StarlingX System Configuration Management

Go to file

Bin Qian 8df382b256 Add cert-mon service Add new certificate monitoring service. This is a service to perform monitoring certificates of admin endpoint, admin endpoint subcloud intermediate CA, and admin endpoint DC root CA. The certificates are managed and renewed by cert-manager. This change includes monitoring admin endpoint certificate and apply the new certificate (crt+key) to be used by haproxy for admin endpoint https. admin endpoint certificate renew will also replace the private key. The implementation is a workaround to delete the secret so that cert-manager regenerate the certificate with new private key. Currently cert-manager has a bug preventing rekey when renewing cert. Monitoring of intermediate CA and DC root CA will be coming soon. Passed TCs: 1. provisioned cert-mon service on system controller and subcloud controller, successfully swact 2. simulate endpoint certificate renew by shorten the endpoint certificate expiry time. observed the certificate (/etc/ssl/private/admin-ep-cert.pem) updated. verify admin endpoints accessible (local or remotely) verify admin endpoints accessible after haproxy restart 3. simulate an action to fail (hardcoded) and observe the action being configured number reattempted before giving up. Story: 2007347 Task: 40168 Depends-on https://review.opendev.org/#/c/739890 Depends-on https://review.opendev.org/#/c/741511 Depends-on https://review.opendev.org/#/c/741993 Change-Id: Ie341e2e4896c291b7485e95c89c5c3f370ffea00		2020-07-20 14:06:31 -04:00
api-ref/source	Update API documentation	2020-07-15 20:47:59 +08:00
config-gate	Add auto-versioning to starlingx/config packages	2020-05-20 14:11:21 +00:00
controllerconfig	Backup fm.conf during simplex upgrade	2020-07-14 17:27:21 -04:00
devstack	Followup opendev cleanup and test jobs	2019-04-20 21:04:15 -05:00
doc	Switch to newer openstackdocstheme and reno versions	2020-06-04 14:13:51 +02:00
playbooks/tox-puppet-lint	Fixing puppet-lint failures in zuul	2019-06-26 11:30:59 -05:00
releasenotes	Switch to newer openstackdocstheme and reno versions	2020-06-04 14:13:51 +02:00
storageconfig	Add auto-versioning to starlingx/config packages	2020-05-20 14:11:21 +00:00
sysinv	Add cert-mon service	2020-07-20 14:06:31 -04:00
tmp/patch-scripts/EXAMPLE_SYSINV/scripts	StarlingX open source release updates	2018-05-31 07:35:52 -07:00
tools/docker/images	Enable kubernetes SCTPSupport feature	2019-09-03 19:23:05 +00:00
tsconfig	Configure dcmanager user for endpoint_cache	2020-06-18 22:00:20 -04:00
workerconfig	Add auto-versioning to starlingx/config packages	2020-05-20 14:11:21 +00:00
.gitignore	Minor zuul and tox file cleanup after manifest re-org	2019-09-06 15:40:37 -05:00
.gitreview	OpenDev Migration Patch	2019-04-19 19:52:42 +00:00
.yamllint	clear yamllint errors under stx-config	2018-09-12 21:11:57 +08:00
.zuul.yaml	Adding job to upload commits to GitHub	2020-02-05 13:30:45 -05:00
CONTRIBUTORS.wrs	StarlingX open source release updates	2018-05-31 07:35:52 -07:00
LICENSE	StarlingX open source release updates	2018-05-31 07:35:52 -07:00
README.rst	StarlingX open source release updates	2018-05-31 07:35:52 -07:00
centos_build_layer.cfg	Build layering, add layer build config file	2019-10-15 12:29:05 +08:00
centos_dev_wheels.inc	Config file changes to add 'tsconfig' after relocation from 'update'	2019-09-05 11:51:05 -04:00
centos_helm.inc	Infrastructure and Cluster Monitoring	2019-08-21 17:19:54 -04:00
centos_iso_image.inc	Add cert-mon service	2020-07-20 14:06:31 -04:00
centos_pkg_dirs	Add cert-mon service	2020-07-20 14:06:31 -04:00
centos_pkg_dirs_containers	Config file changes for packages relocated to repo 'openstack-armada-app'	2019-09-05 10:42:00 -04:00
centos_stable_wheels.inc	Config file changes to add 'tsconfig' after relocation from 'update'	2019-09-05 11:51:05 -04:00
test-requirements.txt	Properly enable hacking checks for flake8	2018-12-18 11:28:56 -06:00
tox.ini	Update list of skipped bandit plugins.	2019-12-04 09:20:46 -06:00

README.rst

stx-config

StarlingX Configuration Management