Go to file

Carter, Matt (mc981n) 460eb7fb6c Add retries to Barbican secret create

Occasionally when Deckhand is creating secrets in Barbican, Barbican
encounters an error in which a subsequent attempt at creating the
secret would succeed. This patch set adds logic to the Deckhand
Barbican driver to retry secret creates a configurable number of
times to work around this Barbican issue.

Change-Id: I52293195dd708255508949723d89117ce2e32b71

2019-10-04 11:25:50 -05:00

alembic

Fix typo

2018-09-09 23:02:08 -04:00

charts/deckhand

Allow to configure service network policy

2019-09-20 19:50:43 +00:00

deckhand

Add retries to Barbican secret create

2019-10-04 11:25:50 -05:00

doc

Let the Werkzeug package version float

2019-09-11 04:27:17 -05:00

etc/deckhand

Redacts Raw Documents

2018-10-19 23:56:12 -05:00

images/deckhand

Fix for opensuse image build issue.

2019-08-30 08:11:03 -07:00

releasenotes

style(pep8): remove identation ignores

2018-06-01 22:08:42 +00:00

tools

CI: Remove call to deleted Airskiff script

2019-09-20 15:24:25 -05:00

.coveragerc

Add Deckhand coverage job

2017-08-15 16:11:35 -04:00

.dockerignore

Collect profile data on DH requests

2018-02-15 13:09:16 -05:00

.gitignore

docs: Use sphinx-apidoc library for autodoc compatibility

2018-10-27 22:52:39 +01:00

.gitreview

OpenDev Migration Patch

2019-04-19 19:52:20 +00:00

.stestr.conf

Switch to stestr

2018-03-28 13:06:46 -04:00

.zuul.yaml

Add Python 3 Train unit tests

2019-08-13 02:57:49 +00:00

alembic.ini

[396582] Add alembic support to Deckhand

2018-04-06 23:30:16 -04:00

bindep.txt

Embed UML generated diagrams into docs, fix docs build

2019-02-14 13:55:44 +01:00

entrypoint.sh

[fix] Drop deckhand.conf from default DECKHAND_CONF_DIR path

2018-04-07 00:20:47 -04:00

HACKING.rst

Update url in HACKING.rst

2018-11-15 00:22:41 +08:00

LICENSE

Update Apache LICENSE

2018-05-10 22:25:14 +01:00

Makefile

Adding opensuse image build for deckhand

2019-05-30 17:22:57 +00:00

README.rst

Merge "docs: Reorganize documentation structure"

2018-10-05 20:49:07 +00:00

requirements.txt

Let the Werkzeug package version float

2019-09-11 04:27:17 -05:00

REVIEWING.rst

docs: Add developer overview documentation

2018-06-20 15:00:46 -04:00

setup.cfg

Add Python 3 Train unit tests

2019-08-13 02:57:49 +00:00

setup.py

Oslo config integration (#1 )

2017-06-26 16:57:50 -07:00

test-requirements.txt

Pin back amqp version

2019-10-02 11:57:14 -05:00

tox.ini

Add Python 3 Train unit tests

2019-08-13 02:57:49 +00:00

README.rst

Deckhand

Deckhand provides document revision management, storage and mutation functionality upon which the rest of the Airship components rely for orchestration of infrastructure provisioning. Deckhand understands declarative YAML documents that define, end-to-end, the configuration of sites: from the hardware -- encompassing network topology and hardware and host profile information -- up to the software level that comprises the overcloud.

Free software: Apache license
Documentation: https://airship-deckhand.readthedocs.io/en/latest/
Source: https://git.openstack.org/cgit/openstack/airship-deckhand
Bugs: https://storyboard.openstack.org/#!/project/1004
Release notes: https://airship-deckhand.readthedocs.io/en/latest/releasenotes/index.html

Core Responsibilities

layering - helps reduce duplication in configuration by applying the notion of inheritance to documents
substitution - provides separation between secret data and other configuration data for security purposes and reduces data duplication by allowing common data to be defined once and substituted elsewhere dynamically
revision history - maintains well-defined collections of documents within immutable revisions that are meant to operate together, while providing the ability to rollback to previous revisions
validation - allows services to implement and register different kinds of validations and report errors
secret management - leverages existing OpenStack APIs -- namely Barbican -- to reliably and securely store sensitive data

Getting Started

For more detailed installation and setup information, please refer to the Getting Started guide.

Integration Points

Deckhand has the following integration points:

Barbican (OpenStack Key Manager) provides secure storage for sensitive data.

Keystone (OpenStack Identity service) provides authentication and support for role based authorization.

PostgreSQL is used to persist information to correlate workflows with users and history of workflow commands.

Note

Currently, other database back-ends are not supported.

Though, being a low-level service, has many other Airship services that integrate with it, including:

Drydock is orchestrated by Shipyard to perform bare metal node provisioning.

Promenade is indirectly orchestrated by Shipyard to configure and join Kubernetes nodes.

Armada is orchestrated by Shipyard to deploy and test Kubernetes workloads.

README.rst

Deckhand

Core Responsibilities

Getting Started

Integration Points

Further Reading