A configuration management service with support for secrets.
Go to file
Felipe Monteiro f711a83ee7 docs: Add documentation on data redaction
This patch set adds documentation related to data redaction in
order to capture the purpose behind it and how it adds an
added layer of security to Deckhand.

Change-Id: Icb28970684a9026fda200273a14d9ba421f627d7
2018-10-20 14:48:19 -04:00
alembic Fix typo 2018-09-09 23:02:08 -04:00
charts/deckhand Fix: various documentation and URL fixes 2018-09-25 11:44:57 +02:00
deckhand Redacts Raw Documents 2018-10-19 23:56:12 -05:00
doc docs: Add documentation on data redaction 2018-10-20 14:48:19 -04:00
etc/deckhand Redacts Raw Documents 2018-10-19 23:56:12 -05:00
images/deckhand Fix: git commit id labels on images 2018-09-21 03:31:12 +02:00
releasenotes style(pep8): remove identation ignores 2018-06-01 22:08:42 +00:00
tools Adding image tags on every commit 2018-10-11 09:04:21 +02:00
.coveragerc Add Deckhand coverage job 2017-08-15 16:11:35 -04:00
.dockerignore Collect profile data on DH requests 2018-02-15 13:09:16 -05:00
.gitignore Add integration tests job to .zuul.yaml 2018-07-03 02:07:19 +00:00
.gitreview Update .gitreview for openstack infra 2018-05-17 19:21:56 +01:00
.stestr.conf Switch to stestr 2018-03-28 13:06:46 -04:00
.zuul.yaml Merge "Adding image tags on every commit" 2018-10-16 13:43:49 +00:00
alembic.ini [396582] Add alembic support to Deckhand 2018-04-06 23:30:16 -04:00
entrypoint.sh [fix] Drop deckhand.conf from default DECKHAND_CONF_DIR path 2018-04-07 00:20:47 -04:00
HACKING.rst Add sphinx job for auto-generating docs 2017-09-21 16:16:23 +01:00
LICENSE Update Apache LICENSE 2018-05-10 22:25:14 +01:00
Makefile Fix: various documentation and URL fixes 2018-09-25 11:44:57 +02:00
README.rst Merge "docs: Reorganize documentation structure" 2018-10-05 20:49:07 +00:00
requirements.txt fix: Pin down Deckhand package requirements 2018-10-18 02:36:35 +01:00
REVIEWING.rst docs: Add developer overview documentation 2018-06-20 15:00:46 -04:00
setup.cfg Fix: various documentation and URL fixes 2018-09-25 11:44:57 +02:00
setup.py Oslo config integration (#1) 2017-06-26 16:57:50 -07:00
test-requirements.txt fix: Pin down Deckhand package requirements 2018-10-18 02:36:35 +01:00
tox.ini Replace Chinese quotes with English quotes 2018-09-20 07:29:27 -04:00

Deckhand

Docker Repository on Quay Doc Status

Deckhand provides document revision management, storage and mutation functionality upon which the rest of the Airship components rely for orchestration of infrastructure provisioning. Deckhand understands declarative YAML documents that define, end-to-end, the configuration of sites: from the hardware -- encompassing network topology and hardware and host profile information -- up to the software level that comprises the overcloud.

Core Responsibilities

  • layering - helps reduce duplication in configuration by applying the notion of inheritance to documents
  • substitution - provides separation between secret data and other configuration data for security purposes and reduces data duplication by allowing common data to be defined once and substituted elsewhere dynamically
  • revision history - maintains well-defined collections of documents within immutable revisions that are meant to operate together, while providing the ability to rollback to previous revisions
  • validation - allows services to implement and register different kinds of validations and report errors
  • secret management - leverages existing OpenStack APIs -- namely Barbican -- to reliably and securely store sensitive data

Getting Started

For more detailed installation and setup information, please refer to the Getting Started guide.

Integration Points

Deckhand has the following integration points:

Note

Currently, other database back-ends are not supported.

Though, being a low-level service, has many other Airship services that integrate with it, including:

  • Drydock is orchestrated by Shipyard to perform bare metal node provisioning.
  • Promenade is indirectly orchestrated by Shipyard to configure and join Kubernetes nodes.
  • Armada is orchestrated by Shipyard to deploy and test Kubernetes workloads.

Further Reading

Airship.