From fe78c087b82b04af7f4a5fb47ee8f7d63931bfba Mon Sep 17 00:00:00 2001 From: Scott Hussey Date: Tue, 24 Apr 2018 15:55:00 -0500 Subject: [PATCH] Definition for deploying behind a proxy Change-Id: I80ee226f33f4f67e5a3fb6dd39b7622f6c750757 --- .../software/charts/ucp/drydock/maas.yaml | 2 + .../deployment/deploymentConfiguration.yaml | 31 +++ .../deployment/dev-configurables.yaml | 10 + .../dev-proxy/networks/common-addresses.yaml | 103 ++++++++ .../site/dev-proxy/pki/pki-catalog.yaml | 180 ++++++++++++++ .../ceph_swift_keystone_password.yaml | 11 + .../passphrases/ipmi_admin_password.yaml | 11 + .../passphrases/maas_region_secret.yaml | 11 + .../ucp_airflow_postgres_password.yaml | 11 + .../ucp_armada_keystone_password.yaml | 11 + .../ucp_barbican_keystone_password.yaml | 11 + .../ucp_barbican_oslo_db_password.yaml | 11 + .../ucp_deckhand_keystone_password.yaml | 11 + .../ucp_deckhand_postgres_password.yaml | 11 + .../ucp_drydock_keystone_password.yaml | 11 + .../ucp_drydock_postgres_password.yaml | 11 + .../ucp_keystone_admin_password.yaml | 11 + .../ucp_keystone_oslo_db_password.yaml | 11 + .../passphrases/ucp_maas_admin_password.yaml | 11 + .../ucp_maas_postgres_password.yaml | 11 + .../ucp_oslo_db_admin_password.yaml | 11 + .../ucp_oslo_messaging_password.yaml | 11 + .../ucp_postgres_admin_password.yaml | 11 + .../ucp_promenade_keystone_password.yaml | 11 + .../ucp_rabbitmq_erlang_cookie.yaml | 11 + .../ucp_shipyard_keystone_password.yaml | 11 + .../ucp_shipyard_postgres_password.yaml | 11 + .../site/dev-proxy/site-definition.yaml | 11 + .../kubernetes/container-networking/etcd.yaml | 122 +++++++++ .../software/charts/kubernetes/etcd/etcd.yaml | 121 +++++++++ .../dev-proxy/software/configs/endpoints.yaml | 235 ++++++++++++++++++ .../software/configs/service_accounts.yaml | 124 +++++++++ .../v1.0u/network/KubernetesNetwork.yaml | 101 ++++++++ .../software/charts/ucp/drydock/maas.yaml | 29 +++ .../charts/ucp/promenade/promenade.yaml | 37 +++ manifests/dev_single_node/README.txt | 8 +- manifests/dev_single_node/set-env.sh | 4 +- 37 files changed, 1358 insertions(+), 2 deletions(-) create mode 100644 deployment_files/site/dev-proxy/deployment/deploymentConfiguration.yaml create mode 100644 deployment_files/site/dev-proxy/deployment/dev-configurables.yaml create mode 100644 deployment_files/site/dev-proxy/networks/common-addresses.yaml create mode 100644 deployment_files/site/dev-proxy/pki/pki-catalog.yaml create mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ceph_swift_keystone_password.yaml create mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ipmi_admin_password.yaml create mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/maas_region_secret.yaml create mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_airflow_postgres_password.yaml create mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_armada_keystone_password.yaml create mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_barbican_keystone_password.yaml create mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_barbican_oslo_db_password.yaml create mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_deckhand_keystone_password.yaml create mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_deckhand_postgres_password.yaml create mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_drydock_keystone_password.yaml create mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_drydock_postgres_password.yaml create mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_keystone_admin_password.yaml create mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_keystone_oslo_db_password.yaml create mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_maas_admin_password.yaml create mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_maas_postgres_password.yaml create mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_oslo_db_admin_password.yaml create mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_oslo_messaging_password.yaml create mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_postgres_admin_password.yaml create mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_promenade_keystone_password.yaml create mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml create mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_shipyard_keystone_password.yaml create mode 100644 deployment_files/site/dev-proxy/secrets/passphrases/ucp_shipyard_postgres_password.yaml create mode 100644 deployment_files/site/dev-proxy/site-definition.yaml create mode 100644 deployment_files/site/dev-proxy/software/charts/kubernetes/container-networking/etcd.yaml create mode 100644 deployment_files/site/dev-proxy/software/charts/kubernetes/etcd/etcd.yaml create mode 100644 deployment_files/site/dev-proxy/software/configs/endpoints.yaml create mode 100644 deployment_files/site/dev-proxy/software/configs/service_accounts.yaml create mode 100644 deployment_files/type/single-node-proxy/v1.0u/network/KubernetesNetwork.yaml create mode 100644 deployment_files/type/single-node-proxy/v1.0u/software/charts/ucp/drydock/maas.yaml create mode 100644 deployment_files/type/single-node-proxy/v1.0u/software/charts/ucp/promenade/promenade.yaml diff --git a/deployment_files/global/v1.0u/software/charts/ucp/drydock/maas.yaml b/deployment_files/global/v1.0u/software/charts/ucp/drydock/maas.yaml index a5565376..21e6aea4 100644 --- a/deployment_files/global/v1.0u/software/charts/ucp/drydock/maas.yaml +++ b/deployment_files/global/v1.0u/software/charts/ucp/drydock/maas.yaml @@ -6,6 +6,8 @@ metadata: layeringDefinition: abstract: false layer: global + labels: + name: ucp-maas storagePolicy: cleartext substitutions: # Chart source diff --git a/deployment_files/site/dev-proxy/deployment/deploymentConfiguration.yaml b/deployment_files/site/dev-proxy/deployment/deploymentConfiguration.yaml new file mode 100644 index 00000000..14521bad --- /dev/null +++ b/deployment_files/site/dev-proxy/deployment/deploymentConfiguration.yaml @@ -0,0 +1,31 @@ +--- +schema: shipyard/DeploymentConfiguration/v1 +metadata: + schema: metadata/Document/v1 + name: deployment-configuration + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + physical_provisioner: + deployment_strategy: all-at-once + deploy_interval: 30 + deploy_timeout: 3600 + destroy_interval: 30 + destroy_timeout: 900 + join_wait: 120 + prepare_node_interval: 30 + prepare_node_timeout: 1000 + prepare_site_interval: 10 + prepare_site_timeout: 300 + verify_interval: 10 + verify_timeout: 60 + kubernetes_provisioner: + drain_timeout: 3600 + drain_grace_period: 1800 + clear_labels_timeout: 1800 + remove_etcd_timeout: 1800 + etcd_ready_timeout: 600 + armada: + manifest: 'full-site' diff --git a/deployment_files/site/dev-proxy/deployment/dev-configurables.yaml b/deployment_files/site/dev-proxy/deployment/dev-configurables.yaml new file mode 100644 index 00000000..ad6da40f --- /dev/null +++ b/deployment_files/site/dev-proxy/deployment/dev-configurables.yaml @@ -0,0 +1,10 @@ +--- +schema: dev/Configurables/v1 +metadata: + schema: metadata/Document/v1 + name: dev-configurables + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +# Data section provided by deploy_ucp.sh script diff --git a/deployment_files/site/dev-proxy/networks/common-addresses.yaml b/deployment_files/site/dev-proxy/networks/common-addresses.yaml new file mode 100644 index 00000000..7c63fdef --- /dev/null +++ b/deployment_files/site/dev-proxy/networks/common-addresses.yaml @@ -0,0 +1,103 @@ +--- +schema: pegleg/CommonAddresses/v1 +metadata: + schema: metadata/Document/v1 + name: common-addresses + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext + substitutions: + # Chart source + - src: + schema: dev/Configurables/v1 + name: dev-configurables + path: .interface + dest: + path: .calico.ip_autodetection_method + pattern: REPLACEME + - src: + schema: dev/Configurables/v1 + name: dev-configurables + path: .hostname + dest: + path: .genesis.hostname + - src: + schema: dev/Configurables/v1 + name: dev-configurables + path: .hostip + dest: + path: .genesis.ip + - src: + schema: dev/Configurables/v1 + name: dev-configurables + path: .hostip + dest: + path: .bootstrap.ip + - src: + schema: dev/Configurables/v1 + name: dev-configurables + path: .hostcidr + dest: + path: .storage.ceph.public_cidr + - src: + schema: dev/Configurables/v1 + name: dev-configurables + path: .hostcidr + dest: + path: .storage.ceph.cluster_cidr + + +data: + calico: + ip_autodetection_method: 'interface=REPLACEME' + etcd: + service_ip: 10.96.232.136 + + dns: + cluster_domain: cluster.local + service_ip: 10.96.0.10 + upstream_servers: + - 8.8.8.8 + - 8.8.4.4 + upstream_servers_joined: 8.8.8.8,8.8.4.4 + + genesis: + hostname: REPLACEME + ip: REPLACEME + + bootstrap: + ip: REPLACEME + + kubernetes: + api_service_ip: 10.96.0.1 + etcd_service_ip: 10.96.0.2 + pod_cidr: 10.97.0.0/16 + service_cidr: 10.96.0.0/16 + apiserver_port: 6443 + haproxy_port: 6553 + + etcd: + container_port: 2379 + haproxy_port: 2378 + + proxy: + http: http://proxy.foo.com:8080 + https: http://proxy.foo.com:8080 + no_proxy: '.foo.com,.cluster.local,localhost,127.0.0.1' + + node_ports: + drydock_api: 30000 + maas_api: 30001 + maas_proxy: 31800 + shipyard_api: 30003 + airflow_web: 30004 + + ntp: + servers_joined: ntp.ubuntu.com + + storage: + ceph: + public_cidr: REPLACEME + cluster_cidr: REPLACEME +... diff --git a/deployment_files/site/dev-proxy/pki/pki-catalog.yaml b/deployment_files/site/dev-proxy/pki/pki-catalog.yaml new file mode 100644 index 00000000..2ece7105 --- /dev/null +++ b/deployment_files/site/dev-proxy/pki/pki-catalog.yaml @@ -0,0 +1,180 @@ +--- +schema: promenade/PKICatalog/v1 +metadata: + schema: metadata/Document/v1 + name: cluster-certificates + layeringDefinition: + abstract: false + layer: site + substitutions: + - src: + schema: dev/Configurables/v1 + name: dev-configurables + path: .hostname + dest: + path: .certificate_authorities.kubernetes.certificates[1].hosts[0] + - src: + schema: dev/Configurables/v1 + name: dev-configurables + path: .hostip + dest: + path: .certificate_authorities.kubernetes.certificates[1].hosts[1] + - src: + schema: dev/Configurables/v1 + name: dev-configurables + path: .hostname + dest: + path: .certificate_authorities.kubernetes.certificates[1].common_name + pattern: HOSTNAME + - src: + schema: dev/Configurables/v1 + name: dev-configurables + path: .hostname + dest: + path: .certificate_authorities.kubernetes.certificates[1].common_name + pattern: HOSTNAME + - src: + schema: dev/Configurables/v1 + name: dev-configurables + path: .hostname + dest: + path: .certificate_authorities.kubernetes-etcd.certificates[2].hosts[0] + - src: + schema: dev/Configurables/v1 + name: dev-configurables + path: .hostip + dest: + path: .certificate_authorities.kubernetes-etcd.certificates[2].hosts[1] + - src: + schema: dev/Configurables/v1 + name: dev-configurables + path: .hostname + dest: + path: .certificate_authorities.kubernetes-etcd-peer.certificates[0].hosts[0] + - src: + schema: dev/Configurables/v1 + name: dev-configurables + path: .hostip + dest: + path: .certificate_authorities.kubernetes-etcd-peer.certificates[0].hosts[1] + - src: + schema: dev/Configurables/v1 + name: dev-configurables + path: .hostname + dest: + path: .certificate_authorities.calico-etcd.certificates[1].hosts[0] + - src: + schema: dev/Configurables/v1 + name: dev-configurables + path: .hostip + dest: + path: .certificate_authorities.calico-etcd.certificates[1].hosts[1] + - src: + schema: dev/Configurables/v1 + name: dev-configurables + path: .hostname + dest: + path: .certificate_authorities.calico-etcd-peer.certificates[1].hosts[0] + - src: + schema: dev/Configurables/v1 + name: dev-configurables + path: .hostip + dest: + path: .certificate_authorities.calico-etcd-peer.certificates[1].hosts[1] +data: + certificate_authorities: + kubernetes: + description: CA for Kubernetes components + certificates: + - document_name: apiserver + description: Service certificate for Kubernetes apiserver + common_name: apiserver + hosts: + - localhost + - 127.0.0.1 + - 10.96.0.1 + kubernetes_service_names: + - kubernetes.default.svc.cluster.local + - document_name: kubelet-genesis + common_name: system:node:HOSTNAME + hosts: + - REPLACEME_HOST_NAME + - REPLACEME_HOST_IP + groups: + - system:nodes + - document_name: scheduler + description: Service certificate for Kubernetes scheduler + common_name: system:kube-scheduler + - document_name: controller-manager + description: certificate for controller-manager + common_name: system:kube-controller-manager + - document_name: admin + common_name: admin + groups: + - system:masters + - document_name: armada + common_name: armada + groups: + - system:masters + kubernetes-etcd: + description: Certificates for Kubernetes's etcd servers + certificates: + - document_name: apiserver-etcd + description: etcd client certificate for use by Kubernetes apiserver + common_name: apiserver + - document_name: kubernetes-etcd-anchor + description: anchor + common_name: anchor + - document_name: kubernetes-etcd-genesis + common_name: kubernetes-etcd-genesis + hosts: + - REPLACEME_HOST_NAME + - REPLACEME_HOST_IP + - 127.0.0.1 + - localhost + - kubernetes-etcd.kube-system.svc.cluster.local + - 10.96.0.2 + kubernetes-etcd-peer: + certificates: + - document_name: kubernetes-etcd-genesis-peer + common_name: kubernetes-etcd-genesis-peer + hosts: + - REPLACEME_HOST_NAME + - REPLACEME_HOST_IP + - 127.0.0.1 + - localhost + - kubernetes-etcd.kube-system.svc.cluster.local + - 10.96.0.2 + calico-etcd: + description: Certificates for Calico etcd client traffic + certificates: + - document_name: calico-etcd-anchor + description: anchor + common_name: anchor + - document_name: calico-etcd-genesis + common_name: calico-etcd-genesis + hosts: + - REPLACEME_HOST_NAME + - REPLACEME_HOST_IP + - 127.0.0.1 + - localhost + - 10.96.232.136 + - document_name: calico-node + common_name: calcico-node + calico-etcd-peer: + description: Certificates for Calico etcd clients + certificates: + - document_name: calico-etcd-genesis-peer + common_name: calico-etcd-genesis-peer + hosts: + - REPLACEME_HOST_NAME + - REPLACEME_HOST_IP + - 127.0.0.1 + - localhost + - 10.96.232.136 + - document_name: calico-node-peer + common_name: calcico-node-peer + keypairs: + - name: service-account + description: Service account signing key for use by Kubernetes controller-manager. +... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ceph_swift_keystone_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ceph_swift_keystone_password.yaml new file mode 100644 index 00000000..4f45cbe0 --- /dev/null +++ b/deployment_files/site/dev-proxy/secrets/passphrases/ceph_swift_keystone_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ceph_swift_keystone_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password1 +... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ipmi_admin_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ipmi_admin_password.yaml new file mode 100644 index 00000000..7f2e7941 --- /dev/null +++ b/deployment_files/site/dev-proxy/secrets/passphrases/ipmi_admin_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ipmi_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: calvin +... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/maas_region_secret.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/maas_region_secret.yaml new file mode 100644 index 00000000..aedf9281 --- /dev/null +++ b/deployment_files/site/dev-proxy/secrets/passphrases/maas_region_secret.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: maas-region-key + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 3858f62230ac3c915f300c664312c63f +... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_airflow_postgres_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_airflow_postgres_password.yaml new file mode 100644 index 00000000..119a8a40 --- /dev/null +++ b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_airflow_postgres_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_airflow_postgres_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password2 +... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_armada_keystone_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_armada_keystone_password.yaml new file mode 100644 index 00000000..cbb8575e --- /dev/null +++ b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_armada_keystone_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_armada_keystone_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password3 +... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_barbican_keystone_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_barbican_keystone_password.yaml new file mode 100644 index 00000000..e786cbb3 --- /dev/null +++ b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_barbican_keystone_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_barbican_keystone_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password4 +... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_barbican_oslo_db_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_barbican_oslo_db_password.yaml new file mode 100644 index 00000000..7f21161f --- /dev/null +++ b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_barbican_oslo_db_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_barbican_oslo_db_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password5 +... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_deckhand_keystone_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_deckhand_keystone_password.yaml new file mode 100644 index 00000000..6532aae8 --- /dev/null +++ b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_deckhand_keystone_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_deckhand_keystone_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password6 +... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_deckhand_postgres_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_deckhand_postgres_password.yaml new file mode 100644 index 00000000..d78dde68 --- /dev/null +++ b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_deckhand_postgres_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_deckhand_postgres_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password7 +... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_drydock_keystone_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_drydock_keystone_password.yaml new file mode 100644 index 00000000..9a97f8f6 --- /dev/null +++ b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_drydock_keystone_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_drydock_keystone_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password8 +... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_drydock_postgres_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_drydock_postgres_password.yaml new file mode 100644 index 00000000..de755270 --- /dev/null +++ b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_drydock_postgres_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_drydock_postgres_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password9 +... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_keystone_admin_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_keystone_admin_password.yaml new file mode 100644 index 00000000..76e00856 --- /dev/null +++ b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_keystone_admin_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_keystone_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password10 +... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_keystone_oslo_db_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_keystone_oslo_db_password.yaml new file mode 100644 index 00000000..c06c742f --- /dev/null +++ b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_keystone_oslo_db_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_keystone_oslo_db_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password11 +... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_maas_admin_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_maas_admin_password.yaml new file mode 100644 index 00000000..4242f37e --- /dev/null +++ b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_maas_admin_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_maas_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password12 +... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_maas_postgres_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_maas_postgres_password.yaml new file mode 100644 index 00000000..e3a83ecc --- /dev/null +++ b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_maas_postgres_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_maas_postgres_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password13 +... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_oslo_db_admin_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_oslo_db_admin_password.yaml new file mode 100644 index 00000000..bb77ab63 --- /dev/null +++ b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_oslo_db_admin_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_oslo_db_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password14 +... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_oslo_messaging_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_oslo_messaging_password.yaml new file mode 100644 index 00000000..0ff710c6 --- /dev/null +++ b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_oslo_messaging_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_oslo_messaging_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password15 +... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_postgres_admin_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_postgres_admin_password.yaml new file mode 100644 index 00000000..85f97901 --- /dev/null +++ b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_postgres_admin_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_postgres_admin_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password16 +... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_promenade_keystone_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_promenade_keystone_password.yaml new file mode 100644 index 00000000..17668eed --- /dev/null +++ b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_promenade_keystone_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_promenade_keystone_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password17 +... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml new file mode 100644 index 00000000..99d8d8b8 --- /dev/null +++ b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_rabbitmq_erlang_cookie.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_rabbitmq_erlang_cookie + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: 111df8c05b0f041d4764 +... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_shipyard_keystone_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_shipyard_keystone_password.yaml new file mode 100644 index 00000000..ff5b8240 --- /dev/null +++ b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_shipyard_keystone_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_shipyard_keystone_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password18 +... diff --git a/deployment_files/site/dev-proxy/secrets/passphrases/ucp_shipyard_postgres_password.yaml b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_shipyard_postgres_password.yaml new file mode 100644 index 00000000..d6c8044c --- /dev/null +++ b/deployment_files/site/dev-proxy/secrets/passphrases/ucp_shipyard_postgres_password.yaml @@ -0,0 +1,11 @@ +--- +schema: deckhand/Passphrase/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_shipyard_postgres_password + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: password19 +... diff --git a/deployment_files/site/dev-proxy/site-definition.yaml b/deployment_files/site/dev-proxy/site-definition.yaml new file mode 100644 index 00000000..87164eea --- /dev/null +++ b/deployment_files/site/dev-proxy/site-definition.yaml @@ -0,0 +1,11 @@ +--- +data: + revision: v1.0u + site_type: single-node-proxy +metadata: + layeringDefinition: {abstract: false, layer: site} + name: dev + schema: metadata/Document/v1 + storagePolicy: cleartext +schema: pegleg/SiteDefinition/v1 +... diff --git a/deployment_files/site/dev-proxy/software/charts/kubernetes/container-networking/etcd.yaml b/deployment_files/site/dev-proxy/software/charts/kubernetes/container-networking/etcd.yaml new file mode 100644 index 00000000..ba982651 --- /dev/null +++ b/deployment_files/site/dev-proxy/software/charts/kubernetes/container-networking/etcd.yaml @@ -0,0 +1,122 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: kubernetes-calico-etcd + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: kubernetes-calico-etcd-global + actions: + - method: merge + path: . + storagePolicy: cleartext + substitutions: + + # Chart source + - src: + schema: pegleg/SoftwareVersions/v1 + name: software-versions + path: .charts.kubernetes.calico.etcd + dest: + path: .source + + # Image versions + - src: + schema: pegleg/SoftwareVersions/v1 + name: software-versions + path: .images.calico.etcd + dest: + path: .values.images.tags + + # IP addresses + - + src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .calico.etcd.service_ip + dest: + path: .values.service.ip + - + src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .calico.etcd.service_ip + dest: + path: .values.anchor.etcdctl_endpoint + + # CAs + - + src: + schema: deckhand/CertificateAuthority/v1 + name: calico-etcd + path: . + dest: + path: .values.secrets.tls.client.ca + - + src: + schema: deckhand/CertificateAuthority/v1 + name: calico-etcd-peer + path: . + dest: + path: .values.secrets.tls.peer.ca + + # Anchor client cert + - + src: + schema: deckhand/Certificate/v1 + name: calico-etcd-anchor + path: . + dest: + path: .values.secrets.anchor.tls.cert + - + src: + schema: deckhand/CertificateKey/v1 + name: calico-etcd-anchor + path: . + dest: + path: .values.secrets.anchor.tls.key + + # Node names + - + src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .genesis.hostname + dest: + path: .values.nodes[0].name + + # Server certs + - + src: + schema: deckhand/Certificate/v1 + name: calico-etcd-genesis + path: . + dest: + path: .values.nodes[0].tls.client.cert + - + src: + schema: deckhand/CertificateKey/v1 + name: calico-etcd-genesis + path: . + dest: + path: .values.nodes[0].tls.client.key + - + src: + schema: deckhand/Certificate/v1 + name: calico-etcd-genesis-peer + path: . + dest: + path: .values.nodes[0].tls.peer.cert + - + src: + schema: deckhand/CertificateKey/v1 + name: calico-etcd-genesis-peer + path: . + dest: + path: .values.nodes[0].tls.peer.key + +data: {} + +... diff --git a/deployment_files/site/dev-proxy/software/charts/kubernetes/etcd/etcd.yaml b/deployment_files/site/dev-proxy/software/charts/kubernetes/etcd/etcd.yaml new file mode 100644 index 00000000..1bd02c83 --- /dev/null +++ b/deployment_files/site/dev-proxy/software/charts/kubernetes/etcd/etcd.yaml @@ -0,0 +1,121 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: kubernetes-etcd + layeringDefinition: + abstract: false + layer: site + parentSelector: + name: kubernetes-etcd-global + actions: + - method: merge + path: . + storagePolicy: cleartext + substitutions: + + # Chart source + - src: + schema: pegleg/SoftwareVersions/v1 + name: software-versions + path: .charts.kubernetes.etcd + dest: + path: .source + + # Images + - src: + schema: pegleg/SoftwareVersions/v1 + name: software-versions + path: .images.kubernetes.etcd + dest: + path: .values.images.tags + + # IP addresses + - + src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .kubernetes.etcd_service_ip + dest: + path: .values.service.ip + - + src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .kubernetes.etcd_service_ip + dest: + path: .values.anchor.etcdctl_endpoint + + # CAs + - + src: + schema: deckhand/CertificateAuthority/v1 + name: kubernetes-etcd + path: . + dest: + path: .values.secrets.tls.client.ca + - + src: + schema: deckhand/CertificateAuthority/v1 + name: kubernetes-etcd-peer + path: . + dest: + path: .values.secrets.tls.peer.ca + + - + src: + schema: deckhand/Certificate/v1 + name: kubernetes-etcd-anchor + path: . + dest: + path: .values.secrets.anchor.tls.cert + - + src: + schema: deckhand/CertificateKey/v1 + name: kubernetes-etcd-anchor + path: . + dest: + path: .values.secrets.anchor.tls.key + + # Node names + - + src: + schema: dev/Configurables/v1 + name: dev-configurables + path: .hostname + dest: + path: .values.nodes[0].name + + # Server certs + - + src: + schema: deckhand/Certificate/v1 + name: kubernetes-etcd-genesis + path: . + dest: + path: '.values.nodes[0].tls.client.cert' + - + src: + schema: deckhand/CertificateKey/v1 + name: kubernetes-etcd-genesis + path: . + dest: + path: '.values.nodes[0].tls.client.key' + - + src: + schema: deckhand/Certificate/v1 + name: kubernetes-etcd-genesis-peer + path: . + dest: + path: '.values.nodes[0].tls.peer.cert' + - + src: + schema: deckhand/CertificateKey/v1 + name: kubernetes-etcd-genesis-peer + path: . + dest: + path: '.values.nodes[0].tls.peer.key' + +data: {} + +... diff --git a/deployment_files/site/dev-proxy/software/configs/endpoints.yaml b/deployment_files/site/dev-proxy/software/configs/endpoints.yaml new file mode 100644 index 00000000..5a8558af --- /dev/null +++ b/deployment_files/site/dev-proxy/software/configs/endpoints.yaml @@ -0,0 +1,235 @@ +--- +schema: pegleg/EndpointCatalogue/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_endpoints + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + ucp: + identity: + namespace: ucp + name: keystone + hosts: + default: keystone-api + public: keystone + host_fqdn_override: + default: null + path: + default: /v3 + scheme: + default: http + port: + admin: + default: 35357 + api: + default: 80 + armada: + name: armada + hosts: + default: armada-api + public: armada + port: + api: + default: 8000 + path: + default: /api/v1.0 + scheme: + default: http + host_fqdn_override: + default: null + deckhand: + name: deckhand + hosts: + default: deckhand-int + public: deckhand-api + port: + api: + default: 9000 + path: + default: /api/v1.0 + scheme: + default: http + host_fqdn_override: + default: null + postgresql: + name: postgresql + hosts: + default: postgresql + path: /DB_NAME + scheme: postgresql+psycopg2 + port: + postgresql: + default: 5432 + host_fqdn_override: + default: null + oslo_db: + hosts: + default: mariadb + discovery: mariadb-discovery + host_fqdn_override: + default: null + path: /DB_NAME + scheme: mysql+pymysql + port: + mysql: + default: 3306 + wsrep: + default: 4567 + key_manager: + name: barbican + hosts: + default: barbican-api + public: barbican + host_fqdn_override: + default: null + path: + default: /v1 + scheme: + default: http + port: + api: + default: 9311 + public: 80 + oslo_messaging: + namespace: null + hosts: + default: rabbitmq + host_fqdn_override: + default: null + path: /openstack + scheme: rabbit + port: + amqp: + default: 5672 + oslo_cache: + hosts: + default: memcached + host_fqdn_override: + default: null + port: + memcache: + default: 11211 + physicalprovisioner: + name: drydock + hosts: + default: drydock-api + port: + api: + default: 9000 + nodeport: 31900 + path: + default: /api/v1.0 + scheme: + default: http + host_fqdn_override: + default: null + maas_region_ui: + name: maas-region-ui + hosts: + default: maas-region-ui + public: maas + path: + default: /MAAS + scheme: + default: "http" + port: + region_ui: + default: 80 + public: 80 + host_fqdn_override: + default: null + kubernetesprovisioner: + name: promenade + hosts: + default: promenade-api + port: + api: + default: 80 + path: + default: /api/v1.0 + scheme: + default: http + host_fqdn_override: + default: null + shipyard: + name: shipyard + hosts: + default: shipyard-int + public: shipyard-api + port: + api: + default: 9000 + public: 80 + path: + default: /api/v1.0 + scheme: + default: http + host_fqdn_override: + default: null + airflow_web: + name: airflow-web + hosts: + default: airflow-web-int + public: airflow-web + port: + airflow_web: + default: 8080 + path: + default: / + scheme: + default: http + host_fqdn_override: + default: null + airflow_flower: + name: airflow-flower + hosts: + default: airflow-flower + port: + airflow_flower: + default: 5555 + path: + default: / + scheme: + default: http + host_fqdn_override: + default: null + ceph: + object_store: + name: swift + namespace: ceph + hosts: + default: ceph-rgw + host_fqdn_override: + default: null + path: + default: /swift/v1 + scheme: + default: http + port: + api: + default: 8088 + ceph_mon: + namespace: ceph + hosts: + default: ceph-mon + discovery: ceph-mon-discovery + host_fqdn_override: + default: null + port: + mon: + default: 6789 + ceph_mgr: + namespace: ceph + hosts: + default: ceph-mgr + host_fqdn_override: + default: null + port: + mgr: + default: 7000 + scheme: + default: http +... diff --git a/deployment_files/site/dev-proxy/software/configs/service_accounts.yaml b/deployment_files/site/dev-proxy/software/configs/service_accounts.yaml new file mode 100644 index 00000000..50e1abc4 --- /dev/null +++ b/deployment_files/site/dev-proxy/software/configs/service_accounts.yaml @@ -0,0 +1,124 @@ +--- +schema: pegleg/AccountCatalogue/v1 +metadata: + schema: metadata/Document/v1 + name: ucp_service_accounts + layeringDefinition: + abstract: false + layer: site + storagePolicy: cleartext +data: + ucp: + postgres: + admin: + username: postgres + oslo_db: + admin: + username: root + oslo_messaging: + admin: + username: rabbitmq + keystone: + admin: + region_name: RegionOne + username: admin + project_name: admin + user_domain_name: default + project_domain_name: default + oslo_messaging: + admin: + username: rabbitmq + keystone: + username: keystone + oslo_db: + username: keystone + database: keystone + promenade: + keystone: + region_name: RegionOne + role: admin + project_name: service + project_domain_name: default + user_domain_name: default + username: promenade + drydock: + keystone: + region_name: RegionOne + role: admin + project_name: service + project_domain_name: default + user_domain_name: default + username: drydock + postgres: + username: drydock + database: drydock + shipyard: + keystone: + region_name: RegionOne + role: admin + project_name: service + project_domain_name: default + user_domain_name: default + username: shipyard + postgres: + username: shipyard + database: shipyard + airflow: + postgres: + username: airflow + database: airflow + oslo_messaging: + username: rabbitmq + maas: + admin: + username: admin + email: none@none + postgres: + username: maas + database: maasdb + barbican: + keystone: + region_name: RegionOne + role: admin + project_name: service + project_domain_name: default + user_domain_name: default + username: barbican + oslo_db: + username: barbican + database: barbican + oslo_messaging: + admin: + username: rabbitmq + keystone: + username: keystone + armada: + keystone: + project_domain_name: default + user_domain_name: default + project_name: service + region_name: RegionOne + role: admin + user_domain_name: default + username: armada + deckhand: + keystone: + region_name: RegionOne + role: admin + project_name: service + project_domain_name: default + user_domain_name: default + username: deckhand + postgres: + username: deckhand + database: deckhand + ceph: + swift: + keystone: + role: admin + region_name: RegionOne + username: swift + project_name: service + user_domain_name: default + project_domain_name: default +... diff --git a/deployment_files/type/single-node-proxy/v1.0u/network/KubernetesNetwork.yaml b/deployment_files/type/single-node-proxy/v1.0u/network/KubernetesNetwork.yaml new file mode 100644 index 00000000..6dbe210a --- /dev/null +++ b/deployment_files/type/single-node-proxy/v1.0u/network/KubernetesNetwork.yaml @@ -0,0 +1,101 @@ +--- +schema: promenade/KubernetesNetwork/v1 +metadata: + schema: metadata/Document/v1 + name: kubernetes-network + layeringDefinition: + abstract: false + layer: type + storagePolicy: cleartext + substitutions: + # DNS + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .dns.cluster_domain + dest: + path: .dns.cluster_domain + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .dns.service_ip + dest: + path: .dns.service_ip + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .dns.upstream_servers + dest: + path: .dns.upstream_servers + + # HTTP Proxy config + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .proxy.https + dest: + path: .proxy.url + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .proxy.no_proxy + dest: + path: .proxy.additional_no_proxy[0] + + # Kubernetes IPs + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .kubernetes.api_service_ip + dest: + path: .kubernetes.service_ip + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .kubernetes.pod_cidr + dest: + path: .kubernetes.pod_cidr + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .kubernetes.service_cidr + dest: + path: .kubernetes.service_cidr + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .kubernetes.etcd_service_ip + dest: + path: .etcd.service_ip + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .etcd.container_port + dest: + path: .etcd.container_port + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .etcd.haproxy_port + dest: + path: .etcd.haproxy_port + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .kubernetes.apiserver_port + dest: + path: .kubernetes.apiserver_port + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .kubernetes.haproxy_port + dest: + path: .kubernetes.haproxy_port + +data: + dns: + bootstrap_validation_checks: + - calico-etcd.kube-system.svc.cluster.local + - kubernetes-etcd.kube-system.svc.cluster.local + - kubernetes.default.svc.cluster.local +... diff --git a/deployment_files/type/single-node-proxy/v1.0u/software/charts/ucp/drydock/maas.yaml b/deployment_files/type/single-node-proxy/v1.0u/software/charts/ucp/drydock/maas.yaml new file mode 100644 index 00000000..9f87358d --- /dev/null +++ b/deployment_files/type/single-node-proxy/v1.0u/software/charts/ucp/drydock/maas.yaml @@ -0,0 +1,29 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: ucp-maas + replacement: true + layeringDefinition: + abstract: false + layer: type + parentSelector: + name: ucp-maas + actions: + - method: merge + path: . + storagePolicy: cleartext + substitutions: + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .proxy.https + - dest: + path: .values.conf.maas.proxy.proxy_server +data: + values: + conf: + maas: + proxy: + proxy_enabled: 'true' +... diff --git a/deployment_files/type/single-node-proxy/v1.0u/software/charts/ucp/promenade/promenade.yaml b/deployment_files/type/single-node-proxy/v1.0u/software/charts/ucp/promenade/promenade.yaml new file mode 100644 index 00000000..c88f5a6f --- /dev/null +++ b/deployment_files/type/single-node-proxy/v1.0u/software/charts/ucp/promenade/promenade.yaml @@ -0,0 +1,37 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: ucp-promenade + replacement: true + layeringDefinition: + abstract: false + layer: type + parentSelector: + name: ucp-promenade + actions: + - method: merge + path: . + storagePolicy: cleartext + substitutions: + # HTTP Proxy env + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .proxy.http + dest: + path: .values.pod.env.promenade_api.http_proxy + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .proxy.https + dest: + path: .values.pod.env.promenade_api.https_proxy + - src: + schema: pegleg/CommonAddresses/v1 + name: common-addresses + path: .proxy.no_proxy + dest: + path: .values.pod.env.promenade_api.no_proxy +data: {} +... diff --git a/manifests/dev_single_node/README.txt b/manifests/dev_single_node/README.txt index 36dc9b65..3e6e614a 100644 --- a/manifests/dev_single_node/README.txt +++ b/manifests/dev_single_node/README.txt @@ -50,6 +50,12 @@ export UCP_INTEGRATION_REFSPEC="refs/changes/03/404203/32" export PEGLEG_IMAGE="artifacts-aic.atlantafoundry.com/att-comdev/pegleg:f019b4ff594db7d13a2ac444c001f867b3a67c50" 9) source set-env.sh + +NOTE: If running this behind a corporate proxy, you will need to update the + file deployment_files/site/dev-proxy/networks/common-addresses.yaml to + specify your proxy server and appropriate no_proxy list. Also change set-env.sh + to use TARGET_SITE of 'dev-proxy'. + 10) ./deploy-ucp.sh If you want to stop the deployment before it starts running genesis and inspect @@ -59,7 +65,7 @@ trigger the genesis steps. Next Steps ---------- All of the documents used for a subsequent deploy_site action are now placed -into the /root/deploy/site direectory for ease of use - instructions are +into the /root/deploy/site directory for ease of use - instructions are provided by the script at the end of a successful genesis process. In the same directory as the deploy-ucp.sh script, there is a file creds.sh diff --git a/manifests/dev_single_node/set-env.sh b/manifests/dev_single_node/set-env.sh index bb8f7d1d..8098248d 100644 --- a/manifests/dev_single_node/set-env.sh +++ b/manifests/dev_single_node/set-env.sh @@ -48,4 +48,6 @@ export NODE_NET_IFACE=ens3 # export WORKSPACE="/root/deploy" # The site to deploy -#export TARGET_SITE="dev" +export TARGET_SITE="dev" +# If running behind a proxy +# export TARGET_SITE="dev-proxy"