A configuration management service with support for secrets.
a8660a7e53
This patch set reorganizes Deckhand's documentation structure for better organization into 3 distinct categories: * developer's guide * operator's guide * user's guide This means that the RTD navigation menu on the left-hand side will have fewer links (see list above) making navigation much easier. This is similar to how Armada organizes its documentation too. This patch set also updates README section with a better overview and trims some fat from it (remove testing documentation as it doesn't really belong there -- there is a dedicated page for that already). Finally, this patch set changes the exceptions page to render as a basic list of autoexception classes because the current tabularized view is not rendering correctly on RTD [0]. [0] https://airship-deckhand.readthedocs.io/en/latest/exceptions.html Change-Id: I162383bf8e3bbd5004603c979ac7b0d760a210c4 |
||
|---|---|---|
| alembic | ||
| charts/deckhand | ||
| deckhand | ||
| doc | ||
| etc/deckhand | ||
| images/deckhand | ||
| releasenotes | ||
| tools | ||
| .coveragerc | ||
| .dockerignore | ||
| .gitignore | ||
| .gitreview | ||
| .stestr.conf | ||
| .zuul.yaml | ||
| alembic.ini | ||
| entrypoint.sh | ||
| HACKING.rst | ||
| LICENSE | ||
| Makefile | ||
| README.rst | ||
| requirements.txt | ||
| REVIEWING.rst | ||
| setup.cfg | ||
| setup.py | ||
| test-requirements.txt | ||
| tox.ini | ||
Deckhand
Deckhand provides document revision management, storage and mutation functionality upon which the rest of the Airship components rely for orchestration of infrastructure provisioning. Deckhand understands declarative YAML documents that define, end-to-end, the configuration of sites: from the hardware -- encompassing network topology and hardware and host profile information -- up to the software level that comprises the overcloud.
- Free software: Apache license
- Documentation: https://airship-deckhand.readthedocs.io/en/latest/
- Source: https://git.openstack.org/cgit/openstack/airship-deckhand
- Bugs: https://storyboard.openstack.org/#!/project/1004
- Release notes: https://airship-deckhand.readthedocs.io/en/latest/releasenotes/index.html
Core Responsibilities
- layering - helps reduce duplication in configuration by applying the notion of inheritance to documents
- substitution - provides separation between secret data and other configuration data for security purposes and reduces data duplication by allowing common data to be defined once and substituted elsewhere dynamically
- revision history - maintains well-defined collections of documents within immutable revisions that are meant to operate together, while providing the ability to rollback to previous revisions
- validation - allows services to implement and register different kinds of validations and report errors
- secret management - leverages existing OpenStack APIs -- namely Barbican -- to reliably and securely store sensitive data
Getting Started
For more detailed installation and setup information, please refer to the Getting Started guide.
Integration Points
Deckhand has the following integration points:
- Barbican (OpenStack Key Manager) provides secure storage for sensitive data.
- Keystone (OpenStack Identity service) provides authentication and support for role based authorization.
- PostgreSQL is used to persist information to correlate workflows with users and history of workflow commands.
Note
Currently, other database back-ends are not supported.
Though, being a low-level service, has many other Airship services that integrate with it, including: