXfBiwmXDdEqFnyxhGm2+eFpDeF42ZQumSeX815HzK4tH2tEhHPFUHmfCN6h + 8VBQl6Jm/wGfqqiz4KSr1CwuGCeNdPhogpGPZfvDgYXqq1CGk/ziYEbXG+N8r7v8 + PsEVUc+sy09uvxAkTWqGoXdxAoGBAPJGRLWSPuZBSPj0ZWGqNNht2px2ZBPILLAh + 98ne7a7e1M4crL4bHS5DgeqxjGgYBlTJ3TAYgzvjSWdPTN3PrPmaTChnwhlyragI + YZp0WSSfCHaDDTSFg0nX70crhEKW8zMiwI07cqoAHrYGifLawSvc4744dRgrHpfs + oGOOCC9BAoGBALJJA35JqxMNp9TdYNuwkBNsk52gQpZEG4jlLFPlAMdNgiuoryTh + dF4JpqATbkjIblIqAOQgeXOZndcaDMY6tXCewMyHvX76aCgh55tyCqNd7k9wU2qy + aM0ZgtlPzlkwKjHXt8bmgPK9Bd2/klaCVi5gXFEIbvQx70tzjkjpHAtx + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: calico-etcd-pod15-node2 + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEpQIBAAKCAQEA9vueco6nzJb2Ta9b8mExi1LfpgS08+naEvuDRKnb1FBsjZFf + 3sQsVkVIu+3LcDUnY7BCdiGglBZnDE5cRKYp0735fapww+QBAN2OtQRd1uy9oVDf + j3H3XcJYumSU/Oc/wmVwvPLXHTkkrFBxyDJmPCXEV/yXAueMJYcD4pOqIfOKXeGT + oN4eHtvmaLA8PcelHK6nqgE0w4msN98e4dkICerNm8G3tqZS0gWldxeCRHR+po2S + szXPLY4F0Odtb2Sa3YbSW/TI0+wHAFs855cqpBLXTZYr88BtjU4PzrlB65kWI3Q2 + CA3myofDgST6crvrNiwYuLGDO2lUybQMjf1ZmwIDAQABAoIBAQDAGcmN1MNS8AA3 + QDPF/C7q7NSjbnnIVZWWuiXJnEwtgThNjEsDG5ZYq578/OIFLnKqqQeollMtm5cf + DTva8VsLJHIPeignVQoqwCklRnYumwiLljmseroqJOWaZG01oDAJZZkgfckvI6kQ + lalKS1kVY1KqFP7n9W0eKzusWao0qI9Evj3/xy+Xbbd1tw1tKt6cQXAXIKybVwVf + 28iBKhMGmxSxsHvDs3J7meVZ8hsFFaxfl9oNtQ2nASFX71YlG0+mbLSZpEWMsplD + A/u2CfkVnbW/O2Pmpe1mldBE8PCLrSlFWHpu3GP0CGewPEjaF7ob6lffKRWoW2j0 + uWSCajsRAoGBAPlfhqnINQUQ8PYSx1+WE4lm/QjYn9p843yzyN+q+2AX+EyipnNS + bpeBrpoLA/dkPwgg6JV7daJpJTZBYgzv5bXSxgQ+UtWUPv8sCSJ2MQwkwTUpfGJJ + hgZrXnfv6hp8H9eiqAb17423njqxXnni5zfiaXkp71nMMg4fTKID3PDfAoGBAP2L + 1QI5TRreisUWaCDDvu/pKSgCuWmky+27Ly9o6fMIfHnwK9KtueKh0+vLGTZyeySs + p9LK71DvxFKvIIqcmMuUuGm4isMKhUFVy8bYBgJgESRSKImFiXtPHolDGIfOySmE + mHoLhnvI9DkWJWpsFxexJnR64DsBOZ6sZqqsccLFAoGBALdc20rqMLop69Q0mK8b + TgBBXxtrFZd1L1yZYcG9Gptc5LGNA3FWkoUK0RTptp/o8UQL1plbr3Kdd8Q+LVev + 6itY8UtbfFMZb3z3pzvUxlnUiNCLUa9/unHr7wmnum6BCHTpYD3GBsAg3NLxarOa + +UMpUz7Ja/qOX9vsfc+/oWznAoGBAIzBt1RPuWWETGfT46Tk5rhLqcSDlql2ipwF + AdIBHXgFqw0K71k7humxS3QowWt/rKuUimq0rJ0zLrt0a81n2E+U1bgjci2LRqUZ + 21IdlWB2Mq4GSmjmUIe7ScmMDS8/9l9tNDT09wj7a9HRYJ4vOba2axHZMWiwamuT + bD+uEk29AoGAbIAoQX/kPAEGCi2uhCrMMD4If7X8Tgw+wMN3gjRqtGJPpuaq25zn + ZVBwXndiInw5UMOW4huaThSIE4T5NBJjc9i0W8Diuaod2W68/Cc6MKW0evM1wrS1 + nKJX+ljWFzmx5xKQ7Blp+me8kdcAHZ3iMQwMde53jRZC+rkICJ213cc= + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: calico-etcd-pod15-node3 + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEpQIBAAKCAQEAmG6sxDuVQCgi0PKePzh9jvZQv8r7WL5bSRy9fOQRWzlVJpEg + 1+N1ALjp4FugY0ySghHLgJbOjBFZC/mWZNWMucpS10DK9jdaxDMqi0MBmmFRAMOF + mn9/2miQyuB4G76htUlGf8UA3hfWk92xzRrtGR1N+uWdBZOOhpqqiyeD+46bNLJV + NZMJqk75/9H3WclbbZUt0M+pYN5A9AozZ1MJowloZHXc5cyw3XPuMI+WC58b2pUn + C6wAp948q26OW7lxxwIIsIlZ104MHJx4goJd+kzivEyAMryihQiUXjOZ70oVmTdQ + DNpCjITjANHzZWERuqSwfLZL2U0+Ee+X8x5oswIDAQABAoIBAQCXOtZ1KZf9utQv + 8UVG+8i2GXIrljqf5Nu0QatNSQhfNRZh2QJ4rdXbDZobWUxauBFysizwOq5ZEK0D + 0G+BQs0HVs+xdzrl5C1NEmZXG/dvLrWqyFC44135Vlywqtr+y7aroTMseEtQDN56 + fSx1jQ1GKWjATyXl7mss6C3jOSUcYOtdB8dG3eYWOLxswsOuQsgt+Vf9WmAzZgvi + 20x1NVBCAa7HGd0bY4Dei1Te6Oq8O/aYvkslzmMTPc+EuHqphwh9mD87eofiNrE7 + m2Te31StkuzQAsK+QjD0VHV7h3PbFLLdDQIEpReoNI1agRHPwVHD+qawRoMDew9D + adhd1FEBAoGBAMi+B9x2hIXPudd6slQ/jmzVg6dvSkNMMqEq0NJRWWkLMl8lj55/ + kXb+S6el+gXelaFXx4FaZ1mwMv0KmrqgBJiocWd/7M4ke750hN1YkZTaHGgkSR6w + +QcbTMI+/B0LiZPD6tiQ9ZpHg+SU2X/eskovL/9R42qirLvFLD3xCc4TAoGBAMJk + UlrUG8WfBkPm6Y2l9h1xvsGWKSKOy4jSB/Ih077FWNIO4M8861ibDs/NAahouxmy + 9dLIDQn9omMBmuWZtqK0QZ0YonQ+zeFLYBjM6RIGOIhw/SYxMEM1bPliXebu9ozR + sVO2IvGDVm0P7H8dNxC5qWjB8kk6SdDQi95lP87hAoGBAKDiDBLYuaU0slDL+Rgk + R9VZ2cXbH72H2Bvq4KluoSXa32f6BnyU6NRhQej+0L7bgThpzW8SMTpkSLkcQp3H + mWdvuFOm5vbfrn0ZjVKIpUSS+alNS3zZgPv9GSukpxHwKTbQEeu3Yd9f6YjM8vPU + WzexUdpimszfy2hBwg9ymtUZAoGAGfZuLWVg5C8OFimUDfAZg+s6L/7PNadetcJf + f05XSoZvC3cjPWqEgEwNWWGnFAgQ3SjSvjkrzKbMdm6zcnDqPKbYkJPGtsHgm3OG + vSk5A8hC6q40kVJGgON0z4X8xqgp07r59RVBa4JAG8bhrkSHozs4zh4BLxiS3UnN + NIHPWOECgYEAqSrXd1hAgXy7zWvM0odgHZgsisOBVc63RDQHx0XBJS5ptfgR0XtE + //2NvrEUaX9K8zRecnQZo/oQ6SVTSQCSOkniMP1s7pnbUnoXedAsU7fT0rr1T46D + QzrmI7RI8RO8FoFFVD0Z6jCO06ZXdBQVxBQV8Xn/h8EWMJp674u1vv8= + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: calico-node + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEowIBAAKCAQEA0FdwcgJFYkRLddOfFAv2qO2B7+6MyvA4r6PkgpPzcqTunu7r + LXmm+iWkrGktTZXR5GVO8OgAqkMdYySylfwofU0jEc8r5+1vg7qSNNf0lt52ctwb + U+SZIZeg1FL6ASAJYpSpP8ACqLfwnCuY4gydbj8H7BRCwcnVslcqwc2fPzAgGIX7 + Jxl5D+Ex3gN/iMFdZvYPpQgL06iaf88c97lArkJDJjtkDTHHE5P/mMgQzKpk94FQ + Kl/KZDkvzQs6wvQZ4vNm8OakloPaD7vOohGDsDh/suGx66OrIGJc+UWqEGIN15AH + M87VFK6tNzd6592L9Nf0ZYES4/jaHc7fCRIJxwIDAQABAoIBAQCIPSWi6ClHITHX + UxNroIcj4Gxf4bbf3kazVJFRcj54cbI47DOOAUdXvNX6iKy/V4FxwW3ly1DkBg9p + jc3alpJDnfWY58jmWTXbBl4lgDLJlaAPbC/SpGIevXDGZ5xkr/ZzKJOkxIL4oZAO + D9Rhva4VMdKUZotg/gNoI+gp47SHNFraDtmcluIw0/OnnONkR7HDf0HKlZDcyZ5N + 1apB91/ujkdwGVzFgrgYLOIeVJkjXiUBg9g7er6T/uW94A/6LrnkEONx/JhAGk2L + 8Y8Y46b66icBlpTI1Xa1TJ4Fq3qGNBG30q7tUdRR7RFYUEgRpVFXWHtg1DVR6wLA + 0bCG8iUBAoGBAPL1lEDrUmL1FERNCAHi30fy0PwyMdDt5m2gm0J/kFLeKUxJUdeG + q2cGsU+EMK52flAtK2Au1GBj0Mc5gX24o2mq4EzSYAZ8VkNENIhg1biMBeMiQc5Y + yOudCbmvAdeLq1u1YEHnGyn6HcwqsLg+NGgxiVl4MDas/z4st9H7gYexAoGBANuG + MIv0SLHMraXc9kOUIqgw/yYG731CyWurI0U61pQ5DO8JEEaeU4sKzQazZfl9dUpE + YYoaTV9+6ugwfJwNnswcSxCLYvRU2K8U76AIot91t5gM73cxsCv5pjnCurezB1CG + /iyd/A6r4XpSDFNOKZNqXOCkTGETj+wPK38F/373AoGAeby/ij/fSiJPA2ItrvRE + uMJcIOHtwChUG34sDYfpgvw6aTUbwwiBfeAGnDc6RVCuPfJEF6+fTqT1Cb4wuhP4 + HYw3U4beAqHuf0n/oI4UyKGwmXyiyIgINLa9FsMwAxbCx/L7xknMfJ4MrC5/2fGh + RMv9bE0iq2LHihnSCW8iGiECgYAzoY4NfLkUSGWXGy84mcDE+jEoin0NYwXosumq + wLnzRq/KEMGpOle/3hx2tP8I/P73JroiNyl3imxJjA3izjlJHGZzT7VIbiRAmZX6 + d82G7TLvKiuwRxl+XktATpKH3i2cPQPPDqFX+gkgMegAN+QDbgLGOx5Tvrwc8zxx + tcFv5QKBgBgMzClSjp0iWkbdNNoUA/tdVSeGgZROOIQrM7AXd3ZApF5qXGp0h6Oj + iyfiISdUtuPD0xtjSQnsH3c6DS2c1lvCmqzc74BRb6O6CH4XOXhLhwCfEDSZku7d + Zc5ec3j1XNop6fZAXq2AfueTKIH4Y1NDv+rnKNBpOEBepTpR+YTg + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: calico-etcd-pod15-node1-peer + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEpQIBAAKCAQEA4+lsZNA4n+9Rd9qk/yYx32Qgq9He67r2blY6BhGbffo1nA+K + tQ7mhSnwYVO11ktp359CUpADwCiX4+QuS1eBUUXGjulBb0YBjMlY5Kz25bTHjF4h + kpkSaiXkvvRnfMZLn6ezY1Sdi9EgYSYcHgjKg2CZFvS9OkSJC4NSNMYo43PS6jzj + BIQ5ekucdH4LmGbKgz9y3cC2l0vXj4ZtWufmQjYudULIiJ0qliQUzHPMZFGxO/+n + i2i/a2qYubqyHmlirPrXBhm1bKkUEdPiBjndwdrN/TSQQsPZNleAezKJLfNwl3Fj + zZ/8KBmKKAFvLM3VedMa/T8wDbJU+wXueyqBMQIDAQABAoIBAQCvOP0/HN8MB2Cp + Nw53pBPf3glIUFiE//8KoXyGwe68Eiw5SbGotkYAx1eqXEOG9//0D2tcMqDPkeYF + LZ9yCVrA81ZO9YJ7XGVAqmSPm3NO84gfoRdKsCj6NxwAu8L8qS/nFXXTvnBJ2IR+ + bGBdrwCTtSa+AXeiXqLGmTYQoPE6vJRV5G7NxO2mmMemAI0sBvH3ri6FtF9da1nm + vJWJzDzptjNdd0CE6Wv/y60j33dbWGjABgcuZv9FgeVNQcpxW4eY+bHW2pto7Mp0 + o7wEQPWHgesE5YAam2zN22T/1eImaEdahgbwrq7VuVa96fCq18kIQFFFDQzH5zsi + emyiySSBAoGBAPKIe4Teu1xG+amodjFV6KEpjGQxmOyG0R8L7rG+LqT+ObVtmsvw + 2oCtgsYJSmmgFcTsDAGz59e/t61rlj8VKSYbIZVw4N7ORWqHZk4mZGF0obuFaSYz + AyVjb4F4QIe0ZHe0kkIRnIyl9jga+LOHeScHqZO1LTwpRUMgRtESGa/5AoGBAPCR + GrHGsbV2B0zn2hwFueQjCik+2myJ2wFCmNGZkIYZpcTY0Yb2O4+s8VsKMBYQIcRL + PjUJRh893e3Mk7hKnDQ24DkN+DBwZag2ZBqOPeq8K2mO+G9gH3Olqn57YCWbm5BH + dCyK7150h+B6ohaT3FvvF3aw3/A6spRkKdie5xj5AoGBAJXGY0Eyq1HZIuT6+8KL + 4xVjqydU2bN3rj0WCVoKsJODy++WuDmpi8ZbYJ8brbB9A/SQMPn8N/islKmr/yUF + 1FuL9blr8/KkP4oCA9PPMb5dYGOFh+HnLtIwDfROZstnQ4QJJylV5u+UrfEH9v4n + c1H/EWH+SOkWM4e4rwL9wo9BAoGBAM8Y6/Uti2EfOcuwMWk8WLqYm6/ERz93Mg2U + qoCOhgeb3sRmr4JTShU3GhR44cqsmpUk/WmlETPmC78jBex6dpzQvRkA+K+iozE7 + mdPurkj9MxZNmXwwMQNbFDqMtcnKexKrIM0T0lvrT+olSJLNOb//RaDNRgvGTGRJ + EmlE6sfpAoGAaFy8xWaO0A6geRMg+z9ZKWbeVRC4fVPP249MGeM0FIiiVpMcmZ3Q + rES9kUc5z8AJboF1454CVsg/niRDZTnLSPkSaa2g5KjmE8JleSlsYHqKFyxK75Ae + o4sORykMSWETefBQWw5XsnfBu18oMzXkcRJIXN+q0I75wNEioiXLSNc= + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: calico-etcd-pod15-node2-peer + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEogIBAAKCAQEA5jO2dA0/98tgDrwtgiy1gC24wC0s3xP/dmiWY6t0ma5Ts9R6 + lWRKjn3bVdI1QQr93F1RghCztc796WNGWJnDY79mV+b+91mj67mqlYLy6/piiq5Z + KLbTqph+LuEWv7mquV5sH358S0qjDxlxmNvtWvF/hSX5LVC6Roj63kAcsloxWlKT + DevJeyESrHRaRyJO3uHZWD7Tu1pqiXQ9pprDhylC3QMXdUj2Bj9kPy/2zholCXfG + RLjbPhkBP8ppGZyOIj+BAFo1iN5mU1Bc6N+/cDUe7dOzZnTkJgqiiCSKBi4cT7x3 + WFvvcNb1EYv+IiWNsSDFC9gvWOhyHdL9ta0v9wIDAQABAoIBABg+Xfq+4nvASW+D + 1e8dske7iPeESnN78a2QujXo+rCssVgBCp/tHgT/sDfLmZwuAipREaJ3C9Yb5JXN + xLzUBMXehHLBexylriPHO/XfAqJjjjk4v18QUh5nTPK29eRfM2GuVgjDE2gChkWy + 0knc75RiVqG5LBLfq55+Ep2RdvQ5ZE28jE+M0b+u+EL54rUTcWZqu6JQ367JlEtJ + Eklh4YKC+v3SV7W/NQNKizSicntM9cob39/A2ByKxelqxMK3dbYlo/HHw88tzd3X + ZCBHciFXpB8P6TOvMvWbVgB0Iw6VOwMo98Y7Da4njJ+I1Dp0EoDpG8BudtGc/KpO + 4Rx2fsECgYEA69a7f/jv/Hgfj/DXo4JLMo4l8ZrMFhjn6d3MdVrfUzE5nwyYcCb4 + /DEaNLE79uQ2L23MllPznFQGXcbmX6yqJhn7ksgq2ARCVLWw1wOVfDacLEkEXun4 + S+UAh0KNdT3hVchMsJ573iN648Ls7Iky8o5SF62EIIFdp1kyKzOH+bECgYEA+eGe + 3KESAc9sVXv1hVQUN+qB0b5RzeSR/VZezcS3QGZi3K53Wx5IdJWWlzdldK870uz7 + 5bLgZrLGXP4rZIoXji0VV1sinw8x4F9WmprA8AnVRvZChiDulnGeCevTVaoY8A5f + kfBLMFbiKKJRe9oRWxS6LbgnbbeTwfd1mJjcBicCgYBCvhN0JQwtxAUSpFMyh+Ym + GYptdKR7QHMpgUaik6QOFCk9dMATRURDgtXqwZm5xl37UDSM+pc/z5u5oFeEDgZd + IA9NO+68EYCAHqc8QlxkucO62LMu9UH6oIVkwhXsbyW9NCFX/pIJjLrziC+qxS0w + 7cwXvVheJp5NhPWouj2qEQKBgFwSekqpPs1T9IL7Ddh2xoxj6Dm0esf2tKQ4Mu52 + 0V71WvAdiPUWD3SFuds2GjgIaW6qy5YzduPgc57IOIzvJQbKLdbmSbd6DdKyzmJh + Kz5HIULoclKhx8e/TZAySMiDyHSLl0Na2xmQqfx28rdD/qkk1gUKmdyfi94opDf5 + +vh5AoGALpHGKbOsezTQ5Q7i5sfJdWZINNy2VfMsemsrsFo2glUIdphMRl9+6J5C + SgOQUweMO4UrFStviYjMQ/OYjhAHVT1kDqBTfvjUXgndojjf55LeZYkTX36PZ8at + GyFXzTpJ5kretXahQF47L8bTSvkAcYvnFKsmq95pd52G+oYgKEE= + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: calico-etcd-pod15-node3-peer + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEpAIBAAKCAQEAsHi7aYU3sxlIsVQDmhvZXt2gmTuKs07xIqY+iSoFaameLZj1 + vz4yHXphsahvly6Fh/HUeWA8P8idCjcMKWETam5NtES1vrolZnxqE50w2fVzbFMX + xWr3nQeFWZNYqYJUSciVEzni9XmNm2BU8Lb+Lj0caITkZwb8x2hXVtlpic9fQPQg + jElYB30fe4mvvDe3dd9jxa6amfLPAdnY2Q9leIoPx2QiFmx5zhx1yImnq+gDVZi6 + Fl1pncl80SNt6K+/Ls4/S9KxDmh3bkVFqcv0/xp3ivAhdKsT+XfXh17gsv2rJTT1 + a7wM9smPZih/Fwbpj52Ivy2oSBDqCJ8C6BHq/wIDAQABAoIBAGI4EDc+yi2ImQj5 + dbfEYEuIluYyWZRLD7L1TEETfke8/CjsxXpXp5T4lH9I/DLs1a1AT73ubhoiEiWp + Vb+CJEhMdDstMuqguEg+Xtvj1Vi6YC+eX9ClJIPlt7aPZ/2QaFFYroAw670slkAw + cZY4g2hA4xrZPDaLkQ17aYERKMhmEbzLOFDDj/jzq9Elx/MAewOjs5te5JYpPHii + gLMjfy3CNaejGi26+mcHe/eGHeRpW8Fgg/0EGk7ESYb8nhVB4oljTLny9jWlIlXd + V87nMlhqCtky0UUYAu2MjRKys0IfPL/npCZ2be/NtJNn9is7cmQnXq6YhPZF4ewo + J3Xh8iECgYEA43u8ETzt3qGRq3aGQPLnmeTKFmf2qv3IepSl5dbZ+bZ3YTSkyZ9x + 4BI5fq+6Yv35/AfUraLY1IXblYX8Bq54TuhW+e6x2efcsHe9O+aT4ttrb83SZXmB + 9QK/szlk4GT802xCX+b3olD7jkZym7Y/oXPXgsdxdOfKh4d2NGu1EK0CgYEAxpf1 + SzfqwUMVVUYMRKSXEg5MhxApoglF9qYWJ3dNA6dWZhM7wOQ0LYaIvq034ynLVC1e + DIZTiw0aV2Upq26oWcP/IXMHEW0no9mz0hdyHhnwh8ISy+Y1gEhjV5mF9fCdN/at + jTG1XdSiJrv2Y7Tf4/lX5m164Ji11Y/+3ioZI9sCgYEAuu5MxuWImm+uYnXNMMXq + Z13Ias0Xt78/5OsNwGbjS/4S73/xAfXR/806Dc6dnQcTS3Wr4Nt2zn0IykAFr//i + wQTPpCXvZB7SDPj4OabqU3r3ODKr99L3ZbzShpZdPL//ukS17lS/nVRqwqlFOIt0 + klm8+KynoOdwWBqKmd0ANykCgYAw/8lL9836RTz8Pz5DqYCEufZz1K8RBcy3YJ9S + uYLNBfqxUMmLfELLgMg4k7CYYfWDHXZ5DKOMSX1YVuODIthy3YMTk7gIuq/vI4XU + rmg/uRK5zE6q9G/66OFp+b0tw2JnLnv/vGYNcqtXd0UBsN0U+K6Rci3BQKyMtuyh + kC2HxQKBgQCEEUFt6EMqgXucPbIu7aw3XoocU0oyVpl3LTVQYGdB6VSR0KcqrsZD + ElIwqL9eCeZ5erKkJqvahBPUp5Py/WRkHGo/ARd9THbaE+MXHGZw8DDSUkrYryQm + nGXgNPr/exxw13gBTmy3T8sYkG8HuUL2ak/FsUNZH7NJJDV/3zWGoA== + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: calico-node-peer + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +--- +data: | + -----BEGIN PUBLIC KEY----- + MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7X883U0mWqIjFAppzE7 + vgLzK5XUkHLi6bxqtZ00o6yDC1hrLT1w1dAHfhipQssnnkw5NffApHx39FE8Jkkc + j+Vnc8VM53t6wAvpQuTLQDS4UQF2Hn5zJf8D5Ag7qaG7M5tWcVUvDJbGNnXDBPPu + pvQWkGQVHVA4Gfb/n3mH7yGGEwi2bo/uYjA/t33Amhom1QO4h1yz4fR5MBFouK0p + SdOCsgzU9r+whxsMJXNZnbXzXn/G0nfEclIzcHU1kpGoTuvTsFJUWYibnz58wh9/ + 8aW4gTSbcnwnemwZXi71XYoRh6BlDtPl2yCm8BKR3jr8DgWvWKRb5Mxya+/393Xh + GQIDAQAB + -----END PUBLIC KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: service-account + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/PublicKey/v1 +--- +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIEpAIBAAKCAQEAp7X883U0mWqIjFAppzE7vgLzK5XUkHLi6bxqtZ00o6yDC1hr + LT1w1dAHfhipQssnnkw5NffApHx39FE8Jkkcj+Vnc8VM53t6wAvpQuTLQDS4UQF2 + Hn5zJf8D5Ag7qaG7M5tWcVUvDJbGNnXDBPPupvQWkGQVHVA4Gfb/n3mH7yGGEwi2 + bo/uYjA/t33Amhom1QO4h1yz4fR5MBFouK0pSdOCsgzU9r+whxsMJXNZnbXzXn/G + 0nfEclIzcHU1kpGoTuvTsFJUWYibnz58wh9/8aW4gTSbcnwnemwZXi71XYoRh6Bl + DtPl2yCm8BKR3jr8DgWvWKRb5Mxya+/393XhGQIDAQABAoIBAQCZpieqvLSF4Y5c + Toz6uiZrvLQgOFLYTAkL7y0sWmyBj2k3mbgHaITZvo8+vUVFBm6znk3D3cnGaKpV + UZ9zzAO46YlQDXCZmw0oqUD5ojd8CVDcFiSrZ1oDc5GS9uACV0P00dnuVwaV2ASc + nGMhRIJevr11Z9vYUUg0sZAcAPHC6E3zQfscau/IKu2lO6G52nF13gVl9731Zeat + V7J/WdtbgvRApuhlP7wFFy7mvqHvOJXnXlaSvd0cQ6zANhVJRAHmunYLy6kBHBmE + TiG7n+TMYdmDAYXgBeeWgOoM9JSg5KBdmGyuM98/LxYGM50k3waaxSZ2O6veu9zG + gZ/6e4vpAoGBANPtvE6TZPSoMi7nTTpJsXY/Wd8f9R+et82n2zlnnW9oXxvqUIRf + soHtBlD3smhxknRgH812FkM5oPYtIzA58ulpqtqnKGwSdNcXIuUBss52O8NinZY0 + wk/1zG+SXI+/sm8pd/yWw9g+F5mcekq4fkQmCYmQfimuzXkIWsBYkroDAoGBAMqW + RO8kHFmnmIxXBv4ILnNocfA9gTrSoj05rnslYfyPD91n84iWrPzq/fRhbnZnknmU + N3pVKAW+owdEp9eoyfLoyFdmBPjPFX7/cPOXqCcdq3lDsCWYixaGZ1z9otMVp6vF + xT4AAxo6uwEk258NzwU1Jm31x0/MlPSe4WYPapuzAoGACo4Mkt1Eaer2lN9wOTby + X7FICJTO4IRHIzb49CL09Fd+ZSWGXRFnEpF7fwzXFdySLrma2+DFuxNjsN8OoZhB + QN7CY6FvofJJX20Hj+BFx4Kb918x+gkmpFTZmbTwZzhk6qRmFW5s0phFFKF2dcI6 + h6pdTzyjC/Boy15fJrVCmYECgYEAo22IHLcv26+VI5nNPT9SYa2fROQJDXAAi42t + 0RA+NOUgMkd6sfSDhuD3j57N4tz4z/Wer6RkzgWVNPbQw+wZRkk93Sui1SkRuUrO + TuRINY38162gOyQNCFXSqrS+FrUAd1TrInIWDqHUXD7koTIdkKDo6In+iMSMYa6O + PKwxH3sCgYB4OHoRKVQNU4RuR68xvQY/ggy5cmtEhZzNHlbpchAiw+4JhbQ76q/W + Iyo0raU0OOg0hvb2ideRZre5lWJZqT9QT31ZXC+3xr89ZYvmjOjFI2WuOCLRsXXy + pxmNrG6xskY+azT3rC5ouh1r9vz1E0oCJq4H6aVUBqZ1AkQI49AM0g== + -----END RSA PRIVATE KEY----- +metadata: + layeringDefinition: + abstract: false + layer: site + name: service-account + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: deckhand/PrivateKey/v1 diff --git a/site/intel-pod15/secrets/ingress.yaml b/site/intel-pod15/secrets/ingress.yaml new file mode 100644 index 0000000..b799fdb --- /dev/null +++ b/site/intel-pod15/secrets/ingress.yaml @@ -0,0 +1,135 @@ +--- +# Example manifest for ingress cert. +# NEWSITE-CHANGEME: must be replaced with proper/valid set, +# self-signed certs are not supported. +metadata: + layeringDefinition: + abstract: false + layer: site + name: ingress-crt + schema: metadata/Document/v1 + labels: + name: ingress-crt-site + storagePolicy: cleartext +schema: deckhand/Certificate/v1 +data: | + -----BEGIN CERTIFICATE----- + MIIFKzCCA5OgAwIBAgIMW2h6FCcFdKeaw3vnMA0GCSqGSIb3DQEBCwUAMBIxEDAO + BgNVBAMTB0FpcnNoaXAwHhcNMTgwODA2MTY0MDUyWhcNMTkwODA2MTY0MDUyWjBJ + MTUwMwYDVQQDEyxpbmdyZXNzLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3Vu + ZHJ5LmNvbTEQMA4GA1UEChMHQWlyc2hpcDCCAaIwDQYJKoZIhvcNAQEBBQADggGP + ADCCAYoCggGBALvNHm/G/ylh6aPcvrhOcb4qz1BjcNtnxH8bzZng/rMeX3W2AzjC + r2JloJcDvOLBp/TkLOZPImnFW2/GCwktxPgXZuBTPzFV50g77KsPFw0fn3Si7+bs + F22tLhdOGk6MQj/WW4pKGHqdw1/VbPwOHBT+I4/scR1L2SZxYtSFIKGenHJH+PMV + bCdwnNOR80F8KRzK5iZs/r6S/QqVheieARSWWnk2+TtkM1BloGOhLSd+ZkWh9VO1 + eOnZowkaDAJwD/G6zoSr5n+beaXzDnEcoVXFSwd4FLoV+om77o92XmZ4rVw0vTMO + k6jVwmkdT+dM2K2hLUG/TXWoV2/Qms70gzDOs85RtAkTPe4Ohtdpr51Q0hd35TKG + YLKzX/OPblD68iYJYSBvMPpAVTbFYVPW1AQx8wWfannYbMoeL8XTEOKfkqm90YP9 + EhIdtmw4D7GZxlzG5FXXutmT9sqLfqlRu/RynAhBP8NQvw74WumhOe8r7GhCwgzC + gaPLGjeekoS6LQIDAQABo4IBSDCCAUQwDAYDVR0TAQH/BAIwADCBzQYDVR0RBIHF + MIHCgixpbmdyZXNzLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3VuZHJ5LmNv + bYIta2V5c3RvbmUuYWlyc2hpcC1zZWF3b3J0aHkuYXRsYW50YWZvdW5kcnkuY29t + gilub3ZhLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3VuZHJ5LmNvbYIsaG9y + aXpvbi5haXJzaGlwLXNlYXdvcnRoeS5hdGxhbnRhZm91bmRyeS5jb22HBAoXFQuH + BAoXFgswEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0PAQH/BAUDAwegADAdBgNV + HQ4EFgQUfTAjNgn/1U1Uh1MJDYT2m4dzhsYwHwYDVR0jBBgwFoAUJFuXPZo6RzfE + BlJjnnk5jhcP4wIwDQYJKoZIhvcNAQELBQADggGBAE2ISWmrxqrledJI3aLaS9Yw + WsZc8O8CnIyLoxrE85vUubFjuI9ixC/6dJxl2iB1n0H8JgmFREox32Q4+kDJI8V/ + X9x0PFpRzL7QEPrLZhW94Yis3sOphLW0rf0t06ZepdHHeodYJu1pVMDmLq6bKXdX + vo+/WwKnZBXC1qPbXJByv/CN9MtViXOnBGORFRTJPb6U8379LNWclJ/LW12yTwNk + JGIbZU61Vxu+2nLIabmmRoODH2jomgMOMMzLgjT3Hvw3whe8GrUoxDiPYQVTDGNm + ly6m+5B1Nx06fkZazonozeaOhSQ7RblUSbo+w8TJmLRzD9ft7p4vpjBGxRADMcuF + DOjATgdZeisBUHTGEO0P6wJOBQuCFMX9AVl+u8ZpcuRaRaN+pBE6/BqcHBB6qV/N + w2DdNtP8BrJ3kJVNEDIo5oTbH5SToxgA4hWBV42M1rB+5vIMDKN3rwVDdNKWYhYc + VZpU3V9V6JzSW1O2w4Wu9PdbWJD9oSvC0qJgnjOXzg== + -----END CERTIFICATE----- +... +--- +metadata: + layeringDefinition: + abstract: false + layer: site + name: ingress-ca + schema: metadata/Document/v1 + labels: + name: ingress-ca-site + storagePolicy: cleartext +schema: deckhand/CertificateAuthority/v1 +data: | + -----BEGIN CERTIFICATE----- + MIID7TCCAlWgAwIBAgIMW2h3tgSwie0Ypx8eMA0GCSqGSIb3DQEBCwUAMBIxEDAO + BgNVBAMTB0FpcnNoaXAwHhcNMTgwODA2MTYzMDQ2WhcNMTkwODA2MTYzMDQ2WjAS + MRAwDgYDVQQDEwdBaXJzaGlwMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKC + AYEAny0Nqu9U2tXdCCTNzD2T62htMmBLg3CmzWajfbfFl7ALqzo3HgbbY3PxTHDE + OJ/lwdm0HkEaGfEDXhJd06WZsa8+fKGqhKXvZXwXx5mJ8LCGxz6xiaxwo9lnKe6V + o3YX7bJ5YIVxQ2jhvZo+dY8Z/buloi2Tp2HbqTejKULH9+qdiQTDXAnyR0NLqzJ0 + YQ4v4yU3zix3nBi8z29lQekGO9quNEka3nw2n0Gxmq5z1bNALGCF5F759mVkB0uT + fPGF+zm9eqlqAgduYg7R+JYUumVHvIoRY454GtAdZHTJHJZP0gQSGJsLff8ROFpI + GVYsOZhJXU9Ihc5VBC5PMErbmCn0YkuxAWNOYBstZ8l+uY6YiPoFV5Ulc/8M0If+ + T6jbqzWoFC+4ysgY95RKOw53S4o/T6AFwiIKIw0xp3UfHCf6kr5Y0+XdDn5CXpJB + d1KK3PoUWzPSsxcUMXvgKWT4x1vsCId21dn1SmVSOEBhM08VZfjd5bvL9Xjt/E0j + mUqDAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcEADAd + BgNVHQ4EFgQUJFuXPZo6RzfEBlJjnnk5jhcP4wIwDQYJKoZIhvcNAQELBQADggGB + AJaoEtnDoWUUs4nSSqIGcoCfpIO0oqVp8DvkBOcxz5Rz8vMVJSC24/UnuCD2Wknx + 2V/E3edXIeRo7duhPtNCT7c8OKY/pJsZQTgOczn4rphoD1pmAIPZmpG6ssPadPiM + EP8xWJHZt8NXG7D5kJX2COvBvgNeWXL6MF7Tv8+t5xzt59Vitdb/7lm9Z6jjpvN+ + zoG0pKx3XYESsnLAVAf00F+kWwds/3x3gQywUAQUDER0jliYUE5id+sojp357Cl9 + XtY+8zSnTduuP8CfMhwv5p6j9xbqacfT7AzpQ6cy4xcQ7MA6JBQcxbaq4NtvIf6+ + d/5N9d8LGnfXdCd9iwNy9Qk23Ea0SNhnk9F/NqGBPakU4TbHh4iTYMC/+hDGInpO + TIRelTidNBFNaIBg3Z0vsh0lDwbt/xhpXip+ZVBqKMTtktEceiVGru9cYUQA2tKI + XNoc5s0uQGMpdFzgED4lXZf+n7yGVMKohvi7Yn96HqujGIrVH6qThsI6m7pUSz40 + +g== + -----END CERTIFICATE----- +... +--- +metadata: + layeringDefinition: + abstract: false + layer: site + name: ingress-key + schema: metadata/Document/v1 + labels: + name: ingress-key-site + storagePolicy: cleartext +schema: deckhand/CertificateKey/v1 +data: | + -----BEGIN RSA PRIVATE KEY----- + MIIG4wIBAAKCAYEAu80eb8b/KWHpo9y+uE5xvirPUGNw22fEfxvNmeD+sx5fdbYD + OMKvYmWglwO84sGn9OQs5k8iacVbb8YLCS3E+Bdm4FM/MVXnSDvsqw8XDR+fdKLv + 5uwXba0uF04aToxCP9ZbikoYep3DX9Vs/A4cFP4jj+xxHUvZJnFi1IUgoZ6cckf4 + 8xVsJ3Cc05HzQXwpHMrmJmz+vpL9CpWF6J4BFJZaeTb5O2QzUGWgY6EtJ35mRaH1 + U7V46dmjCRoMAnAP8brOhKvmf5t5pfMOcRyhVcVLB3gUuhX6ibvuj3ZeZnitXDS9 + Mw6TqNXCaR1P50zYraEtQb9NdahXb9CazvSDMM6zzlG0CRM97g6G12mvnVDSF3fl + MoZgsrNf849uUPryJglhIG8w+kBVNsVhU9bUBDHzBZ9qedhsyh4vxdMQ4p+Sqb3R + g/0SEh22bDgPsZnGXMbkVde62ZP2yot+qVG79HKcCEE/w1C/Dvha6aE57yvsaELC + DMKBo8saN56ShLotAgMBAAECggGAYzZDhA1+sx/0zApL/xYB5NK83t0Ju/8fwX6w + qUBBjeLXz1mubgf7m2HQ6ragzLI9xpPcXHcl2PbYDT50ig7R5baHNK8FzUxyeKif + qOa56Mbx+C4zyqyi2+AHX2x1XVWfkhXuGip2sCA0HKalgqr5juWLZ/ci8rUlLLft + 3BPQX1FpmL4I+HIyxsspLmQGPGwZVAqkd1xRX+BLKZJAQdlm/LdJaIvwMr4Glcx6 + ZOe68QhHgzXCYsyV6gR9qstF2OvVuLa2mUc7EzYInFIFhXUdAAwmDqkuuLRdRQhf + Ur8nqQW33T0cG0GBUzgBI5YmSPJvTSzcPmeSyNVx2/Yb0pkuXtCw67oDcAsN4nW8 + uls49E2RaiLJYsy5vPsX5aJNcAxw/CWLdadQ3ukviD/MDJbpTl4F52GOVYL6K4XH + g5TJjj7xzjmK3ldR/Kscg7HpCitQLGUYdgIsAFdspXf4aSIa68IjDrc5NsJZuMzc + PbVHrw7QYNfHY7VNdUlOVqH5lS3BAoHBANRqKrQXtnJmM006TCEJXdcN/5M685jz + +L4Ox0Rhrq8ROgcN5q/hjKb6kP/MccQ9voGQOl9TKEyinGNdTtyc/fuH7RNlQwpS + HT+vEzVEcrSe8UFs8c6oJnHFO72ylFcibFf56LvbI3L8BZXp7gPSPQkp5f1NWEZk + X5bUL4UNiOm0diltba/ofxywF0M9WGD00eqi0Q29JRlvun+355j06CENxRoonNZC + wk1evIxhhckP9zLjI2Ykb1hV6yzwPWtmyQKBwQDiVgru/B396KhzDhLl5AL+pBWA + GsfiCbmPLh6W6V5VzldB4+GlMRrJ4zSjZQ3/nvX5KepqjMn1N6LQpZQUI/YShCKE + mW0XMiAfbp2d23MRMjLD8L/bIoBHQOPkCaMjbmyDOlCagWakEvHJO/TieVgTmYk6 + mtEYVjJFWI9OCNMAHdl8ovWr3p+8YbVZ8LLv5ZO/V1cIjczoNQ6p8LG/pPMTDLXM + ScN9a8z3f8LQLBHBlu0155xvt95PQLAon/x21kUCgcAvPVk36hoiQQZhw3hQ1JNx + E2TmanLobkHAiurYE11VA+DC1t2Z+fBc5la+/MnEWfL3P4srzgOlX3imRIcYWzXE + 7crUyG1ray2kDxyXeRyFfN+srDzut8is/q81lfSVmEs+GY8f0DGHDfN0Dq1nXidC + 1XWXqs7aANKdaZ0T2xm61+57ciG1wGAckjDqPEdecLQKmaEijBEnIgj5BH5WLwk8 + 6KIQGj4fDIPHzyzhj4LAX3ObdpZVzf6RR7JgsSEHtLkCgcBROW2dDC87MqZY++D+ + TVBhz8LDgVjgHntQDc3+fGtVQcKAq+YLYU7qyrXWOWrHpGVDcK5mZHYJoVi1peY5 + QBqL1I2KpoDGxT9P6GN6BgoKTsh3FsvTOVNtvrTJ3keEbJlWkrPgbrXGBeJtRC4C + pGdeSUg9FtgY8r4BsuFisLoAHbYyC008y5zpfusVBtNAUlQuY4qhUDoLzxafF/jB + /NEasgH/+SzFss0QuPHRwS7yGVaxdJfoY8TNDjrpqVhx0T0CgcEAvKG4UoWvT8gJ + pIeeAxxnv9yrMxgpntu4RXPDHgfX5tva6EaM3r3nLXjd9FVtlQ4cNBMhp9HNhS3a + dK+oEDcBysVxxfltlS2Bx0+gQf3WxgBCJwayKe3i/XCDza92EENgxTPmqB1LHiq5 + 2b5aOl2Y5fP0eX6UryxRc443c/ejMHw4lGwnno0qpRk9M9Ucqv5J96QCfAlBSQQS + gOG9cypL0kBWzCejn9W4av8HkM8Noqd7Tqul1onv/46OBaX51kt3 + -----END RSA PRIVATE KEY----- +... diff --git a/site/intel-pod15/secrets/passphrases/apiserver-encryption-key-key1.yaml b/site/intel-pod15/secrets/passphrases/apiserver-encryption-key-key1.yaml new file mode 100644 index 0000000..e21876e --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/apiserver-encryption-key-key1.yaml @@ -0,0 +1,13 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: apiserver-encryption-key-key1 + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +# https://kubernetes.io/docs/tasks/administer-cluster/encrypt-data/ +# use head -c 32 /dev/urandom | base64 +data: n9VBwseT/JjV7r9vbUR/MvCobe01Bdh9XtWgsNF5zLY= +... diff --git a/site/intel-pod15/secrets/passphrases/cedric_crypt_password.yaml b/site/intel-pod15/secrets/passphrases/cedric_crypt_password.yaml new file mode 100644 index 0000000..ddf1fb6 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/cedric_crypt_password.yaml @@ -0,0 +1,12 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: cedric_crypt_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +# Pass: password123 +data: $6$qgvZ3LC9.t59Akqy$HAJfJpdrN8Ld9ssGyjFPzyJ3WUGN.ucqhSyA25LFjBrSYboVFgX8wLomRwlf5YIn1siaXHSh4JaPJED3BO36J1 +... diff --git a/site/intel-pod15/secrets/passphrases/ceph_fsid.yaml b/site/intel-pod15/secrets/passphrases/ceph_fsid.yaml new file mode 100644 index 0000000..7201502 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/ceph_fsid.yaml @@ -0,0 +1,12 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ceph_fsid + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +# uuidgen +data: 7b7576f4-3358-4668-9112-100440079807 +... diff --git a/site/intel-pod15/secrets/passphrases/ceph_swift_keystone_password.yaml b/site/intel-pod15/secrets/passphrases/ceph_swift_keystone_password.yaml new file mode 100644 index 0000000..9a9af1f --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/ceph_swift_keystone_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ceph_swift_keystone_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/ipmi_admin_password.yaml b/site/intel-pod15/secrets/passphrases/ipmi_admin_password.yaml new file mode 100644 index 0000000..0b49b62 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/ipmi_admin_password.yaml @@ -0,0 +1,13 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ipmi_admin_password + layeringDefinition: + abstract: false + layer: site + labels: + name: ipmi-admin-password-site + storagePolicy: cleartext +data: root +... diff --git a/site/intel-pod15/secrets/passphrases/maas-region-key.yaml b/site/intel-pod15/secrets/passphrases/maas-region-key.yaml new file mode 100644 index 0000000..73d4a69 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/maas-region-key.yaml @@ -0,0 +1,12 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: maas-region-key + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +# openssl rand -hex 10 +data: 9026f6048d6a017dc913 +... diff --git a/site/intel-pod15/secrets/passphrases/mfix_crypt_password.yaml b/site/intel-pod15/secrets/passphrases/mfix_crypt_password.yaml new file mode 100644 index 0000000..6c2f681 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/mfix_crypt_password.yaml @@ -0,0 +1,12 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: mfix_crypt_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +# Pass: password123 +data: $6$qgvZ3LC9.t59Akqy$HAJfJpdrN8Ld9ssGyjFPzyJ3WUGN.ucqhSyA25LFjBrSYboVFgX8wLomRwlf5YIn1siaXHSh4JaPJED3BO36J1 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_barbican_oslo_db_password.yaml b/site/intel-pod15/secrets/passphrases/osh_barbican_oslo_db_password.yaml new file mode 100644 index 0000000..c5f866c --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_barbican_oslo_db_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_barbican_oslo_db_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_barbican_oslo_messaging_admin_password.yaml b/site/intel-pod15/secrets/passphrases/osh_barbican_oslo_messaging_admin_password.yaml new file mode 100644 index 0000000..bb19957 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_barbican_oslo_messaging_admin_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_barbican_oslo_messaging_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_barbican_oslo_messaging_password.yaml b/site/intel-pod15/secrets/passphrases/osh_barbican_oslo_messaging_password.yaml new file mode 100644 index 0000000..9bf0217 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_barbican_oslo_messaging_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_barbican_oslo_messaging_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_barbican_password.yaml b/site/intel-pod15/secrets/passphrases/osh_barbican_password.yaml new file mode 100644 index 0000000..5122192 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_barbican_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_barbican_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_barbican_rabbitmq_erlang_cookie.yaml b/site/intel-pod15/secrets/passphrases/osh_barbican_rabbitmq_erlang_cookie.yaml new file mode 100644 index 0000000..32f8dae --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_barbican_rabbitmq_erlang_cookie.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_barbican_rabbitmq_erlang_cookie + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_cinder_oslo_db_password.yaml b/site/intel-pod15/secrets/passphrases/osh_cinder_oslo_db_password.yaml new file mode 100644 index 0000000..b22f898 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_cinder_oslo_db_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_cinder_oslo_db_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_cinder_oslo_messaging_admin_password.yaml b/site/intel-pod15/secrets/passphrases/osh_cinder_oslo_messaging_admin_password.yaml new file mode 100644 index 0000000..040e657 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_cinder_oslo_messaging_admin_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_cinder_oslo_messaging_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_cinder_oslo_messaging_password.yaml b/site/intel-pod15/secrets/passphrases/osh_cinder_oslo_messaging_password.yaml new file mode 100644 index 0000000..5d76ba7 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_cinder_oslo_messaging_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_cinder_oslo_messaging_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_cinder_password.yaml b/site/intel-pod15/secrets/passphrases/osh_cinder_password.yaml new file mode 100644 index 0000000..26565db --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_cinder_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_cinder_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_cinder_rabbitmq_erlang_cookie.yaml b/site/intel-pod15/secrets/passphrases/osh_cinder_rabbitmq_erlang_cookie.yaml new file mode 100644 index 0000000..b1ac8ff --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_cinder_rabbitmq_erlang_cookie.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_cinder_rabbitmq_erlang_cookie + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_glance_oslo_db_password.yaml b/site/intel-pod15/secrets/passphrases/osh_glance_oslo_db_password.yaml new file mode 100644 index 0000000..0739069 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_glance_oslo_db_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_glance_oslo_db_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_glance_oslo_messaging_admin_password.yaml b/site/intel-pod15/secrets/passphrases/osh_glance_oslo_messaging_admin_password.yaml new file mode 100644 index 0000000..57db752 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_glance_oslo_messaging_admin_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_glance_oslo_messaging_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_glance_oslo_messaging_password.yaml b/site/intel-pod15/secrets/passphrases/osh_glance_oslo_messaging_password.yaml new file mode 100644 index 0000000..d103c27 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_glance_oslo_messaging_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_glance_oslo_messaging_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_glance_password.yaml b/site/intel-pod15/secrets/passphrases/osh_glance_password.yaml new file mode 100644 index 0000000..93ae0f2 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_glance_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_glance_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_glance_rabbitmq_erlang_cookie.yaml b/site/intel-pod15/secrets/passphrases/osh_glance_rabbitmq_erlang_cookie.yaml new file mode 100644 index 0000000..496fae3 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_glance_rabbitmq_erlang_cookie.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_glance_rabbitmq_erlang_cookie + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_heat_oslo_db_password.yaml b/site/intel-pod15/secrets/passphrases/osh_heat_oslo_db_password.yaml new file mode 100644 index 0000000..3352d4c --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_heat_oslo_db_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_heat_oslo_db_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_heat_oslo_messaging_admin_password.yaml b/site/intel-pod15/secrets/passphrases/osh_heat_oslo_messaging_admin_password.yaml new file mode 100644 index 0000000..074e688 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_heat_oslo_messaging_admin_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_heat_oslo_messaging_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_heat_oslo_messaging_password.yaml b/site/intel-pod15/secrets/passphrases/osh_heat_oslo_messaging_password.yaml new file mode 100644 index 0000000..39f1327 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_heat_oslo_messaging_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_heat_oslo_messaging_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_heat_password.yaml b/site/intel-pod15/secrets/passphrases/osh_heat_password.yaml new file mode 100644 index 0000000..5777ebb --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_heat_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_heat_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_heat_rabbitmq_erlang_cookie.yaml b/site/intel-pod15/secrets/passphrases/osh_heat_rabbitmq_erlang_cookie.yaml new file mode 100644 index 0000000..74e2a99 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_heat_rabbitmq_erlang_cookie.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_heat_rabbitmq_erlang_cookie + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_heat_stack_user_password.yaml b/site/intel-pod15/secrets/passphrases/osh_heat_stack_user_password.yaml new file mode 100644 index 0000000..36db28b --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_heat_stack_user_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_heat_stack_user_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_heat_trustee_password.yaml b/site/intel-pod15/secrets/passphrases/osh_heat_trustee_password.yaml new file mode 100644 index 0000000..58129ef --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_heat_trustee_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_heat_trustee_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_horizon_oslo_db_password.yaml b/site/intel-pod15/secrets/passphrases/osh_horizon_oslo_db_password.yaml new file mode 100644 index 0000000..7c78d45 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_horizon_oslo_db_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_horizon_oslo_db_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_infra_elasticsearch_admin_password.yaml b/site/intel-pod15/secrets/passphrases/osh_infra_elasticsearch_admin_password.yaml new file mode 100644 index 0000000..78c265e --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_infra_elasticsearch_admin_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_infra_elasticsearch_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_infra_grafana_admin_password.yaml b/site/intel-pod15/secrets/passphrases/osh_infra_grafana_admin_password.yaml new file mode 100644 index 0000000..9232de7 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_infra_grafana_admin_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_infra_grafana_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_infra_grafana_oslo_db_password.yaml b/site/intel-pod15/secrets/passphrases/osh_infra_grafana_oslo_db_password.yaml new file mode 100644 index 0000000..6d5f49e --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_infra_grafana_oslo_db_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_infra_grafana_oslo_db_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_infra_grafana_oslo_db_session_password.yaml b/site/intel-pod15/secrets/passphrases/osh_infra_grafana_oslo_db_session_password.yaml new file mode 100644 index 0000000..bd4e573 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_infra_grafana_oslo_db_session_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_infra_grafana_oslo_db_session_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_infra_nagios_admin_password.yaml b/site/intel-pod15/secrets/passphrases/osh_infra_nagios_admin_password.yaml new file mode 100644 index 0000000..52dbe16 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_infra_nagios_admin_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_infra_nagios_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_infra_openstack_exporter_password.yaml b/site/intel-pod15/secrets/passphrases/osh_infra_openstack_exporter_password.yaml new file mode 100644 index 0000000..64f78e1 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_infra_openstack_exporter_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_infra_openstack_exporter_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_infra_oslo_db_admin_password.yaml b/site/intel-pod15/secrets/passphrases/osh_infra_oslo_db_admin_password.yaml new file mode 100644 index 0000000..9c68e9d --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_infra_oslo_db_admin_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_infra_oslo_db_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_infra_oslo_db_exporter_password.yaml b/site/intel-pod15/secrets/passphrases/osh_infra_oslo_db_exporter_password.yaml new file mode 100644 index 0000000..f134f46 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_infra_oslo_db_exporter_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_infra_oslo_db_exporter_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_infra_prometheus_admin_password.yaml b/site/intel-pod15/secrets/passphrases/osh_infra_prometheus_admin_password.yaml new file mode 100644 index 0000000..b3df5f6 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_infra_prometheus_admin_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_infra_prometheus_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_infra_rgw_s3_admin_access_key.yaml b/site/intel-pod15/secrets/passphrases/osh_infra_rgw_s3_admin_access_key.yaml new file mode 100644 index 0000000..9f64719 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_infra_rgw_s3_admin_access_key.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_infra_rgw_s3_admin_access_key + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: admin_access_key +... diff --git a/site/intel-pod15/secrets/passphrases/osh_infra_rgw_s3_admin_secret_key.yaml b/site/intel-pod15/secrets/passphrases/osh_infra_rgw_s3_admin_secret_key.yaml new file mode 100644 index 0000000..3e06f91 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_infra_rgw_s3_admin_secret_key.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_infra_rgw_s3_admin_secret_key + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: admin_secret_key +... diff --git a/site/intel-pod15/secrets/passphrases/osh_infra_rgw_s3_elasticsearch_access_key.yaml b/site/intel-pod15/secrets/passphrases/osh_infra_rgw_s3_elasticsearch_access_key.yaml new file mode 100644 index 0000000..97c7d23 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_infra_rgw_s3_elasticsearch_access_key.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_infra_rgw_s3_elasticsearch_access_key + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: elastic_access_key +... diff --git a/site/intel-pod15/secrets/passphrases/osh_infra_rgw_s3_elasticsearch_secret_key.yaml b/site/intel-pod15/secrets/passphrases/osh_infra_rgw_s3_elasticsearch_secret_key.yaml new file mode 100644 index 0000000..60f0134 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_infra_rgw_s3_elasticsearch_secret_key.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_infra_rgw_s3_elasticsearch_secret_key + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: elastic_secret_key +... diff --git a/site/intel-pod15/secrets/passphrases/osh_keystone_admin_password.yaml b/site/intel-pod15/secrets/passphrases/osh_keystone_admin_password.yaml new file mode 100644 index 0000000..6c3f446 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_keystone_admin_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_keystone_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_keystone_ldap_password.yaml b/site/intel-pod15/secrets/passphrases/osh_keystone_ldap_password.yaml new file mode 100644 index 0000000..2edf0f2 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_keystone_ldap_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_keystone_ldap_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_keystone_oslo_db_password.yaml b/site/intel-pod15/secrets/passphrases/osh_keystone_oslo_db_password.yaml new file mode 100644 index 0000000..07b2206 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_keystone_oslo_db_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_keystone_oslo_db_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_keystone_oslo_messaging_admin_password.yaml b/site/intel-pod15/secrets/passphrases/osh_keystone_oslo_messaging_admin_password.yaml new file mode 100644 index 0000000..aec85c0 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_keystone_oslo_messaging_admin_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_keystone_oslo_messaging_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_keystone_oslo_messaging_password.yaml b/site/intel-pod15/secrets/passphrases/osh_keystone_oslo_messaging_password.yaml new file mode 100644 index 0000000..be716f4 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_keystone_oslo_messaging_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_keystone_oslo_messaging_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_keystone_rabbitmq_erlang_cookie.yaml b/site/intel-pod15/secrets/passphrases/osh_keystone_rabbitmq_erlang_cookie.yaml new file mode 100644 index 0000000..ee7e4bd --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_keystone_rabbitmq_erlang_cookie.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_keystone_rabbitmq_erlang_cookie + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_neutron_oslo_db_password.yaml b/site/intel-pod15/secrets/passphrases/osh_neutron_oslo_db_password.yaml new file mode 100644 index 0000000..4d0b157 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_neutron_oslo_db_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_neutron_oslo_db_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_neutron_oslo_messaging_admin_password.yaml b/site/intel-pod15/secrets/passphrases/osh_neutron_oslo_messaging_admin_password.yaml new file mode 100644 index 0000000..4ac42c9 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_neutron_oslo_messaging_admin_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_neutron_oslo_messaging_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_neutron_oslo_messaging_password.yaml b/site/intel-pod15/secrets/passphrases/osh_neutron_oslo_messaging_password.yaml new file mode 100644 index 0000000..6be02b9 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_neutron_oslo_messaging_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_neutron_oslo_messaging_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_neutron_password.yaml b/site/intel-pod15/secrets/passphrases/osh_neutron_password.yaml new file mode 100644 index 0000000..dd0b2b6 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_neutron_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_neutron_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_neutron_rabbitmq_erlang_cookie.yaml b/site/intel-pod15/secrets/passphrases/osh_neutron_rabbitmq_erlang_cookie.yaml new file mode 100644 index 0000000..9e8ff8d --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_neutron_rabbitmq_erlang_cookie.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_neutron_rabbitmq_erlang_cookie + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_nova_metadata_proxy_shared_secret.yaml b/site/intel-pod15/secrets/passphrases/osh_nova_metadata_proxy_shared_secret.yaml new file mode 100644 index 0000000..37d5c62 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_nova_metadata_proxy_shared_secret.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_nova_metadata_proxy_shared_secret + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_nova_oslo_db_password.yaml b/site/intel-pod15/secrets/passphrases/osh_nova_oslo_db_password.yaml new file mode 100644 index 0000000..2cd60f5 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_nova_oslo_db_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_nova_oslo_db_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_nova_oslo_messaging_admin_password.yaml b/site/intel-pod15/secrets/passphrases/osh_nova_oslo_messaging_admin_password.yaml new file mode 100644 index 0000000..487bcc5 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_nova_oslo_messaging_admin_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_nova_oslo_messaging_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_nova_oslo_messaging_password.yaml b/site/intel-pod15/secrets/passphrases/osh_nova_oslo_messaging_password.yaml new file mode 100644 index 0000000..13569ba --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_nova_oslo_messaging_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_nova_oslo_messaging_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_nova_password.yaml b/site/intel-pod15/secrets/passphrases/osh_nova_password.yaml new file mode 100644 index 0000000..4c2223d --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_nova_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_nova_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_nova_rabbitmq_erlang_cookie.yaml b/site/intel-pod15/secrets/passphrases/osh_nova_rabbitmq_erlang_cookie.yaml new file mode 100644 index 0000000..7a885e6 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_nova_rabbitmq_erlang_cookie.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_nova_rabbitmq_erlang_cookie + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_oslo_cache_secret_key.yaml b/site/intel-pod15/secrets/passphrases/osh_oslo_cache_secret_key.yaml new file mode 100644 index 0000000..11747a7 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_oslo_cache_secret_key.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_oslo_cache_secret_key + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_oslo_db_admin_password.yaml b/site/intel-pod15/secrets/passphrases/osh_oslo_db_admin_password.yaml new file mode 100644 index 0000000..48df9ee --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_oslo_db_admin_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_oslo_db_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_oslo_db_exporter_password.yaml b/site/intel-pod15/secrets/passphrases/osh_oslo_db_exporter_password.yaml new file mode 100644 index 0000000..61b4144 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_oslo_db_exporter_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_oslo_db_exporter_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_oslo_messaging_admin_password.yaml b/site/intel-pod15/secrets/passphrases/osh_oslo_messaging_admin_password.yaml new file mode 100644 index 0000000..e7d97e2 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_oslo_messaging_admin_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_oslo_messaging_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_placement_password.yaml b/site/intel-pod15/secrets/passphrases/osh_placement_password.yaml new file mode 100644 index 0000000..c72b59a --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_placement_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_placement_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_rabbitmq_erlang_cookie.yaml b/site/intel-pod15/secrets/passphrases/osh_rabbitmq_erlang_cookie.yaml new file mode 100644 index 0000000..a3b5a2b --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_rabbitmq_erlang_cookie.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_rabbitmq_erlang_cookie + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/osh_tempest_password.yaml b/site/intel-pod15/secrets/passphrases/osh_tempest_password.yaml new file mode 100644 index 0000000..af90ec0 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/osh_tempest_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: osh_tempest_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/sridhar_crypt_password.yaml b/site/intel-pod15/secrets/passphrases/sridhar_crypt_password.yaml new file mode 100644 index 0000000..8e7e839 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/sridhar_crypt_password.yaml @@ -0,0 +1,12 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: sridhar_crypt_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +# Pass: password123 +data: $6$qgvZ3LC9.t59Akqy$HAJfJpdrN8Ld9ssGyjFPzyJ3WUGN.ucqhSyA25LFjBrSYboVFgX8wLomRwlf5YIn1siaXHSh4JaPJED3BO36J1 +... diff --git a/site/intel-pod15/secrets/passphrases/tenant_ceph_fsid.yaml b/site/intel-pod15/secrets/passphrases/tenant_ceph_fsid.yaml new file mode 100644 index 0000000..18bd485 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/tenant_ceph_fsid.yaml @@ -0,0 +1,12 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: tenant_ceph_fsid + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +# uuidgen +data: 29d8953d-0bb6-4ba1-a48a-f9be1c0937a9 +... diff --git a/site/intel-pod15/secrets/passphrases/ucp_airflow_oslo_messaging_password.yaml b/site/intel-pod15/secrets/passphrases/ucp_airflow_oslo_messaging_password.yaml new file mode 100644 index 0000000..33c4125 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/ucp_airflow_oslo_messaging_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_airflow_oslo_messaging_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/ucp_airflow_postgres_password.yaml b/site/intel-pod15/secrets/passphrases/ucp_airflow_postgres_password.yaml new file mode 100644 index 0000000..8a1d648 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/ucp_airflow_postgres_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_airflow_postgres_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/ucp_armada_keystone_password.yaml b/site/intel-pod15/secrets/passphrases/ucp_armada_keystone_password.yaml new file mode 100644 index 0000000..866efcc --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/ucp_armada_keystone_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_armada_keystone_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/ucp_barbican_keystone_password.yaml b/site/intel-pod15/secrets/passphrases/ucp_barbican_keystone_password.yaml new file mode 100644 index 0000000..cb2da22 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/ucp_barbican_keystone_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_barbican_keystone_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/ucp_barbican_oslo_db_password.yaml b/site/intel-pod15/secrets/passphrases/ucp_barbican_oslo_db_password.yaml new file mode 100644 index 0000000..95a76ed --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/ucp_barbican_oslo_db_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_barbican_oslo_db_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/ucp_deckhand_keystone_password.yaml b/site/intel-pod15/secrets/passphrases/ucp_deckhand_keystone_password.yaml new file mode 100644 index 0000000..5ee27f2 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/ucp_deckhand_keystone_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_deckhand_keystone_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/ucp_deckhand_postgres_password.yaml b/site/intel-pod15/secrets/passphrases/ucp_deckhand_postgres_password.yaml new file mode 100644 index 0000000..e63319b --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/ucp_deckhand_postgres_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_deckhand_postgres_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/ucp_drydock_keystone_password.yaml b/site/intel-pod15/secrets/passphrases/ucp_drydock_keystone_password.yaml new file mode 100644 index 0000000..b8083b5 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/ucp_drydock_keystone_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_drydock_keystone_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/ucp_drydock_postgres_password.yaml b/site/intel-pod15/secrets/passphrases/ucp_drydock_postgres_password.yaml new file mode 100644 index 0000000..2eff525 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/ucp_drydock_postgres_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_drydock_postgres_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/ucp_keystone_admin_password.yaml b/site/intel-pod15/secrets/passphrases/ucp_keystone_admin_password.yaml new file mode 100644 index 0000000..91f74fd --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/ucp_keystone_admin_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_keystone_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/ucp_keystone_oslo_db_password.yaml b/site/intel-pod15/secrets/passphrases/ucp_keystone_oslo_db_password.yaml new file mode 100644 index 0000000..a9cb153 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/ucp_keystone_oslo_db_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_keystone_oslo_db_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/ucp_maas_admin_password.yaml b/site/intel-pod15/secrets/passphrases/ucp_maas_admin_password.yaml new file mode 100644 index 0000000..402c129 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/ucp_maas_admin_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_maas_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/ucp_maas_postgres_password.yaml b/site/intel-pod15/secrets/passphrases/ucp_maas_postgres_password.yaml new file mode 100644 index 0000000..96ec574 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/ucp_maas_postgres_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_maas_postgres_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/ucp_openstack_exporter_keystone_password.yaml b/site/intel-pod15/secrets/passphrases/ucp_openstack_exporter_keystone_password.yaml new file mode 100644 index 0000000..b513af4 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/ucp_openstack_exporter_keystone_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_openstack_exporter_keystone_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/ucp_oslo_db_admin_password.yaml b/site/intel-pod15/secrets/passphrases/ucp_oslo_db_admin_password.yaml new file mode 100644 index 0000000..b3c1325 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/ucp_oslo_db_admin_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_oslo_db_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/ucp_oslo_messaging_password.yaml b/site/intel-pod15/secrets/passphrases/ucp_oslo_messaging_password.yaml new file mode 100644 index 0000000..95d6c0e --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/ucp_oslo_messaging_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_oslo_messaging_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/ucp_postgres_admin_password.yaml b/site/intel-pod15/secrets/passphrases/ucp_postgres_admin_password.yaml new file mode 100644 index 0000000..546de05 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/ucp_postgres_admin_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_postgres_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/ucp_postgres_exporter_password.yaml b/site/intel-pod15/secrets/passphrases/ucp_postgres_exporter_password.yaml new file mode 100644 index 0000000..abdaa5b --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/ucp_postgres_exporter_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_postgres_exporter_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/ucp_postgres_replication_password.yaml b/site/intel-pod15/secrets/passphrases/ucp_postgres_replication_password.yaml new file mode 100644 index 0000000..2176e71 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/ucp_postgres_replication_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_postgres_replication_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/ucp_promenade_keystone_password.yaml b/site/intel-pod15/secrets/passphrases/ucp_promenade_keystone_password.yaml new file mode 100644 index 0000000..ac40d1e --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/ucp_promenade_keystone_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_promenade_keystone_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml b/site/intel-pod15/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml new file mode 100644 index 0000000..6a2aef9 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_rabbitmq_erlang_cookie + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/ucp_shipyard_keystone_password.yaml b/site/intel-pod15/secrets/passphrases/ucp_shipyard_keystone_password.yaml new file mode 100644 index 0000000..181a52a --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/ucp_shipyard_keystone_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_shipyard_keystone_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/passphrases/ucp_shipyard_postgres_password.yaml b/site/intel-pod15/secrets/passphrases/ucp_shipyard_postgres_password.yaml new file mode 100644 index 0000000..de0eed7 --- /dev/null +++ b/site/intel-pod15/secrets/passphrases/ucp_shipyard_postgres_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_shipyard_postgres_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password123 +... diff --git a/site/intel-pod15/secrets/publickey/cedric_ssh_public_key.yaml b/site/intel-pod15/secrets/publickey/cedric_ssh_public_key.yaml new file mode 100644 index 0000000..56fa412 --- /dev/null +++ b/site/intel-pod15/secrets/publickey/cedric_ssh_public_key.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/PublicKey/v1 +metadata: + schema: metadata/Document/v1 + name: cedric_ssh_public_key + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC0PTM2sBD/FqL67ubOiTlHcorrKaNnUKtN+3lqegJAXQznnkg4YfultXncRzJiqD6m1tjI06JyBxFnudSXu+a6FtB3XRY+EDwJWi4Ms+izeIOYKFAh2YMP35YBy6Du+3anIuISmGEQLQ2BbSUNL38MgImWlr+Hu5B555yEfNtDDl+nADzbkuOiEnd6hGNQZp2Df7PAlH1idFge/LCHyoDcMhvJAdUcGQuDn5lVu8JzhrJO+Gdo+m3pMxB1ZnXNajzndbJnGKvs54iu16dumccat9yWJS7McscwZKrfoQ+wnX/5/e+IJMgbcxGJELG+GzytC5imbHL/GqvFaOTYJhTr +... diff --git a/site/intel-pod15/secrets/publickey/mfix_ssh_public_key.yaml b/site/intel-pod15/secrets/publickey/mfix_ssh_public_key.yaml new file mode 100644 index 0000000..c06d7d8 --- /dev/null +++ b/site/intel-pod15/secrets/publickey/mfix_ssh_public_key.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/PublicKey/v1 +metadata: + schema: metadata/Document/v1 + name: mfix_ssh_public_key + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDktBXlcZbnTo+XM6y/NDDWLQAGTedBiZrx9W64FtH57IyNqtzJjz1C2v6cDnXTvqEAi3dpVJN7HONz/M9BaX3nlwfuasxvW75mZfOGfvcqOne/2R6NCsy+evtnkjA6AweBPBAsItdQtcb5rzgqij7c8Zxtcangb91YadXNZXYwB6+3LaonxdyAsTKTgJYQF5/kwuWvei8qenWszK3Q0Zs2oFW5tsbvQ7/Zm5TO4d3Oscs8IcvzlHZe7NK1mChLSARrrFq4FisHyILyp4pmL/bdgWOZse1uk676HUEpwT1Da7PCO0IsL1w7LNINq5zXC0YI9JgHD9/QXPA0scxCAfE6sDWkiPZ/EVY1czhXCX9tCiyttxn5ZiwL0Id+By02CJiSmluEJrfaebTZ8MYk5QSjw2du9/uxsSF9GvsqVLqGkcx0d6txHvISpNEzAVedwcV2UltI4MUjX5gk7XU1vmjqc4wG9H+WHkqPUK1tdkiEdYKKUUXr0yEJ0pXOLEmEEpD+t0lUrTDFXpSR78jRzuQ2OHEvP32BlniNinR5bnWcwFWSKkKd0lJj60cohXvnJmJ/mV8rjPRAoWTNHj3o8hj9aawqLPSrXtirVRM3DPbxTrFon9slIbm++tcsj5Nsxl0pMHq1f4f7+4P3HCtkQiudA/HTH0s6EqNnS/8DA1aiZQ== mf4716@att.com +... diff --git a/site/intel-pod15/secrets/publickey/opnfv_ssh_public_key.yaml b/site/intel-pod15/secrets/publickey/opnfv_ssh_public_key.yaml new file mode 100644 index 0000000..b63fdbb --- /dev/null +++ b/site/intel-pod15/secrets/publickey/opnfv_ssh_public_key.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/PublicKey/v1 +metadata: + schema: metadata/Document/v1 + name: opnfv_ssh_public_key + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBdh8nzrD+7dOBoV44JNL8sjjIjMs79ufdi+H7W72HSWPnPF/2Ou4+YVIWCWjo+4q7UwZZdppSW59ziAt1SgUw8YerpM9kti4VDqs6BrDr7FTfaHvfiJ4c1LIu+aAE4PjHVyHmRvaxSvzqjDzuQpdxRHuvfUrJOqldTedCzkUfRXoODVP14SKv+45bv5BglL5ODoq4/5vQ2QFhVLRnPsEXwqyIz16fqqziC2PrrvCM8LPHjv/R4MtL8ekCJi3+wKTnIekD77k2FK3b6uVtyOaFmpRoKj5gg1OokxS5Pe5hizjEY3U2xuNjKB+C+KHOafJrLQmCO2AT4NXz06OQTJaD opnfv@pod15-jump +... diff --git a/site/intel-pod15/secrets/publickey/sridhar_ssh_public_key.yaml b/site/intel-pod15/secrets/publickey/sridhar_ssh_public_key.yaml new file mode 100644 index 0000000..8ef987f --- /dev/null +++ b/site/intel-pod15/secrets/publickey/sridhar_ssh_public_key.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/PublicKey/v1 +metadata: + schema: metadata/Document/v1 + name: sridhar_ssh_public_key + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDAm23hyhNJ1ewDL35DGg9agPMJ1VSI4elUKM/VMiRH0LBLfk55pJbZwmmLv6Z4E3hXPTvPxCS1j0kXqGiPLpMo6qPeK0EjYMCT6EdVFLh5yt3jWouRjG6lHG2D7Y5tjBhu/d3zKu3ZDblbbT2xIbw3OOFoK+9Bp4f42AMGY3etsNdbcRDLmXgL6Zi94okAuEf7t5HeKqXgWkk6az0EMm7v+FgHmlVHMzO9J0XpmFbYtI711PXQBCotVC/LsyYBQoQqtxZnikt6gGLooRHlrWOkhqv9ycBteqIDhh78NNVWya+L7Xj/TcQmyzuTkNdAFxwiEvMScal2oYy+TvoFdlxr sridhar@dike +... diff --git a/site/intel-pod15/site-definition.yaml b/site/intel-pod15/site-definition.yaml new file mode 100644 index 0000000..ad0ce21 --- /dev/null +++ b/site/intel-pod15/site-definition.yaml @@ -0,0 +1,17 @@ +--- +schema: pegleg/SiteDefinition/v1 +metadata: + schema: metadata/Document/v1 + layeringDefinition: + abstract: false + layer: site + name: intel-pod15 + storagePolicy: cleartext +data: + site_type: cntt + + repositories: + global: + revision: v1.6 + url: https://opendev.org/airship/treasuremap.git +... diff --git a/site/intel-pod15/software/charts/kubernetes/container-networking/etcd.yaml b/site/intel-pod15/software/charts/kubernetes/container-networking/etcd.yaml new file mode 100644 index 0000000..4776953 --- /dev/null +++ b/site/intel-pod15/software/charts/kubernetes/container-networking/etcd.yaml @@ -0,0 +1,127 @@ +--- +# The purpose of this file is to build the list of calico etcd nodes and the +# calico etcd certs for those nodes in the environment. +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: kubernetes-calico-etcd + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: kubernetes-calico-etcd-global + actions: + - method: merge + path: . + storagePolicy: cleartext + substitutions: + # Generate a list of control plane nodes (i.e. genesis node + master node + # list) on which calico etcd will run and will need certs. It is assumed + # that Airship sites will have 3 control plane nodes, so this should not need to + # change for a new site. + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .genesis.hostname + dest: + path: .values.nodes[0].name + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .masters[0].hostname + dest: + path: .values.nodes[1].name + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .masters[1].hostname + dest: + path: .values.nodes[2].name + + # Certificate substitutions for the node names assembled on the above list. + # NEWSITE-CHANGEME: Per above, the number of substitutions should not need + # to change with a standard Airship deployment. However, the names of each + # deckhand certficiate should be updated with the correct hostnames for your + # environment. The ordering is important (Genesis is index 0, then master + # nodes in the order they are specified in common-addresses). + + # Genesis hostname - pod15-node1 + - src: + schema: deckhand/Certificate/v1 + name: calico-etcd-pod15-node1 + path: . + dest: + path: .values.nodes[0].tls.client.cert + - src: + schema: deckhand/CertificateKey/v1 + name: calico-etcd-pod15-node1 + path: . + dest: + path: .values.nodes[0].tls.client.key + - src: + schema: deckhand/Certificate/v1 + name: calico-etcd-pod15-node1-peer + path: . + dest: + path: .values.nodes[0].tls.peer.cert + - src: + schema: deckhand/CertificateKey/v1 + name: calico-etcd-pod15-node1-peer + path: . + dest: + path: .values.nodes[0].tls.peer.key + + # master node 1 hostname - pod15-node2 + - src: + schema: deckhand/Certificate/v1 + name: calico-etcd-pod15-node2 + path: . + dest: + path: .values.nodes[1].tls.client.cert + - src: + schema: deckhand/CertificateKey/v1 + name: calico-etcd-pod15-node2 + path: . + dest: + path: .values.nodes[1].tls.client.key + - src: + schema: deckhand/Certificate/v1 + name: calico-etcd-pod15-node2-peer + path: . + dest: + path: .values.nodes[1].tls.peer.cert + - src: + schema: deckhand/CertificateKey/v1 + name: calico-etcd-pod15-node2-peer + path: . + dest: + path: .values.nodes[1].tls.peer.key + + # master node 2 hostname - pod15-node3 + - src: + schema: deckhand/Certificate/v1 + name: calico-etcd-pod15-node3 + path: . + dest: + path: .values.nodes[2].tls.client.cert + - src: + schema: deckhand/CertificateKey/v1 + name: calico-etcd-pod15-node3 + path: . + dest: + path: .values.nodes[2].tls.client.key + - src: + schema: deckhand/Certificate/v1 + name: calico-etcd-pod15-node3-peer + path: . + dest: + path: .values.nodes[2].tls.peer.cert + - src: + schema: deckhand/CertificateKey/v1 + name: calico-etcd-pod15-node3-peer + path: . + dest: + path: .values.nodes[2].tls.peer.key + +data: {} +... diff --git a/site/intel-pod15/software/charts/kubernetes/etcd/etcd.yaml b/site/intel-pod15/software/charts/kubernetes/etcd/etcd.yaml new file mode 100644 index 0000000..a0dda4c --- /dev/null +++ b/site/intel-pod15/software/charts/kubernetes/etcd/etcd.yaml @@ -0,0 +1,131 @@ +--- +# The purpose of this file is to build the list of k8s etcd nodes and the +# k8s etcd certs for those nodes in the environment. +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: kubernetes-etcd + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: kubernetes-etcd-global + actions: + - method: merge + path: . + storagePolicy: cleartext + substitutions: + # Generate a list of control plane nodes (i.e. genesis node + master node + # list) on which k8s etcd will run and will need certs. It is assumed + # that Airship sites will have 3 control plane nodes, so this should not need to + # change for a new site. + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .genesis.hostname + dest: + path: .values.nodes[0].name + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .masters[0].hostname + dest: + path: .values.nodes[1].name + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .masters[1].hostname + dest: + path: .values.nodes[2].name + + # Certificate substitutions for the node names assembled on the above list. + # NEWSITE-CHANGEME: Per above, the number of substitutions should not need + # to change with a standard Airship deployment. However, the names of each + # deckhand certficiate should be updated with the correct hostnames for your + # environment. The ordering is important (Genesis is index 0, then master + # nodes in the order they are specified in common-addresses). + + # Genesis Exception* + # *NOTE: This is an exception in that `genesis` is not the hostname of the + # genesis node, but `genesis` is reference here in the certificate names + # because of certain Promenade assumptions that may be addressed in the + # future. Therefore `genesis` is used instead of `pod15-node1` here. + - src: + schema: deckhand/Certificate/v1 + name: kubernetes-etcd-genesis + path: . + dest: + path: .values.nodes[0].tls.client.cert + - src: + schema: deckhand/CertificateKey/v1 + name: kubernetes-etcd-genesis + path: . + dest: + path: .values.nodes[0].tls.client.key + - src: + schema: deckhand/Certificate/v1 + name: kubernetes-etcd-genesis-peer + path: . + dest: + path: .values.nodes[0].tls.peer.cert + - src: + schema: deckhand/CertificateKey/v1 + name: kubernetes-etcd-genesis-peer + path: . + dest: + path: .values.nodes[0].tls.peer.key + + # master node 1 hostname - pod15-node2 + - src: + schema: deckhand/Certificate/v1 + name: kubernetes-etcd-pod15-node2 + path: . + dest: + path: .values.nodes[1].tls.client.cert + - src: + schema: deckhand/CertificateKey/v1 + name: kubernetes-etcd-pod15-node2 + path: . + dest: + path: .values.nodes[1].tls.client.key + - src: + schema: deckhand/Certificate/v1 + name: kubernetes-etcd-pod15-node2-peer + path: . + dest: + path: .values.nodes[1].tls.peer.cert + - src: + schema: deckhand/CertificateKey/v1 + name: kubernetes-etcd-pod15-node2-peer + path: . + dest: + path: .values.nodes[1].tls.peer.key + + # master node 2 hostname - pod15-node3 + - src: + schema: deckhand/Certificate/v1 + name: kubernetes-etcd-pod15-node3 + path: . + dest: + path: .values.nodes[2].tls.client.cert + - src: + schema: deckhand/CertificateKey/v1 + name: kubernetes-etcd-pod15-node3 + path: . + dest: + path: .values.nodes[2].tls.client.key + - src: + schema: deckhand/Certificate/v1 + name: kubernetes-etcd-pod15-node3-peer + path: . + dest: + path: .values.nodes[2].tls.peer.cert + - src: + schema: deckhand/CertificateKey/v1 + name: kubernetes-etcd-pod15-node3-peer + path: $ + dest: + path: .values.nodes[2].tls.peer.key + +data: {} +... diff --git a/site/intel-pod15/software/charts/osh-infra/elasticsearch.yaml b/site/intel-pod15/software/charts/osh-infra/elasticsearch.yaml new file mode 100644 index 0000000..ef0a42e --- /dev/null +++ b/site/intel-pod15/software/charts/osh-infra/elasticsearch.yaml @@ -0,0 +1,34 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: elasticsearch + labels: + name: elasticsearch-type + layeringDefinition: + abstract: false + layer: site + parentSelector: + hosttype: elasticsearch-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + pod: + replicas: + master: 2 + data: 1 + client: 2 + storage: + requests: + storage: 20Gi + conf: + elasticsearch: + env: + java_opts: + client: "-Xms2048m -Xmx2048m" + data: "-Xms2048m -Xmx2048m" + master: "-Xms2048m -Xmx2048m" +... diff --git a/site/intel-pod15/software/charts/osh-infra/fluentbit.yaml b/site/intel-pod15/software/charts/osh-infra/fluentbit.yaml new file mode 100644 index 0000000..5d2f287 --- /dev/null +++ b/site/intel-pod15/software/charts/osh-infra/fluentbit.yaml @@ -0,0 +1,22 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: fluentbit + labels: + name: fluentbit-type + layeringDefinition: + abstract: false + layer: site + parentSelector: + hosttype: fluentbit-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + pod: + replicas: + fluentd: 1 +... diff --git a/site/intel-pod15/software/charts/osh-infra/fluentd.yaml b/site/intel-pod15/software/charts/osh-infra/fluentd.yaml new file mode 100644 index 0000000..3652a3e --- /dev/null +++ b/site/intel-pod15/software/charts/osh-infra/fluentd.yaml @@ -0,0 +1,22 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: fluentd + labels: + name: fluentd-type + layeringDefinition: + abstract: false + layer: site + parentSelector: + hosttype: fluentd-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + pod: + replicas: + fluentd: 1 +... diff --git a/site/intel-pod15/software/charts/osh-infra/grafana.yaml b/site/intel-pod15/software/charts/osh-infra/grafana.yaml new file mode 100644 index 0000000..b35614f --- /dev/null +++ b/site/intel-pod15/software/charts/osh-infra/grafana.yaml @@ -0,0 +1,23 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + replacement: true + name: grafana + labels: + name: grafana-type + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: grafana-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + pod: + replicas: + grafana: 1 +... diff --git a/site/intel-pod15/software/charts/osh-infra/ingress.yaml b/site/intel-pod15/software/charts/osh-infra/ingress.yaml new file mode 100644 index 0000000..d449881 --- /dev/null +++ b/site/intel-pod15/software/charts/osh-infra/ingress.yaml @@ -0,0 +1,24 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + replacement: true + name: osh-infra-ingress-controller + labels: + name: osh-infra-ingress-controller-type + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: osh-infra-ingress-controller-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + pod: + replicas: + ingress: 1 + error_page: 1 +... diff --git a/site/intel-pod15/software/charts/osh-infra/mariadb.yaml b/site/intel-pod15/software/charts/osh-infra/mariadb.yaml new file mode 100644 index 0000000..335d4e9 --- /dev/null +++ b/site/intel-pod15/software/charts/osh-infra/mariadb.yaml @@ -0,0 +1,24 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + replacement: true + name: osh-infra-mariadb + labels: + name: osh-infra-mariadb-type + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: osh-infra-mariadb-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + pod: + replicas: + server: 1 + ingress: 1 +... diff --git a/site/intel-pod15/software/charts/osh-infra/prometheus.yaml b/site/intel-pod15/software/charts/osh-infra/prometheus.yaml new file mode 100644 index 0000000..d00e96a --- /dev/null +++ b/site/intel-pod15/software/charts/osh-infra/prometheus.yaml @@ -0,0 +1,35 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + replacement: true + name: prometheus + labels: + name: prometheus-type + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: prometheus-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + pod: + replicas: + prometheus: 1 + resources: + enabled: true + prometheus: + limits: + memory: "4Gi" + cpu: "2000m" + requests: + memory: "2Gi" + cpu: "1000m" + storage: + requests: + storage: 20Gi +... diff --git a/site/intel-pod15/software/charts/osh/openstack-compute-kit/libvirt.yaml b/site/intel-pod15/software/charts/osh/openstack-compute-kit/libvirt.yaml new file mode 100644 index 0000000..85ec726 --- /dev/null +++ b/site/intel-pod15/software/charts/osh/openstack-compute-kit/libvirt.yaml @@ -0,0 +1,22 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: libvirt + replacement: true + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: libvirt-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + network: + backend: + - openvswitch + # - sriov +... diff --git a/site/intel-pod15/software/charts/osh/openstack-compute-kit/neutron.yaml b/site/intel-pod15/software/charts/osh/openstack-compute-kit/neutron.yaml new file mode 100644 index 0000000..824c03d --- /dev/null +++ b/site/intel-pod15/software/charts/osh/openstack-compute-kit/neutron.yaml @@ -0,0 +1,74 @@ +--- +# This file defines hardware-specific settings for neutron. If you use the same +# hardware profile as this environment, you should not need to change this file. +# Otherwise, you should review the settings here and adjust for your hardware. +# In particular: +# 1. logical network interface names +# 2. physical device mappigns +# TODO: Should move to global layer and become tied to the hardware profile +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + replacement: true + name: neutron + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: neutron-type + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + wait: + timeout: 1800 + test: + timeout: 900 + values: + labels: + sriov: + node_selector_key: sriov + node_selector_value: enabled + pod: + security_context: + neutron_sriov_agent: + pod: + runAsUser: 42424 + container: + neutron_sriov_agent_init: + privileged: true + runAsUser: 0 + readOnlyRootFilesystem: false + neutron_sriov_agent: + readOnlyRootFilesystem: true + privileged: true + network: + interface: + sriov: + - device: ens785f0 + num_vfs: 32 + promisc: false + backend: + - openvswitch + - sriov + conf: + sriov_init: + - besteffort + plugins: + ml2_conf: + ml2: + mechanism_drivers: l2population,openvswitch,sriovnicswitch + ml2_type_vlan: + ## NOTE: Must have at least 1 sriov network defined + network_vlan_ranges: external,sriovnet1:100:4000 + sriov_agent: + securitygroup: + firewall_driver: neutron.agent.firewall.NoopFirewallDriver + sriov_nic: + ## NOTE: Must have at least 1 sriov network to physical device + ## mapping, otherwise sriov agent readiness check + ## will fail. + physical_device_mappings: sriovnet1:ens785f0 + exclude_devices: "" +... diff --git a/site/intel-pod15/software/charts/osh/openstack-compute-kit/nova.yaml b/site/intel-pod15/software/charts/osh/openstack-compute-kit/nova.yaml new file mode 100644 index 0000000..9761a25 --- /dev/null +++ b/site/intel-pod15/software/charts/osh/openstack-compute-kit/nova.yaml @@ -0,0 +1,47 @@ +--- +# This file defines hardware-specific settings for nova. If you use the same +# hardware profile as this environment, you should not need to change this file. +# Otherwise, you should review the settings here and adjust for your hardware. +# In particular: +# 1. vcpu_pin_set will change if the number of logical CPUs on the hardware +# changes. +# 2. pci alias / passthrough_whitelist could change if the NIC type or NIC +# slotting changes. +# TODO: Should move to global layer and become tied to the hardware profile +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: nova + replacement: true + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: nova-cntt + actions: + - method: merge + path: . + storagePolicy: cleartext + substitutions: + - src: + schema: drydock/HardwareProfile/v1 + name: intel-pod15 + path: .cpu_sets.kvm + dest: + path: .values.conf.nova.DEFAULT.vcpu_pin_set +data: + values: + network: + backend: + - openvswitch + # - sriov + conf: + nova: + filter_scheduler: + available_filters: "nova.scheduler.filters.all_filters" + enabled_filters: "RetryFilter,AvailabilityZoneFilter,RamFilter,CoreFilter,DiskFilter,ComputeFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter,AggregateInstanceExtraSpecsFilter,AggregateCoreFilter,AggregateRamFilter,AggregateMultiTenancyIsolation,JsonFilter,IoOpsFilter,AggregateDiskFilter,AllHostsFilter,IsolatedHostsFilter,AggregateImagePropertiesIsolation,PciPassthroughFilter,AggregateIoOpsFilter,NumInstancesFilter,AggregateNumInstancesFilter,MetricsFilter,SimpleCIDRAffinityFilter,AggregateTypeAffinityFilter,NUMATopologyFilter,ComputeCapabilitiesFilter,DifferentHostFilter,SameHostFilter" + pci: + alias: '{"name": "numa0", "capability_type": "pci", "product_id": "154c", "vendor_id": "8086", "device_type": "type-PCI"}' + passthrough_whitelist: | + [{"address": "0000:05:06.*", "physical_network": "sriovnet1"},{"address": "0000:05:07.*", "physical_network": "sriovnet1"},{"address": "0000:05:08.*", "physical_network": "sriovnet1"},{"address": "0000:05:09.*", "physical_network": "sriovnet1"}] +... diff --git a/site/intel-pod15/software/charts/ucp/ceph/ceph-client-update.yaml b/site/intel-pod15/software/charts/ucp/ceph/ceph-client-update.yaml new file mode 100644 index 0000000..eb921b8 --- /dev/null +++ b/site/intel-pod15/software/charts/ucp/ceph/ceph-client-update.yaml @@ -0,0 +1,26 @@ +--- +# The purpose of this file is to define environment-specific parameters for ceph +# client update +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: ucp-ceph-client-update + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: ucp-ceph-client-update-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + conf: + pool: + target: + # NEWSITE-CHANGEME: Total number of OSDs. Does not need to change if + # your HW matches this site's HW. Verify for your environment. + # 8 OSDs per node x 3 nodes = 24 + osd: 3 +... diff --git a/site/intel-pod15/software/charts/ucp/ceph/ceph-client.yaml b/site/intel-pod15/software/charts/ucp/ceph/ceph-client.yaml new file mode 100644 index 0000000..e1e8ecf --- /dev/null +++ b/site/intel-pod15/software/charts/ucp/ceph/ceph-client.yaml @@ -0,0 +1,100 @@ +--- +# The purpose of this file is to define envrionment-specific parameters for the +# ceph client +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: ucp-ceph-client + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: ucp-ceph-client-global + actions: + - method: merge + path: . + storagePolicy: cleartext +data: + values: + conf: + pool: + target: + # NEWSITE-CHANGEME: The number of OSDs per ceph node. Does not need to + # change if your deployment HW matches this site's HW. + osd: 1 + spec: + # RBD pool + - name: rbd + application: rbd + replication: 1 + percent_total_data: 40 + - name: cephfs_metadata + application: cephfs + replication: 1 + percent_total_data: 5 + - name: cephfs_data + application: cephfs + replication: 1 + percent_total_data: 10 + # RadosGW pools + - name: .rgw.root + application: rgw + replication: 1 + percent_total_data: 0.1 + - name: default.rgw.control + application: rgw + replication: 1 + percent_total_data: 0.1 + - name: default.rgw.data.root + application: rgw + replication: 1 + percent_total_data: 0.1 + - name: default.rgw.gc + application: rgw + replication: 1 + percent_total_data: 0.1 + - name: default.rgw.log + application: rgw + replication: 1 + percent_total_data: 0.1 + - name: default.rgw.intent-log + application: rgw + replication: 1 + percent_total_data: 0.1 + - name: default.rgw.meta + application: rgw + replication: 1 + percent_total_data: 0.1 + - name: default.rgw.usage + application: rgw + replication: 1 + percent_total_data: 0.1 + - name: default.rgw.users.keys + application: rgw + replication: 1 + percent_total_data: 0.1 + - name: default.rgw.users.email + application: rgw + replication: 1 + percent_total_data: 0.1 + - name: default.rgw.users.swift + application: rgw + replication: 1 + percent_total_data: 0.1 + - name: default.rgw.users.uid + application: rgw + replication: 1 + percent_total_data: 0.1 + - name: default.rgw.buckets.extra + application: rgw + replication: 1 + percent_total_data: 0.1 + - name: default.rgw.buckets.index + application: rgw + replication: 1 + percent_total_data: 3 + - name: default.rgw.buckets.data + application: rgw + replication: 1 + percent_total_data: 34.8 +... diff --git a/site/intel-pod15/software/charts/ucp/ceph/ceph-osd.yaml b/site/intel-pod15/software/charts/ucp/ceph/ceph-osd.yaml new file mode 100644 index 0000000..25297d9 --- /dev/null +++ b/site/intel-pod15/software/charts/ucp/ceph/ceph-osd.yaml @@ -0,0 +1,30 @@ +--- +# The purpose of this file is to define environment-specific parameters for +# ceph-osd +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: ucp-ceph-osd + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: ucp-ceph-osd-global + actions: + - method: replace + path: .values.conf.storage.osd + - method: merge + path: . + storagePolicy: cleartext +data: + values: + conf: + storage: + osd: + - data: + type: directory + location: /var/lib/ceph/osd/osd-one + journal: + type: directory + location: /var/lib/ceph/journal/osd-one +... diff --git a/site/intel-pod15/software/charts/ucp/divingbell/divingbell.yaml b/site/intel-pod15/software/charts/ucp/divingbell/divingbell.yaml new file mode 100644 index 0000000..7e5adb0 --- /dev/null +++ b/site/intel-pod15/software/charts/ucp/divingbell/divingbell.yaml @@ -0,0 +1,83 @@ +--- +# The purpose of this file is to define site-specific parameters to the +# UAM-lite portion of the divingbell chart: +# 1. User accounts to create on bare metal +# 2. SSH public key for operationg system access to the bare metal +# 3. Passwords for operating system access via iDrac/iLo console. SSH password- +# based auth is disabled. +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: ucp-divingbell + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: ucp-divingbell-global + actions: + - method: merge + path: . + labels: + name: ucp-divingbell-site + storagePolicy: cleartext + substitutions: + - dest: + path: .values.conf.uamlite.users[0].user_sshkeys[0] + src: + schema: deckhand/PublicKey/v1 + name: opnfv_ssh_public_key + path: . + - dest: + path: .values.conf.uamlite.users[1].user_sshkeys[0] + src: + schema: deckhand/PublicKey/v1 + name: sridhar_ssh_public_key + path: . + - dest: + path: .values.conf.uamlite.users[1].user_crypt_passwd + src: + schema: deckhand/Passphrase/v1 + name: sridhar_crypt_password + path: . + - dest: + path: .values.conf.uamlite.users[2].user_sshkeys[0] + src: + schema: deckhand/PublicKey/v1 + name: mfix_ssh_public_key + path: . + - dest: + path: .values.conf.uamlite.users[2].user_crypt_passwd + src: + schema: deckhand/Passphrase/v1 + name: mfix_crypt_password + path: . + - dest: + path: .values.conf.uamlite.users[3].user_sshkeys[0] + src: + schema: deckhand/PublicKey/v1 + name: cedric_ssh_public_key + path: . + - dest: + path: .values.conf.uamlite.users[3].user_crypt_passwd + src: + schema: deckhand/Passphrase/v1 + name: cedric_crypt_password + path: . +data: + values: + conf: + uamlite: + users: + - user_name: opnfv + user_sudo: true + user_sshkeys: [] + - user_name: sridhar + user_sudo: true + user_sshkeys: [] + - user_name: mfix + user_sudo: true + user_sshkeys: [] + - user_name: cedric + user_sudo: true + user_sshkeys: [] +... diff --git a/site/intel-pod15/software/config/common-software-config.yaml b/site/intel-pod15/software/config/common-software-config.yaml new file mode 100644 index 0000000..b85499b --- /dev/null +++ b/site/intel-pod15/software/config/common-software-config.yaml @@ -0,0 +1,16 @@ +--- +# The purpose of this file is to define site-specific common software config +# paramters. +schema: pegleg/CommonSoftwareConfig/v1 +metadata: + schema: metadata/Document/v1 + name: common-software-config + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + osh: + # NEWSITE-CHANGEME: Replace with the site name + region_name: intel-pod15 +... -- cgit 1.2.3-korg