Compare commits
28 commits
cosmos-ops
...
main
Author | SHA1 | Date | |
---|---|---|---|
1c22bfb722 | |||
46ade449bb | |||
ca2a3ef1c9 | |||
5df6b70bbf | |||
46a7ccc30f | |||
d71a71f226 | |||
22871236cb | |||
d19f81d0c4 | |||
d6b200faad | |||
1449221f43 | |||
487770e350 | |||
c19aaa5a97 | |||
980adbf867 | |||
c27a2195cc | |||
1c72cff364 | |||
a375ea111f | |||
57e1339000 | |||
f8118ef52d | |||
c65741753c | |||
e61e7654dc | |||
2a103b0da4 | |||
666b81af9c | |||
132a2dd771 | |||
035524863a | |||
4515bafe6c | |||
153a31ae27 | |||
d5c31c0d32 | |||
9df05afe20 |
50 changed files with 2064 additions and 1149 deletions
22
IaC-prod/dnsoutput.tf
Normal file
22
IaC-prod/dnsoutput.tf
Normal file
|
@ -0,0 +1,22 @@
|
|||
output "control_ip_addr_dco" {
|
||||
value = [ for node in resource.openstack_compute_instance_v2.controller-nodes-dco : "knotctl -z sunet.se --ttl 360 -r A -d ${node.access_ip_v4} -n ${node.name}\nknotctl -z sunet.se --ttl 360 -r AAAA -d ${node.access_ip_v6} -n ${node.name}" ]
|
||||
}
|
||||
output "worker_ip_addr_dco" {
|
||||
value = [ for node in resource.openstack_compute_instance_v2.worker-nodes-dco : "knotctl -z sunet.se --ttl 360 -r A -d ${node.access_ip_v4} -n ${node.name}\nknotctl -z sunet.se --ttl 360 -r AAAA -d ${node.access_ip_v6} -n ${node.name}" ]
|
||||
}
|
||||
|
||||
|
||||
output "control_ip_addr_sto3" {
|
||||
value = [ for node in resource.openstack_compute_instance_v2.controller-nodes-sto3 : "knotctl -z sunet.se --ttl 360 -r A -d ${node.access_ip_v4} -n ${node.name}\nknotctl -z sunet.se --ttl 360 -r AAAA -d ${node.access_ip_v6} -n ${node.name}" ]
|
||||
}
|
||||
output "worker_ip_addr_sto3" {
|
||||
value = [ for node in resource.openstack_compute_instance_v2.worker-nodes-sto3 : "knotctl -z sunet.se --ttl 360 -r A -d ${node.access_ip_v4} -n ${node.name}\nknotctl -z sunet.se --ttl 360 -r AAAA -d ${node.access_ip_v6} -n ${node.name}" ]
|
||||
}
|
||||
|
||||
output "control_ip_addr_sto4" {
|
||||
value = [ for node in resource.openstack_compute_instance_v2.controller-nodes-sto4 : "knotctl -z sunet.se --ttl 360 -r A -d ${node.access_ip_v4} -n ${node.name}\nknotctl -z sunet.se --ttl 360 -r AAAA -d ${node.access_ip_v6} -n ${node.name}" ]
|
||||
}
|
||||
output "worker_ip_addr_sto4" {
|
||||
value = [ for node in resource.openstack_compute_instance_v2.worker-nodes-sto4 : "knotctl -z sunet.se --ttl 360 -r A -d ${node.access_ip_v4} -n ${node.name}\nknotctl -z sunet.se --ttl 360 -r AAAA -d ${node.access_ip_v6} -n ${node.name}" ]
|
||||
}
|
||||
|
|
@ -3,3 +3,22 @@ data "openstack_images_image_v2" "debian12image" {
|
|||
name = "debian-12" # Name of image to be used
|
||||
most_recent = true
|
||||
}
|
||||
|
||||
data "openstack_images_image_v2" "debian12image-dco" {
|
||||
name = "debian-12" # Name of image to be used
|
||||
most_recent = true
|
||||
provider = openstack.dco
|
||||
}
|
||||
|
||||
data "openstack_images_image_v2" "debian12image-sto4" {
|
||||
name = "debian-12" # Name of image to be used
|
||||
most_recent = true
|
||||
provider = openstack.sto4
|
||||
}
|
||||
|
||||
data "openstack_images_image_v2" "debian12image-sto3" {
|
||||
name = "debian-12" # Name of image to be used
|
||||
most_recent = true
|
||||
provider = openstack.sto3
|
||||
}
|
||||
|
||||
|
|
138
IaC-prod/k8snodes-dco.tf
Normal file
138
IaC-prod/k8snodes-dco.tf
Normal file
|
@ -0,0 +1,138 @@
|
|||
#
|
||||
# Global DCO definitions
|
||||
#
|
||||
|
||||
locals {
|
||||
dcodc = "dco"
|
||||
dconodenrbase = index(var.datacenters, "dco")
|
||||
dcoindexjump = length(var.datacenters)
|
||||
}
|
||||
|
||||
#
|
||||
# Control node resources DCO
|
||||
#
|
||||
|
||||
resource "openstack_networking_port_v2" "kubecport-dco" {
|
||||
name = "${var.controller_name}${count.index * local.dcoindexjump + 1 + local.dconodenrbase}-${replace(var.dns_suffix,".","-")}-${local.dcodc}-port"
|
||||
# We create as many ports as there are instances created
|
||||
count = var.controllerdcreplicas
|
||||
network_id = data.openstack_networking_network_v2.public-dco.id
|
||||
# A list of security group ID
|
||||
security_group_ids = [
|
||||
resource.openstack_networking_secgroup_v2.ssh-from-jump-hosts-dco.id,
|
||||
resource.openstack_networking_secgroup_v2.microk8s-dco.id,
|
||||
resource.openstack_networking_secgroup_v2.k8s-external-control-dco.id
|
||||
]
|
||||
admin_state_up = "true"
|
||||
provider = openstack.dco
|
||||
}
|
||||
|
||||
# Boot volume for node
|
||||
resource "openstack_blockstorage_volume_v3" "kubecvolumeboot-dco" {
|
||||
count = var.controllerdcreplicas # Replicas per datacenter
|
||||
name = "${var.controller_name}${count.index * local.dcoindexjump + 1 + local.dconodenrbase}-${replace(var.dns_suffix,".","-")}-${local.dcodc}-vol"
|
||||
description = "OS volume for kubernetes worker node ${count.index * local.dcoindexjump + 1 + local.dconodenrbase}"
|
||||
size = 100
|
||||
image_id = data.openstack_images_image_v2.debian12image-dco.id
|
||||
enable_online_resize = true # Allow us to resize volume while attached.
|
||||
provider = openstack.dco
|
||||
}
|
||||
|
||||
resource "openstack_compute_instance_v2" "controller-nodes-dco" {
|
||||
count = var.controllerdcreplicas # Replicas per datacenter
|
||||
name = "${var.controller_name}${count.index * local.dcoindexjump + 1 + local.dconodenrbase}.${var.dns_suffix}"
|
||||
flavor_name = "${var.controller_instance_type}"
|
||||
key_pair = "${var.keynameworkers}"
|
||||
provider = openstack.dco
|
||||
security_groups = [
|
||||
resource.openstack_networking_secgroup_v2.microk8s-dco.name,
|
||||
resource.openstack_networking_secgroup_v2.ssh-from-jump-hosts-dco.name,
|
||||
resource.openstack_networking_secgroup_v2.k8s-external-control-dco.name
|
||||
]
|
||||
|
||||
block_device {
|
||||
uuid = resource.openstack_blockstorage_volume_v3.kubecvolumeboot-dco[count.index].id
|
||||
source_type = "volume"
|
||||
destination_type = "volume"
|
||||
boot_index = 0
|
||||
}
|
||||
|
||||
scheduler_hints {
|
||||
group = openstack_compute_servergroup_v2.controllers-dco.id
|
||||
}
|
||||
network {
|
||||
port = resource.openstack_networking_port_v2.kubecport-dco[count.index].id
|
||||
}
|
||||
}
|
||||
|
||||
#
|
||||
# Worker node resources DCO
|
||||
#
|
||||
|
||||
resource "openstack_networking_port_v2" "kubewport-dco" {
|
||||
name = "${var.worker_name}${count.index * local.dcoindexjump + 1 + local.dconodenrbase}-${replace(var.dns_suffix,".","-")}-${local.dcodc}-port"
|
||||
# We create as many ports as there are instances created
|
||||
count = var.workerdcreplicas
|
||||
network_id = data.openstack_networking_network_v2.public-dco.id
|
||||
# A list of security group ID
|
||||
security_group_ids = [
|
||||
resource.openstack_networking_secgroup_v2.ssh-from-jump-hosts-dco.id,
|
||||
resource.openstack_networking_secgroup_v2.microk8s-dco.id,
|
||||
resource.openstack_networking_secgroup_v2.k8s-external-worker-dco.id
|
||||
]
|
||||
admin_state_up = "true"
|
||||
provider = openstack.dco
|
||||
}
|
||||
|
||||
# Boot volume for node
|
||||
resource "openstack_blockstorage_volume_v3" "kubewvolumeboot-dco" {
|
||||
count = var.workerdcreplicas # Replicas per datacenter
|
||||
name = "${var.worker_name}${count.index * local.dcoindexjump + 1 + local.dconodenrbase}-${replace(var.dns_suffix,".","-")}-${local.dcodc}-vol"
|
||||
description = "OS volume for kubernetes worker node ${count.index * local.dcoindexjump + 1 + local.dconodenrbase}"
|
||||
size = 100
|
||||
image_id = data.openstack_images_image_v2.debian12image-dco.id
|
||||
enable_online_resize = true # Allow us to resize volume while attached.
|
||||
provider = openstack.dco
|
||||
}
|
||||
|
||||
resource "openstack_blockstorage_volume_v3" "kubewvolumerook-dco" {
|
||||
count = var.workerdcreplicas # Replicas per datacenter
|
||||
name = "${var.worker_name}${count.index * local.dcoindexjump + 1 + local.dconodenrbase}-${replace(var.dns_suffix,".","-")}-${local.dcodc}-rook-vol"
|
||||
description = "Rook storage volume for kubernetes worker node ${count.index * local.dcoindexjump + 1 + local.dconodenrbase}"
|
||||
size = 100
|
||||
enable_online_resize = true # Allow us to resize volume while attached.
|
||||
provider = openstack.dco
|
||||
}
|
||||
|
||||
resource "openstack_compute_instance_v2" "worker-nodes-dco" {
|
||||
count = var.workerdcreplicas # Replicas per datacenter
|
||||
name = "${var.worker_name}${count.index * local.dcoindexjump + 1 + local.dconodenrbase}.${var.dns_suffix}"
|
||||
flavor_name = "${var.worker_instance_type}"
|
||||
key_pair = "${var.keynameworkers}"
|
||||
provider = openstack.dco
|
||||
security_groups = [
|
||||
resource.openstack_networking_secgroup_v2.microk8s-dco.name,
|
||||
resource.openstack_networking_secgroup_v2.ssh-from-jump-hosts-dco.name,
|
||||
resource.openstack_networking_secgroup_v2.k8s-external-worker-dco.name
|
||||
]
|
||||
|
||||
block_device {
|
||||
uuid = resource.openstack_blockstorage_volume_v3.kubewvolumeboot-dco[count.index].id
|
||||
source_type = "volume"
|
||||
destination_type = "volume"
|
||||
boot_index = 0
|
||||
}
|
||||
block_device {
|
||||
uuid = resource.openstack_blockstorage_volume_v3.kubewvolumerook-dco[count.index].id
|
||||
source_type = "volume"
|
||||
destination_type = "volume"
|
||||
boot_index = 1
|
||||
}
|
||||
|
||||
scheduler_hints {
|
||||
group = openstack_compute_servergroup_v2.workers-dco.id
|
||||
}
|
||||
network {
|
||||
port = resource.openstack_networking_port_v2.kubewport-dco[count.index].id
|
||||
}
|
||||
}
|
139
IaC-prod/k8snodes-sto3.tf
Normal file
139
IaC-prod/k8snodes-sto3.tf
Normal file
|
@ -0,0 +1,139 @@
|
|||
#
|
||||
# Global definitions sto3
|
||||
#
|
||||
|
||||
locals {
|
||||
sto3dc = "sto3"
|
||||
sto3nodenrbase = index(var.datacenters, "sto3")
|
||||
sto3indexjump = length(var.datacenters)
|
||||
}
|
||||
|
||||
#
|
||||
# Control node resources STO3
|
||||
#
|
||||
|
||||
resource "openstack_networking_port_v2" "kubecport-sto3" {
|
||||
name = "${var.controller_name}${count.index * local.sto3indexjump + 1 + local.sto3nodenrbase}-${replace(var.dns_suffix,".","-")}-${local.sto3dc}-port"
|
||||
# We create as many ports as there are instances created
|
||||
count = var.controllerdcreplicas
|
||||
network_id = data.openstack_networking_network_v2.public-sto3.id
|
||||
# A list of security group ID
|
||||
security_group_ids = [
|
||||
resource.openstack_networking_secgroup_v2.ssh-from-jump-hosts-sto3.id,
|
||||
resource.openstack_networking_secgroup_v2.microk8s-sto3.id,
|
||||
resource.openstack_networking_secgroup_v2.k8s-external-control-sto3.id
|
||||
]
|
||||
admin_state_up = "true"
|
||||
provider = openstack.sto3
|
||||
}
|
||||
|
||||
# Boot volume for node
|
||||
resource "openstack_blockstorage_volume_v3" "kubecvolumeboot-sto3" {
|
||||
count = var.controllerdcreplicas # Replicas per datacenter
|
||||
name = "${var.controller_name}${count.index * local.sto3indexjump + 1 + local.sto3nodenrbase}-${replace(var.dns_suffix,".","-")}-${local.sto3dc}-vol"
|
||||
description = "OS volume for kubernetes worker node ${count.index * local.sto3indexjump + 1 + local.sto3nodenrbase}"
|
||||
size = 100
|
||||
image_id = data.openstack_images_image_v2.debian12image-sto3.id
|
||||
enable_online_resize = true # Allow us to resize volume while attached.
|
||||
provider = openstack.sto3
|
||||
}
|
||||
|
||||
resource "openstack_compute_instance_v2" "controller-nodes-sto3" {
|
||||
count = var.controllerdcreplicas # Replicas per datacenter
|
||||
name = "${var.controller_name}${count.index * local.sto3indexjump + 1 + local.sto3nodenrbase}.${var.dns_suffix}"
|
||||
flavor_name = "${var.controller_instance_type}"
|
||||
key_pair = "${var.keynameworkers}"
|
||||
provider = openstack.sto3
|
||||
security_groups = [
|
||||
resource.openstack_networking_secgroup_v2.microk8s-sto3.name,
|
||||
resource.openstack_networking_secgroup_v2.ssh-from-jump-hosts-sto3.name,
|
||||
resource.openstack_networking_secgroup_v2.k8s-external-control-sto3.name
|
||||
]
|
||||
|
||||
block_device {
|
||||
uuid = resource.openstack_blockstorage_volume_v3.kubecvolumeboot-sto3[count.index].id
|
||||
source_type = "volume"
|
||||
destination_type = "volume"
|
||||
boot_index = 0
|
||||
}
|
||||
|
||||
scheduler_hints {
|
||||
group = openstack_compute_servergroup_v2.controllers-sto3.id
|
||||
}
|
||||
network {
|
||||
port = resource.openstack_networking_port_v2.kubecport-sto3[count.index].id
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
#
|
||||
# Worker node resources STO3
|
||||
#
|
||||
|
||||
resource "openstack_networking_port_v2" "kubewport-sto3" {
|
||||
name = "${var.worker_name}${count.index * local.sto3indexjump + 1 + local.sto3nodenrbase}-${replace(var.dns_suffix,".","-")}-${local.sto3dc}-port"
|
||||
# We create as many ports as there are instances created
|
||||
count = var.workerdcreplicas
|
||||
network_id = data.openstack_networking_network_v2.public-sto3.id
|
||||
# A list of security group ID
|
||||
security_group_ids = [
|
||||
resource.openstack_networking_secgroup_v2.ssh-from-jump-hosts-sto3.id,
|
||||
resource.openstack_networking_secgroup_v2.microk8s-sto3.id,
|
||||
resource.openstack_networking_secgroup_v2.k8s-external-worker-sto3.id
|
||||
]
|
||||
admin_state_up = "true"
|
||||
provider = openstack.sto3
|
||||
}
|
||||
|
||||
# Boot volume for node
|
||||
resource "openstack_blockstorage_volume_v3" "kubewvolumeboot-sto3" {
|
||||
count = var.workerdcreplicas # Replicas per datacenter
|
||||
name = "${var.worker_name}${count.index * local.sto3indexjump + 1 + local.sto3nodenrbase}-${replace(var.dns_suffix,".","-")}-${local.sto3dc}-vol"
|
||||
description = "OS volume for kubernetes worker node ${count.index * local.sto3indexjump + 1 + local.sto3nodenrbase}"
|
||||
size = 100
|
||||
image_id = data.openstack_images_image_v2.debian12image-sto3.id
|
||||
enable_online_resize = true # Allow us to resize volume while attached.
|
||||
provider = openstack.sto3
|
||||
}
|
||||
|
||||
resource "openstack_blockstorage_volume_v3" "kubewvolumerook-sto3" {
|
||||
count = var.workerdcreplicas # Replicas per datacenter
|
||||
name = "${var.worker_name}${count.index * local.sto3indexjump + 1 + local.sto3nodenrbase}-${replace(var.dns_suffix,".","-")}-${local.sto3dc}-rook-vol"
|
||||
description = "Rook storage volume for kubernetes worker node ${count.index * local.sto3indexjump + 1 + local.sto3nodenrbase}"
|
||||
size = 100
|
||||
enable_online_resize = true # Allow us to resize volume while attached.
|
||||
provider = openstack.sto3
|
||||
}
|
||||
|
||||
resource "openstack_compute_instance_v2" "worker-nodes-sto3" {
|
||||
count = var.workerdcreplicas # Replicas per datacenter
|
||||
name = "${var.worker_name}${count.index * local.sto3indexjump + 1 + local.sto3nodenrbase}.${var.dns_suffix}"
|
||||
flavor_name = "${var.worker_instance_type}"
|
||||
key_pair = "${var.keynameworkers}"
|
||||
provider = openstack.sto3
|
||||
security_groups = [
|
||||
resource.openstack_networking_secgroup_v2.microk8s-sto3.name,
|
||||
resource.openstack_networking_secgroup_v2.ssh-from-jump-hosts-sto3.name,
|
||||
resource.openstack_networking_secgroup_v2.k8s-external-worker-sto3.name
|
||||
]
|
||||
|
||||
block_device {
|
||||
uuid = resource.openstack_blockstorage_volume_v3.kubewvolumeboot-sto3[count.index].id
|
||||
source_type = "volume"
|
||||
destination_type = "volume"
|
||||
boot_index = 0
|
||||
}
|
||||
block_device {
|
||||
uuid = resource.openstack_blockstorage_volume_v3.kubewvolumerook-sto3[count.index].id
|
||||
source_type = "volume"
|
||||
destination_type = "volume"
|
||||
boot_index = 1
|
||||
}
|
||||
|
||||
scheduler_hints {
|
||||
group = openstack_compute_servergroup_v2.workers-sto3.id
|
||||
}
|
||||
network {
|
||||
port = resource.openstack_networking_port_v2.kubewport-sto3[count.index].id
|
||||
}
|
||||
}
|
138
IaC-prod/k8snodes-sto4.tf
Normal file
138
IaC-prod/k8snodes-sto4.tf
Normal file
|
@ -0,0 +1,138 @@
|
|||
#
|
||||
# Global definitions for sto4
|
||||
#
|
||||
locals {
|
||||
sto4dc = "sto4"
|
||||
sto4nodenrbase = index(var.datacenters, "sto4")
|
||||
sto4indexjump = length(var.datacenters)
|
||||
}
|
||||
|
||||
#
|
||||
# Controller node resources
|
||||
#
|
||||
|
||||
resource "openstack_networking_port_v2" "kubecport-sto4" {
|
||||
name = "${var.controller_name}${count.index * local.sto4indexjump + 1 + local.sto4nodenrbase}-${replace(var.dns_suffix,".","-")}-${local.sto4dc}-port"
|
||||
# We create as many ports as there are instances created
|
||||
count = var.controllerdcreplicas
|
||||
network_id = data.openstack_networking_network_v2.public-sto4.id
|
||||
# A list of security group ID
|
||||
security_group_ids = [
|
||||
resource.openstack_networking_secgroup_v2.ssh-from-jump-hosts-sto4.id,
|
||||
resource.openstack_networking_secgroup_v2.microk8s-sto4.id,
|
||||
resource.openstack_networking_secgroup_v2.k8s-external-control-sto4.id
|
||||
]
|
||||
admin_state_up = "true"
|
||||
provider = openstack.sto4
|
||||
}
|
||||
|
||||
# Boot volume for node
|
||||
resource "openstack_blockstorage_volume_v3" "kubecvolumeboot-sto4" {
|
||||
count = var.controllerdcreplicas # Replicas per datacenter
|
||||
name = "${var.controller_name}${count.index * local.sto4indexjump + 1 + local.sto4nodenrbase}-${replace(var.dns_suffix,".","-")}-${local.sto4dc}-vol"
|
||||
description = "OS volume for kubernetes worker node ${count.index * local.sto4indexjump + 1 + local.sto4nodenrbase}"
|
||||
size = 100
|
||||
image_id = data.openstack_images_image_v2.debian12image-sto4.id
|
||||
enable_online_resize = true # Allow us to resize volume while attached.
|
||||
provider = openstack.sto4
|
||||
}
|
||||
|
||||
resource "openstack_compute_instance_v2" "controller-nodes-sto4" {
|
||||
count = var.controllerdcreplicas # Replicas per datacenter
|
||||
name = "${var.controller_name}${count.index * local.sto4indexjump + 1 + local.sto4nodenrbase}.${var.dns_suffix}"
|
||||
flavor_name = "${var.controller_instance_type}"
|
||||
key_pair = "${var.keynameworkers}"
|
||||
provider = openstack.sto4
|
||||
security_groups = [
|
||||
resource.openstack_networking_secgroup_v2.microk8s-sto4.name,
|
||||
resource.openstack_networking_secgroup_v2.ssh-from-jump-hosts-sto4.name,
|
||||
resource.openstack_networking_secgroup_v2.k8s-external-control-sto4.name
|
||||
]
|
||||
|
||||
block_device {
|
||||
uuid = resource.openstack_blockstorage_volume_v3.kubecvolumeboot-sto4[count.index].id
|
||||
source_type = "volume"
|
||||
destination_type = "volume"
|
||||
boot_index = 0
|
||||
}
|
||||
|
||||
scheduler_hints {
|
||||
group = openstack_compute_servergroup_v2.controllers-sto4.id
|
||||
}
|
||||
network {
|
||||
port = resource.openstack_networking_port_v2.kubecport-sto4[count.index].id
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
#
|
||||
# Worker node resources
|
||||
#
|
||||
|
||||
resource "openstack_networking_port_v2" "kubewport-sto4" {
|
||||
name = "${var.worker_name}${count.index * local.sto4indexjump + 1 + local.sto4nodenrbase}-${replace(var.dns_suffix,".","-")}-${local.sto4dc}-port"
|
||||
# We create as many ports as there are instances created
|
||||
count = var.workerdcreplicas
|
||||
network_id = data.openstack_networking_network_v2.public-sto4.id
|
||||
# A list of security group ID
|
||||
security_group_ids = [
|
||||
resource.openstack_networking_secgroup_v2.ssh-from-jump-hosts-sto4.id,
|
||||
resource.openstack_networking_secgroup_v2.microk8s-sto4.id,
|
||||
resource.openstack_networking_secgroup_v2.k8s-external-worker-sto4.id
|
||||
]
|
||||
admin_state_up = "true"
|
||||
provider = openstack.sto4
|
||||
}
|
||||
|
||||
# Boot volume for node
|
||||
resource "openstack_blockstorage_volume_v3" "kubewvolumeboot-sto4" {
|
||||
count = var.workerdcreplicas # Replicas per datacenter
|
||||
name = "${var.worker_name}${count.index * local.sto4indexjump + 1 + local.sto4nodenrbase}-${replace(var.dns_suffix,".","-")}-${local.sto4dc}-vol"
|
||||
description = "OS volume for kubernetes worker node ${count.index * local.sto4indexjump + 1 + local.sto4nodenrbase}"
|
||||
size = 100
|
||||
image_id = data.openstack_images_image_v2.debian12image-sto4.id
|
||||
enable_online_resize = true # Allow us to resize volume while attached.
|
||||
provider = openstack.sto4
|
||||
}
|
||||
|
||||
resource "openstack_blockstorage_volume_v3" "kubewvolumerook-sto4" {
|
||||
count = var.workerdcreplicas # Replicas per datacenter
|
||||
name = "${var.worker_name}${count.index * local.sto4indexjump + 1 + local.sto4nodenrbase}-${replace(var.dns_suffix,".","-")}-${local.sto4dc}-rook-vol"
|
||||
description = "Rook storage volume for kubernetes worker node ${count.index * local.sto4indexjump + 1 + local.sto4nodenrbase}"
|
||||
size = 100
|
||||
enable_online_resize = true # Allow us to resize volume while attached.
|
||||
provider = openstack.sto4
|
||||
}
|
||||
|
||||
resource "openstack_compute_instance_v2" "worker-nodes-sto4" {
|
||||
count = var.workerdcreplicas # Replicas per datacenter
|
||||
name = "${var.worker_name}${count.index * local.sto4indexjump + 1 + local.sto4nodenrbase}.${var.dns_suffix}"
|
||||
flavor_name = "${var.worker_instance_type}"
|
||||
key_pair = "${var.keynameworkers}"
|
||||
provider = openstack.sto4
|
||||
security_groups = [
|
||||
resource.openstack_networking_secgroup_v2.microk8s-sto4.name,
|
||||
resource.openstack_networking_secgroup_v2.ssh-from-jump-hosts-sto4.name,
|
||||
resource.openstack_networking_secgroup_v2.k8s-external-worker-sto4.name
|
||||
]
|
||||
|
||||
block_device {
|
||||
uuid = resource.openstack_blockstorage_volume_v3.kubewvolumeboot-sto4[count.index].id
|
||||
source_type = "volume"
|
||||
destination_type = "volume"
|
||||
boot_index = 0
|
||||
}
|
||||
block_device {
|
||||
uuid = resource.openstack_blockstorage_volume_v3.kubewvolumerook-sto4[count.index].id
|
||||
source_type = "volume"
|
||||
destination_type = "volume"
|
||||
boot_index = 1
|
||||
}
|
||||
|
||||
scheduler_hints {
|
||||
group = openstack_compute_servergroup_v2.workers-sto4.id
|
||||
}
|
||||
network {
|
||||
port = resource.openstack_networking_port_v2.kubewport-sto4[count.index].id
|
||||
}
|
||||
}
|
48
IaC-prod/lb.tf
Normal file
48
IaC-prod/lb.tf
Normal file
|
@ -0,0 +1,48 @@
|
|||
|
||||
# Netowrk port
|
||||
resource "openstack_networking_port_v2" "lb1-port-dco" {
|
||||
name = "lb1-${replace(var.dns_suffix,".","-")}-${local.dcodc}-port"
|
||||
network_id = data.openstack_networking_network_v2.public-dco.id
|
||||
# A list of security group ID
|
||||
security_group_ids = [
|
||||
resource.openstack_networking_secgroup_v2.ssh-from-jump-hosts-dco.id,
|
||||
resource.openstack_networking_secgroup_v2.lb-dco.id
|
||||
]
|
||||
admin_state_up = "true"
|
||||
provider = openstack.dco
|
||||
}
|
||||
|
||||
# Boot volume
|
||||
# Boot volume for node
|
||||
resource "openstack_blockstorage_volume_v3" "lb1volumeboot-dco" {
|
||||
name = "lb1-${replace(var.dns_suffix,".","-")}-${local.dcodc}-vol"
|
||||
description = "OS volume for lb1.matrix.test.sunet.se"
|
||||
size = 50
|
||||
image_id = data.openstack_images_image_v2.debian12image-dco.id
|
||||
enable_online_resize = true # Allow us to resize volume while attached.
|
||||
provider = openstack.dco
|
||||
}
|
||||
|
||||
resource "openstack_compute_instance_v2" "lb1-node-dco" {
|
||||
name = "lb1.${var.dns_suffix}"
|
||||
flavor_name = "${var.lb_instance_type}"
|
||||
key_pair = "${var.keynameworkers}"
|
||||
provider = openstack.dco
|
||||
security_groups = [
|
||||
resource.openstack_networking_secgroup_v2.ssh-from-jump-hosts-dco.name,
|
||||
resource.openstack_networking_secgroup_v2.lb-dco.name
|
||||
]
|
||||
|
||||
block_device {
|
||||
uuid = resource.openstack_blockstorage_volume_v3.lb1volumeboot-dco.id
|
||||
source_type = "volume"
|
||||
destination_type = "volume"
|
||||
boot_index = 0
|
||||
}
|
||||
|
||||
network {
|
||||
port = resource.openstack_networking_port_v2.lb1-port-dco.id
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -11,5 +11,23 @@ required_version = ">= 0.14.0"
|
|||
|
||||
# Configure the OpenStack Provider
|
||||
provider "openstack" {
|
||||
cloud = "${var.cloud_name}"
|
||||
cloud = "${var.clouddco_name}"
|
||||
}
|
||||
|
||||
# DCO Matrix Test
|
||||
provider "openstack" {
|
||||
cloud = "${var.clouddco_name}"
|
||||
alias = "dco"
|
||||
}
|
||||
|
||||
# STO3 Matrix test
|
||||
provider "openstack" {
|
||||
cloud = "${var.cloudsto3_name}"
|
||||
alias = "sto3"
|
||||
}
|
||||
|
||||
# STO4 Matrix test
|
||||
provider "openstack" {
|
||||
cloud = "${var.cloudsto4_name}"
|
||||
alias = "sto4"
|
||||
}
|
||||
|
|
46
IaC-prod/mgmt.tf
Normal file
46
IaC-prod/mgmt.tf
Normal file
|
@ -0,0 +1,46 @@
|
|||
|
||||
# Netowrk port
|
||||
resource "openstack_networking_port_v2" "mgmt1-port-dco" {
|
||||
name = "mgmt1-${replace(var.dns_suffix,".","-")}-${local.dcodc}-port"
|
||||
network_id = data.openstack_networking_network_v2.public-dco.id
|
||||
# A list of security group ID
|
||||
security_group_ids = [
|
||||
resource.openstack_networking_secgroup_v2.ssh-from-jump-hosts-dco.id
|
||||
]
|
||||
admin_state_up = "true"
|
||||
provider = openstack.dco
|
||||
}
|
||||
|
||||
# Boot volume
|
||||
# Boot volume for node
|
||||
resource "openstack_blockstorage_volume_v3" "mgmt1volumeboot-dco" {
|
||||
name = "mgmt1-${replace(var.dns_suffix,".","-")}-${local.dcodc}-vol"
|
||||
description = "OS volume for mgmt1.matrix.test.sunet.se"
|
||||
size = 50
|
||||
image_id = data.openstack_images_image_v2.debian12image-dco.id
|
||||
enable_online_resize = true # Allow us to resize volume while attached.
|
||||
provider = openstack.dco
|
||||
}
|
||||
|
||||
resource "openstack_compute_instance_v2" "mgmt1-node-dco" {
|
||||
name = "mgmt1.${var.dns_suffix}"
|
||||
flavor_name = "${var.lb_instance_type}"
|
||||
key_pair = "${var.keynameworkers}"
|
||||
provider = openstack.dco
|
||||
security_groups = [
|
||||
resource.openstack_networking_secgroup_v2.ssh-from-jump-hosts-dco.name
|
||||
]
|
||||
|
||||
block_device {
|
||||
uuid = resource.openstack_blockstorage_volume_v3.mgmt1volumeboot-dco.id
|
||||
source_type = "volume"
|
||||
destination_type = "volume"
|
||||
boot_index = 0
|
||||
}
|
||||
|
||||
network {
|
||||
port = resource.openstack_networking_port_v2.mgmt1-port-dco.id
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -1,3 +1,18 @@
|
|||
data "openstack_networking_network_v2" "public" {
|
||||
name = "public" # Name of network to use.
|
||||
}
|
||||
|
||||
data "openstack_networking_network_v2" "public-dco" {
|
||||
name = "public" # Name of network to use.
|
||||
provider = openstack.dco
|
||||
}
|
||||
|
||||
data "openstack_networking_network_v2" "public-sto4" {
|
||||
name = "public" # Name of network to use.
|
||||
provider = openstack.sto4
|
||||
}
|
||||
|
||||
data "openstack_networking_network_v2" "public-sto3" {
|
||||
name = "public" # Name of network to use.
|
||||
provider = openstack.sto3
|
||||
}
|
||||
|
|
|
@ -1,111 +0,0 @@
|
|||
|
||||
#
|
||||
# Controller node resources
|
||||
#
|
||||
|
||||
resource "openstack_networking_port_v2" "kubecport" {
|
||||
name = "${var.controller_name}${count.index+1}-${replace(var.dns_suffix,".","-")}-port"
|
||||
# We create as many ports as there are instances created
|
||||
count = var.controller_instance_count
|
||||
network_id = data.openstack_networking_network_v2.public.id
|
||||
# A list of security group ID
|
||||
security_group_ids = [
|
||||
data.openstack_networking_secgroup_v2.sshfromjumphosts.id,
|
||||
data.openstack_networking_secgroup_v2.allegress.id,
|
||||
resource.openstack_networking_secgroup_v2.microk8s.id,
|
||||
resource.openstack_networking_secgroup_v2.https.id
|
||||
]
|
||||
admin_state_up = "true"
|
||||
}
|
||||
|
||||
resource "openstack_blockstorage_volume_v3" "kubecvolumeboot" {
|
||||
count = var.controller_instance_count # size of cluster
|
||||
name = "${var.controller_name}${count.index+1}-${replace(var.dns_suffix,".","-")}-vol"
|
||||
description = "OS volume for kubernetes control node ${count.index + 1}"
|
||||
size = 100
|
||||
image_id = data.openstack_images_image_v2.debian12image.id
|
||||
enable_online_resize = true # Allow us to resize volume while attached.
|
||||
}
|
||||
|
||||
resource "openstack_compute_instance_v2" "controller-nodes" {
|
||||
count = var.controller_instance_count
|
||||
name = "${var.controller_name}${count.index+1}.${var.dns_suffix}"
|
||||
flavor_name = "${var.controller_instance_type}"
|
||||
key_pair = "${var.keyname}"
|
||||
security_groups = [
|
||||
data.openstack_networking_secgroup_v2.sshfromjumphosts.name,
|
||||
data.openstack_networking_secgroup_v2.allegress.name,
|
||||
resource.openstack_networking_secgroup_v2.microk8s.name,
|
||||
resource.openstack_networking_secgroup_v2.https.name
|
||||
]
|
||||
block_device {
|
||||
uuid = resource.openstack_blockstorage_volume_v3.kubecvolumeboot[count.index].id
|
||||
source_type = "volume"
|
||||
destination_type = "volume"
|
||||
boot_index = 0
|
||||
}
|
||||
scheduler_hints {
|
||||
group = openstack_compute_servergroup_v2.controllers.id
|
||||
}
|
||||
network {
|
||||
port = resource.openstack_networking_port_v2.kubecport[count.index].id
|
||||
}
|
||||
}
|
||||
|
||||
#
|
||||
# Worker node resources
|
||||
#
|
||||
|
||||
|
||||
#
|
||||
# Controller node resources
|
||||
#
|
||||
|
||||
resource "openstack_networking_port_v2" "kubewport" {
|
||||
name = "${var.worker_name}${count.index+1}-${replace(var.dns_suffix,".","-")}-port"
|
||||
# We create as many ports as there are instances created
|
||||
count = var.controller_instance_count
|
||||
network_id = data.openstack_networking_network_v2.public.id
|
||||
# A list of security group ID
|
||||
security_group_ids = [
|
||||
data.openstack_networking_secgroup_v2.sshfromjumphosts.id,
|
||||
data.openstack_networking_secgroup_v2.allegress.id,
|
||||
resource.openstack_networking_secgroup_v2.microk8s.id
|
||||
]
|
||||
admin_state_up = "true"
|
||||
}
|
||||
|
||||
resource "openstack_blockstorage_volume_v3" "kubewvolumeboot" {
|
||||
count = var.controller_instance_count # size of cluster
|
||||
name = "${var.worker_name}${count.index+1}-${replace(var.dns_suffix,".","-")}-vol"
|
||||
description = "OS volume for kubernetes worker node ${count.index + 1}"
|
||||
size = 100
|
||||
image_id = data.openstack_images_image_v2.debian12image.id
|
||||
enable_online_resize = true # Allow us to resize volume while attached.
|
||||
}
|
||||
|
||||
|
||||
resource "openstack_compute_instance_v2" "worker-nodes" {
|
||||
count = var.worker_instance_count
|
||||
name = "${var.worker_name}${count.index+1}.${var.dns_suffix}"
|
||||
flavor_name = "${var.worker_instance_type}"
|
||||
key_pair = "${var.keyname}"
|
||||
security_groups = [
|
||||
data.openstack_networking_secgroup_v2.sshfromjumphosts.name,
|
||||
data.openstack_networking_secgroup_v2.allegress.name,
|
||||
resource.openstack_networking_secgroup_v2.microk8s.name
|
||||
]
|
||||
|
||||
block_device {
|
||||
uuid = resource.openstack_blockstorage_volume_v3.kubewvolumeboot[count.index].id
|
||||
source_type = "volume"
|
||||
destination_type = "volume"
|
||||
boot_index = 0
|
||||
}
|
||||
scheduler_hints {
|
||||
group = openstack_compute_servergroup_v2.workers.id
|
||||
}
|
||||
network {
|
||||
port = resource.openstack_networking_port_v2.kubewport[count.index].id
|
||||
}
|
||||
}
|
177
IaC-prod/securitygroups-k8s-dco.tf
Normal file
177
IaC-prod/securitygroups-k8s-dco.tf
Normal file
|
@ -0,0 +1,177 @@
|
|||
|
||||
# Security groups dco
|
||||
resource "openstack_networking_secgroup_v2" "microk8s-dco" {
|
||||
name = "microk8s"
|
||||
description = "Traffic to allow between microk8s hosts"
|
||||
provider=openstack.dco
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_v2" "ssh-from-jump-hosts-dco" {
|
||||
name = "ssh-from-jumphosts"
|
||||
description = "Allow ssh traffic from sunet jumphosts."
|
||||
provider=openstack.dco
|
||||
}
|
||||
|
||||
#
|
||||
# Security group rules for microk8s
|
||||
#
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_rule_v4_dco" {
|
||||
count = length(var.k8sports)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = var.k8sports[count.index][keys(var.k8sports[count.index])[0]]
|
||||
port_range_min = keys(var.k8sports[count.index])[0]
|
||||
port_range_max = keys(var.k8sports[count.index])[0]
|
||||
provider = openstack.dco
|
||||
remote_group_id = openstack_networking_secgroup_v2.microk8s-dco.id
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s-dco.id
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_rule_v6_dco" {
|
||||
count = length(var.k8sports)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv6"
|
||||
protocol = var.k8sports[count.index][keys(var.k8sports[count.index])[0]]
|
||||
port_range_min = keys(var.k8sports[count.index])[0]
|
||||
port_range_max = keys(var.k8sports[count.index])[0]
|
||||
provider = openstack.dco
|
||||
remote_group_id = openstack_networking_secgroup_v2.microk8s-dco.id
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s-dco.id
|
||||
}
|
||||
|
||||
#
|
||||
# From STO3 to DCO
|
||||
#
|
||||
|
||||
# Control nodes
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_controller_rule_v4_sto3_to_dco" {
|
||||
count = length(var.k8sports) * length(resource.openstack_compute_instance_v2.controller-nodes-sto3)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-sto3))][keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-sto3))])[0]]
|
||||
port_range_min = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-sto3))])[0]
|
||||
port_range_max = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-sto3))])[0]
|
||||
provider = openstack.dco
|
||||
remote_ip_prefix = join("/", [ resource.openstack_compute_instance_v2.controller-nodes-sto3[count.index % length(resource.openstack_compute_instance_v2.controller-nodes-sto3)].access_ip_v4, "32" ])
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s-dco.id
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_controller_rule_v6_sto3_to_dco" {
|
||||
count = length(var.k8sports) * length(resource.openstack_compute_instance_v2.controller-nodes-sto3)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv6"
|
||||
protocol = var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-sto3))][keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-sto3))])[0]]
|
||||
port_range_min = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-sto3))])[0]
|
||||
port_range_max = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-sto3))])[0]
|
||||
provider = openstack.dco
|
||||
remote_ip_prefix = join("/",[ replace(resource.openstack_compute_instance_v2.controller-nodes-sto3[count.index % length(resource.openstack_compute_instance_v2.controller-nodes-sto3)].access_ip_v6, "/[\\[\\]']/",""), "128"])
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s-dco.id
|
||||
}
|
||||
|
||||
# Worker nodes
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_worker_rule_v4_sto3_to_dco" {
|
||||
count = length(var.k8sports) * length(resource.openstack_compute_instance_v2.worker-nodes-sto3)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-sto3))][keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-sto3))])[0]]
|
||||
port_range_min = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-sto3))])[0]
|
||||
port_range_max = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-sto3))])[0]
|
||||
provider = openstack.dco
|
||||
remote_ip_prefix = join("/", [ resource.openstack_compute_instance_v2.worker-nodes-sto3[count.index % length(resource.openstack_compute_instance_v2.worker-nodes-sto3)].access_ip_v4, "32" ])
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s-dco.id
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_worker_rule_v6_sto3_to_dco" {
|
||||
count = length(var.k8sports) * length(resource.openstack_compute_instance_v2.worker-nodes-sto3)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv6"
|
||||
protocol = var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-sto3))][keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-sto3))])[0]]
|
||||
port_range_min = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-sto3))])[0]
|
||||
port_range_max = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-sto3))])[0]
|
||||
provider = openstack.dco
|
||||
remote_ip_prefix = join("/",[ replace(resource.openstack_compute_instance_v2.worker-nodes-sto3[count.index % length(resource.openstack_compute_instance_v2.worker-nodes-sto3)].access_ip_v6, "/[\\[\\]']/",""), "128"])
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s-dco.id
|
||||
}
|
||||
|
||||
#
|
||||
# From STO4 to DCO
|
||||
#
|
||||
|
||||
#Controllers
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_controller_rule_v4_sto4_to_dco" {
|
||||
count = length(var.k8sports) * length(resource.openstack_compute_instance_v2.controller-nodes-sto4)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-sto4))][keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-sto4))])[0]]
|
||||
port_range_min = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-sto4))])[0]
|
||||
port_range_max = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-sto4))])[0]
|
||||
provider = openstack.dco
|
||||
remote_ip_prefix = join("/", [ resource.openstack_compute_instance_v2.controller-nodes-sto4[count.index % length(resource.openstack_compute_instance_v2.controller-nodes-sto4)].access_ip_v4, "32" ])
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s-dco.id
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_controller_rule_v6_sto4_to_dco" {
|
||||
count = length(var.k8sports) * length(resource.openstack_compute_instance_v2.controller-nodes-sto4)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv6"
|
||||
protocol = var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-sto4))][keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-sto4))])[0]]
|
||||
port_range_min = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-sto4))])[0]
|
||||
port_range_max = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-sto4))])[0]
|
||||
provider = openstack.dco
|
||||
remote_ip_prefix = join("/",[ replace(resource.openstack_compute_instance_v2.controller-nodes-sto4[count.index % length(resource.openstack_compute_instance_v2.controller-nodes-sto4)].access_ip_v6, "/[\\[\\]']/",""), "128"])
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s-dco.id
|
||||
}
|
||||
|
||||
# Workers
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_worker_rule_v4_sto4_to_dco" {
|
||||
count = length(var.k8sports) * length(resource.openstack_compute_instance_v2.worker-nodes-sto4)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-sto4))][keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-sto4))])[0]]
|
||||
port_range_min = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-sto4))])[0]
|
||||
port_range_max = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-sto4))])[0]
|
||||
provider = openstack.dco
|
||||
remote_ip_prefix = join("/", [ resource.openstack_compute_instance_v2.worker-nodes-sto4[count.index % length(resource.openstack_compute_instance_v2.worker-nodes-sto4)].access_ip_v4, "32" ])
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s-dco.id
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_worker_rule_v6_sto4_to_dco" {
|
||||
count = length(var.k8sports) * length(resource.openstack_compute_instance_v2.worker-nodes-sto4)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv6"
|
||||
protocol = var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-sto4))][keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-sto4))])[0]]
|
||||
port_range_min = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-sto4))])[0]
|
||||
port_range_max = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-sto4))])[0]
|
||||
provider = openstack.dco
|
||||
remote_ip_prefix = join("/",[ replace(resource.openstack_compute_instance_v2.worker-nodes-sto4[count.index % length(resource.openstack_compute_instance_v2.worker-nodes-sto4)].access_ip_v6, "/[\\[\\]']/",""), "128"])
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s-dco.id
|
||||
}
|
||||
|
||||
#
|
||||
# Security group rules for ssh-from-jump-hosts
|
||||
#
|
||||
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "ssh-from-jumphosts-v4rules-dco" {
|
||||
count = length(var.jumphostv4-ips)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = "22"
|
||||
port_range_max = "22"
|
||||
provider = openstack.dco
|
||||
remote_ip_prefix = "${var.jumphostv4-ips[count.index]}/32"
|
||||
security_group_id = openstack_networking_secgroup_v2.ssh-from-jump-hosts-dco.id
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "ssh-from-jumphosts-v6rules-dco" {
|
||||
count = length(var.jumphostv6-ips)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv6"
|
||||
protocol = "tcp"
|
||||
port_range_min = "22"
|
||||
port_range_max = "22"
|
||||
provider = openstack.dco
|
||||
remote_ip_prefix = "${var.jumphostv6-ips[count.index]}/128"
|
||||
security_group_id = openstack_networking_secgroup_v2.ssh-from-jump-hosts-dco.id
|
||||
}
|
125
IaC-prod/securitygroups-k8s-external.tf
Normal file
125
IaC-prod/securitygroups-k8s-external.tf
Normal file
|
@ -0,0 +1,125 @@
|
|||
# Security groups for external acccess k8s control nodes in dco.
|
||||
resource "openstack_networking_secgroup_v2" "k8s-external-control-dco" {
|
||||
name = "k8s-external"
|
||||
description = "External ingress traffic to k8s control nodes."
|
||||
provider=openstack.dco
|
||||
}
|
||||
|
||||
# Security groups for external acccess k8s control nodes in sto3.
|
||||
resource "openstack_networking_secgroup_v2" "k8s-external-control-sto3" {
|
||||
name = "k8s-external"
|
||||
description = "External ingress traffic to k8s control nodes."
|
||||
provider=openstack.sto3
|
||||
}
|
||||
# Security groups for external acccess k8s control nodes in sto4.
|
||||
resource "openstack_networking_secgroup_v2" "k8s-external-control-sto4" {
|
||||
name = "k8s-external"
|
||||
description = "External ingress traffic to k8s control nodes."
|
||||
provider=openstack.sto4
|
||||
}
|
||||
|
||||
# Rules dco
|
||||
resource "openstack_networking_secgroup_rule_v2" "k8s_external_ingress_control_rule1_v4_dco" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = "16443"
|
||||
port_range_max = "16443"
|
||||
provider = openstack.dco
|
||||
remote_ip_prefix = "89.47.191.43/32"
|
||||
security_group_id = openstack_networking_secgroup_v2.k8s-external-control-dco.id
|
||||
}
|
||||
|
||||
# Rules sto3
|
||||
resource "openstack_networking_secgroup_rule_v2" "k8s_external_ingress_control_rule1_v4_sto3" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = "16443"
|
||||
port_range_max = "16443"
|
||||
provider = openstack.sto3
|
||||
remote_ip_prefix = "89.47.191.43/32"
|
||||
security_group_id = openstack_networking_secgroup_v2.k8s-external-control-sto3.id
|
||||
}
|
||||
|
||||
# Rules sto4
|
||||
resource "openstack_networking_secgroup_rule_v2" "k8s_external_ingress_control_rule1_v4_sto4" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = "16443"
|
||||
port_range_max = "16443"
|
||||
provider = openstack.sto4
|
||||
remote_ip_prefix = "89.47.191.43/32"
|
||||
security_group_id = openstack_networking_secgroup_v2.k8s-external-control-sto4.id
|
||||
}
|
||||
|
||||
|
||||
# Security groups for external acccess k8s worker nodes in dco.
|
||||
resource "openstack_networking_secgroup_v2" "k8s-external-worker-dco" {
|
||||
name = "k8s-external-worker"
|
||||
description = "External ingress traffic to k8s worker nodes."
|
||||
provider=openstack.dco
|
||||
}
|
||||
|
||||
# Security groups for external acccess k8s worker nodes in sto3.
|
||||
resource "openstack_networking_secgroup_v2" "k8s-external-worker-sto3" {
|
||||
name = "k8s-external-worker"
|
||||
description = "External ingress traffic to k8s worker nodes."
|
||||
provider=openstack.sto3
|
||||
}
|
||||
# Security groups for external acccess k8s worker nodes in sto4.
|
||||
resource "openstack_networking_secgroup_v2" "k8s-external-worker-sto4" {
|
||||
name = "k8s-external-worker"
|
||||
description = "External ingress traffic to k8s worker nodes."
|
||||
provider=openstack.sto4
|
||||
}
|
||||
|
||||
# Rules dco
|
||||
resource "openstack_networking_secgroup_rule_v2" "k8s_external_ingress_worker_rule1_v4_dco" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = "443"
|
||||
port_range_max = "443"
|
||||
provider = openstack.dco
|
||||
remote_ip_prefix = "89.47.191.43/32"
|
||||
security_group_id = openstack_networking_secgroup_v2.k8s-external-worker-dco.id
|
||||
}
|
||||
|
||||
# Rules sto3
|
||||
resource "openstack_networking_secgroup_rule_v2" "k8s_external_ingress_worker_rule1_v4_sto3" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = "443"
|
||||
port_range_max = "443"
|
||||
provider = openstack.sto3
|
||||
remote_ip_prefix = "89.47.191.43/32"
|
||||
security_group_id = openstack_networking_secgroup_v2.k8s-external-worker-sto3.id
|
||||
}
|
||||
|
||||
# Rules sto4
|
||||
resource "openstack_networking_secgroup_rule_v2" "k8s_external_ingress_worker_rule1_v4_sto4" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = "443"
|
||||
port_range_max = "443"
|
||||
provider = openstack.sto4
|
||||
remote_ip_prefix = "89.47.191.43/32"
|
||||
security_group_id = openstack_networking_secgroup_v2.k8s-external-worker-sto4.id
|
||||
}
|
||||
|
||||
# Rules sto4
|
||||
resource "openstack_networking_secgroup_rule_v2" "k8s_external_ingress_worker_rule2_v4_dco" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = "443"
|
||||
port_range_max = "443"
|
||||
provider = openstack.dco
|
||||
remote_ip_prefix = "0.0.0.0/0"
|
||||
security_group_id = openstack_networking_secgroup_v2.k8s-external-worker-dco.id
|
||||
}
|
||||
|
177
IaC-prod/securitygroups-k8s-sto3.tf
Normal file
177
IaC-prod/securitygroups-k8s-sto3.tf
Normal file
|
@ -0,0 +1,177 @@
|
|||
|
||||
# Security groups sto3
|
||||
resource "openstack_networking_secgroup_v2" "microk8s-sto3" {
|
||||
name = "microk8s"
|
||||
description = "Traffic to allow between microk8s hosts"
|
||||
provider=openstack.sto3
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_v2" "ssh-from-jump-hosts-sto3" {
|
||||
name = "ssh-from-jumphosts"
|
||||
description = "Allow ssh traffic from sunet jumphosts."
|
||||
provider=openstack.sto3
|
||||
}
|
||||
|
||||
#
|
||||
# Security group rules for microk8s
|
||||
#
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_rule_v4_sto3" {
|
||||
count = length(var.k8sports)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = var.k8sports[count.index][keys(var.k8sports[count.index])[0]]
|
||||
port_range_min = keys(var.k8sports[count.index])[0]
|
||||
port_range_max = keys(var.k8sports[count.index])[0]
|
||||
provider = openstack.sto3
|
||||
remote_group_id = openstack_networking_secgroup_v2.microk8s-sto3.id
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s-sto3.id
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_rule_v6_sto3" {
|
||||
count = length(var.k8sports)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv6"
|
||||
protocol = var.k8sports[count.index][keys(var.k8sports[count.index])[0]]
|
||||
port_range_min = keys(var.k8sports[count.index])[0]
|
||||
port_range_max = keys(var.k8sports[count.index])[0]
|
||||
provider = openstack.sto3
|
||||
remote_group_id = openstack_networking_secgroup_v2.microk8s-sto3.id
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s-sto3.id
|
||||
}
|
||||
|
||||
#
|
||||
# From DCO to STO3
|
||||
#
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_controller_rule_v4_dco_to_sto3" {
|
||||
count = length(var.k8sports) * length(resource.openstack_compute_instance_v2.controller-nodes-dco)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-dco))][keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-dco))])[0]]
|
||||
port_range_min = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-dco))])[0]
|
||||
port_range_max = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-dco))])[0]
|
||||
provider = openstack.sto3
|
||||
remote_ip_prefix = join("/", [ resource.openstack_compute_instance_v2.controller-nodes-dco[count.index % length(resource.openstack_compute_instance_v2.controller-nodes-dco)].access_ip_v4, "32" ])
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s-sto3.id
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_controller_rule_v6_dco_to_sto3" {
|
||||
count = length(var.k8sports) * length(resource.openstack_compute_instance_v2.controller-nodes-dco)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv6"
|
||||
protocol = var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-dco))][keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-dco))])[0]]
|
||||
port_range_min = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-dco))])[0]
|
||||
port_range_max = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-dco))])[0]
|
||||
provider = openstack.sto3
|
||||
remote_ip_prefix = join("/",[ replace(resource.openstack_compute_instance_v2.controller-nodes-dco[count.index % length(resource.openstack_compute_instance_v2.controller-nodes-dco)].access_ip_v6, "/[\\[\\]']/",""), "128"])
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s-sto3.id
|
||||
}
|
||||
|
||||
# Worker nodes
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_worker_rule_v4_dco_to_sto3" {
|
||||
count = length(var.k8sports) * length(resource.openstack_compute_instance_v2.worker-nodes-dco)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-dco))][keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-dco))])[0]]
|
||||
port_range_min = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-dco))])[0]
|
||||
port_range_max = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-dco))])[0]
|
||||
provider = openstack.sto3
|
||||
remote_ip_prefix = join("/", [ resource.openstack_compute_instance_v2.worker-nodes-dco[count.index % length(resource.openstack_compute_instance_v2.worker-nodes-dco)].access_ip_v4, "32" ])
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s-sto3.id
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_worker_rule_v6_dco_to_sto3" {
|
||||
count = length(var.k8sports) * length(resource.openstack_compute_instance_v2.worker-nodes-dco)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv6"
|
||||
protocol = var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-dco))][keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-dco))])[0]]
|
||||
port_range_min = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-dco))])[0]
|
||||
port_range_max = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-dco))])[0]
|
||||
provider = openstack.sto3
|
||||
remote_ip_prefix = join("/",[ replace(resource.openstack_compute_instance_v2.worker-nodes-dco[count.index % length(resource.openstack_compute_instance_v2.worker-nodes-dco)].access_ip_v6, "/[\\[\\]']/",""), "128"])
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s-sto3.id
|
||||
}
|
||||
|
||||
#
|
||||
# From STO4 to STO3
|
||||
#
|
||||
|
||||
# Controllers
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_controller_rule_v4_sto4_to_sto3" {
|
||||
count = length(var.k8sports) * length(resource.openstack_compute_instance_v2.controller-nodes-sto4)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-sto4))][keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-sto4))])[0]]
|
||||
port_range_min = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-sto4))])[0]
|
||||
port_range_max = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-sto4))])[0]
|
||||
provider = openstack.sto3
|
||||
remote_ip_prefix = join("/", [ resource.openstack_compute_instance_v2.controller-nodes-sto4[count.index % length(resource.openstack_compute_instance_v2.controller-nodes-sto4)].access_ip_v4, "32" ])
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s-sto3.id
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_controller_rule_v6_sto4_to_sto3" {
|
||||
count = length(var.k8sports) * length(resource.openstack_compute_instance_v2.controller-nodes-sto4)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv6"
|
||||
protocol = var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-sto4))][keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-sto4))])[0]]
|
||||
port_range_min = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-sto4))])[0]
|
||||
port_range_max = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-sto4))])[0]
|
||||
provider = openstack.sto3
|
||||
remote_ip_prefix = join("/",[ replace(resource.openstack_compute_instance_v2.controller-nodes-sto4[count.index % length(resource.openstack_compute_instance_v2.controller-nodes-sto4)].access_ip_v6, "/[\\[\\]']/",""), "128"])
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s-sto3.id
|
||||
}
|
||||
|
||||
|
||||
# Workers
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_worker_rule_v4_sto4_to_sto3" {
|
||||
count = length(var.k8sports) * length(resource.openstack_compute_instance_v2.worker-nodes-sto4)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-sto4))][keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-sto4))])[0]]
|
||||
port_range_min = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-sto4))])[0]
|
||||
port_range_max = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-sto4))])[0]
|
||||
provider = openstack.sto3
|
||||
remote_ip_prefix = join("/", [ resource.openstack_compute_instance_v2.worker-nodes-sto4[count.index % length(resource.openstack_compute_instance_v2.worker-nodes-sto4)].access_ip_v4, "32" ])
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s-sto3.id
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_worker_rule_v6_sto4_to_sto3" {
|
||||
count = length(var.k8sports) * length(resource.openstack_compute_instance_v2.worker-nodes-sto4)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv6"
|
||||
protocol = var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-sto4))][keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-sto4))])[0]]
|
||||
port_range_min = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-sto4))])[0]
|
||||
port_range_max = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-sto4))])[0]
|
||||
provider = openstack.sto3
|
||||
remote_ip_prefix = join("/",[ replace(resource.openstack_compute_instance_v2.worker-nodes-sto4[count.index % length(resource.openstack_compute_instance_v2.worker-nodes-sto4)].access_ip_v6, "/[\\[\\]']/",""), "128"])
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s-sto3.id
|
||||
}
|
||||
|
||||
#
|
||||
# Security group rules for ssh-from-jump-hosts
|
||||
#
|
||||
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "ssh-from-jumphosts-v4rules-sto3" {
|
||||
count = length(var.jumphostv4-ips)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = "22"
|
||||
port_range_max = "22"
|
||||
provider = openstack.sto3
|
||||
remote_ip_prefix = "${var.jumphostv4-ips[count.index]}/32"
|
||||
security_group_id = openstack_networking_secgroup_v2.ssh-from-jump-hosts-sto3.id
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "ssh-from-jumphosts-v6rules-sto3" {
|
||||
count = length(var.jumphostv6-ips)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv6"
|
||||
protocol = "tcp"
|
||||
port_range_min = "22"
|
||||
port_range_max = "22"
|
||||
provider = openstack.sto3
|
||||
remote_ip_prefix = "${var.jumphostv6-ips[count.index]}/128"
|
||||
security_group_id = openstack_networking_secgroup_v2.ssh-from-jump-hosts-sto3.id
|
||||
}
|
177
IaC-prod/securitygroups-k8s-sto4.tf
Normal file
177
IaC-prod/securitygroups-k8s-sto4.tf
Normal file
|
@ -0,0 +1,177 @@
|
|||
|
||||
# Security groups sto4
|
||||
resource "openstack_networking_secgroup_v2" "microk8s-sto4" {
|
||||
name = "microk8s"
|
||||
description = "Traffic to allow between microk8s hosts"
|
||||
provider=openstack.sto4
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_v2" "ssh-from-jump-hosts-sto4" {
|
||||
name = "ssh-from-jumphosts"
|
||||
description = "Allow ssh traffic from sunet jumphosts."
|
||||
provider=openstack.sto4
|
||||
}
|
||||
|
||||
#
|
||||
# Security group rules for microk8s
|
||||
#
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_rule_v4_sto4" {
|
||||
count = length(var.k8sports)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = var.k8sports[count.index][keys(var.k8sports[count.index])[0]]
|
||||
port_range_min = keys(var.k8sports[count.index])[0]
|
||||
port_range_max = keys(var.k8sports[count.index])[0]
|
||||
provider = openstack.sto4
|
||||
remote_group_id = openstack_networking_secgroup_v2.microk8s-sto4.id
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s-sto4.id
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_rule_v6_sto4" {
|
||||
count = length(var.k8sports)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv6"
|
||||
protocol = var.k8sports[count.index][keys(var.k8sports[count.index])[0]]
|
||||
port_range_min = keys(var.k8sports[count.index])[0]
|
||||
port_range_max = keys(var.k8sports[count.index])[0]
|
||||
provider = openstack.sto4
|
||||
remote_group_id = openstack_networking_secgroup_v2.microk8s-sto4.id
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s-sto4.id
|
||||
}
|
||||
|
||||
#
|
||||
# DCO to STO4
|
||||
#
|
||||
|
||||
# Controllers
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_controller_rule_v4_dco_to_sto4" {
|
||||
count = length(var.k8sports) * length(resource.openstack_compute_instance_v2.controller-nodes-dco)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-dco))][keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-dco))])[0]]
|
||||
port_range_min = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-dco))])[0]
|
||||
port_range_max = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-dco))])[0]
|
||||
provider = openstack.sto4
|
||||
remote_ip_prefix = join("/", [ resource.openstack_compute_instance_v2.controller-nodes-dco[count.index % length(resource.openstack_compute_instance_v2.controller-nodes-dco)].access_ip_v4, "32" ])
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s-sto4.id
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_controller_rule_v6_dco_to_sto4" {
|
||||
count = length(var.k8sports) * length(resource.openstack_compute_instance_v2.controller-nodes-dco)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv6"
|
||||
protocol = var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-dco))][keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-dco))])[0]]
|
||||
port_range_min = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-dco))])[0]
|
||||
port_range_max = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-dco))])[0]
|
||||
provider = openstack.sto4
|
||||
remote_ip_prefix = join("/",[ replace(resource.openstack_compute_instance_v2.controller-nodes-dco[count.index % length(resource.openstack_compute_instance_v2.controller-nodes-dco)].access_ip_v6, "/[\\[\\]']/",""), "128"])
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s-sto4.id
|
||||
}
|
||||
|
||||
# Workers
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_worker_rule_v4_dco_to_sto4" {
|
||||
count = length(var.k8sports) * length(resource.openstack_compute_instance_v2.worker-nodes-dco)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-dco))][keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-dco))])[0]]
|
||||
port_range_min = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-dco))])[0]
|
||||
port_range_max = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-dco))])[0]
|
||||
provider = openstack.sto4
|
||||
remote_ip_prefix = join("/", [ resource.openstack_compute_instance_v2.worker-nodes-dco[count.index % length(resource.openstack_compute_instance_v2.worker-nodes-dco)].access_ip_v4, "32" ])
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s-sto4.id
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_worker_rule_v6_dco_to_sto4" {
|
||||
count = length(var.k8sports) * length(resource.openstack_compute_instance_v2.worker-nodes-dco)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv6"
|
||||
protocol = var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-dco))][keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-dco))])[0]]
|
||||
port_range_min = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-dco))])[0]
|
||||
port_range_max = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-dco))])[0]
|
||||
provider = openstack.sto4
|
||||
remote_ip_prefix = join("/",[ replace(resource.openstack_compute_instance_v2.worker-nodes-dco[count.index % length(resource.openstack_compute_instance_v2.worker-nodes-dco)].access_ip_v6, "/[\\[\\]']/",""), "128"])
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s-sto4.id
|
||||
}
|
||||
|
||||
#
|
||||
# From STO3 to STO4
|
||||
#
|
||||
|
||||
# Control nodes
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_controller_rule_v4_sto3_to_sto4" {
|
||||
count = length(var.k8sports) * length(resource.openstack_compute_instance_v2.controller-nodes-sto3)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-sto3))][keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-sto3))])[0]]
|
||||
port_range_min = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-sto3))])[0]
|
||||
port_range_max = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-sto3))])[0]
|
||||
provider = openstack.sto4
|
||||
remote_ip_prefix = join("/", [ resource.openstack_compute_instance_v2.controller-nodes-sto3[count.index % length(resource.openstack_compute_instance_v2.controller-nodes-sto3)].access_ip_v4, "32" ])
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s-sto4.id
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_controller_rule_v6_sto3_to_sto4" {
|
||||
count = length(var.k8sports) * length(resource.openstack_compute_instance_v2.controller-nodes-sto3)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv6"
|
||||
protocol = var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-sto3))][keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-sto3))])[0]]
|
||||
port_range_min = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-sto3))])[0]
|
||||
port_range_max = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.controller-nodes-sto3))])[0]
|
||||
provider = openstack.sto4
|
||||
remote_ip_prefix = join("/",[ replace(resource.openstack_compute_instance_v2.controller-nodes-sto3[count.index % length(resource.openstack_compute_instance_v2.controller-nodes-sto3)].access_ip_v6, "/[\\[\\]']/",""), "128"])
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s-sto4.id
|
||||
}
|
||||
|
||||
# Worker nodes
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_worker_rule_v4_sto3_to_sto4" {
|
||||
count = length(var.k8sports) * length(resource.openstack_compute_instance_v2.worker-nodes-sto3)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-sto3))][keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-sto3))])[0]]
|
||||
port_range_min = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-sto3))])[0]
|
||||
port_range_max = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-sto3))])[0]
|
||||
provider = openstack.sto4
|
||||
remote_ip_prefix = join("/", [ resource.openstack_compute_instance_v2.worker-nodes-sto3[count.index % length(resource.openstack_compute_instance_v2.worker-nodes-sto3)].access_ip_v4, "32" ])
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s-sto4.id
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_worker_rule_v6_sto3_to_sto4" {
|
||||
count = length(var.k8sports) * length(resource.openstack_compute_instance_v2.worker-nodes-sto3)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv6"
|
||||
protocol = var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-sto3))][keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-sto3))])[0]]
|
||||
port_range_min = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-sto3))])[0]
|
||||
port_range_max = keys(var.k8sports[floor(count.index/length(resource.openstack_compute_instance_v2.worker-nodes-sto3))])[0]
|
||||
provider = openstack.sto4
|
||||
remote_ip_prefix = join("/",[ replace(resource.openstack_compute_instance_v2.worker-nodes-sto3[count.index % length(resource.openstack_compute_instance_v2.worker-nodes-sto3)].access_ip_v6, "/[\\[\\]']/",""), "128"])
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s-sto4.id
|
||||
}
|
||||
|
||||
#
|
||||
# Security group rules for ssh-from-jump-hosts
|
||||
#
|
||||
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "ssh-from-jumphosts-v4rules-sto4" {
|
||||
count = length(var.jumphostv4-ips)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = "22"
|
||||
port_range_max = "22"
|
||||
provider = openstack.sto4
|
||||
remote_ip_prefix = "${var.jumphostv4-ips[count.index]}/32"
|
||||
security_group_id = openstack_networking_secgroup_v2.ssh-from-jump-hosts-sto4.id
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "ssh-from-jumphosts-v6rules-sto4" {
|
||||
count = length(var.jumphostv6-ips)
|
||||
direction = "ingress"
|
||||
ethertype = "IPv6"
|
||||
protocol = "tcp"
|
||||
port_range_min = "22"
|
||||
port_range_max = "22"
|
||||
provider = openstack.sto4
|
||||
remote_ip_prefix = "${var.jumphostv6-ips[count.index]}/128"
|
||||
security_group_id = openstack_networking_secgroup_v2.ssh-from-jump-hosts-sto4.id
|
||||
}
|
109
IaC-prod/securitygroups-lb.tf
Normal file
109
IaC-prod/securitygroups-lb.tf
Normal file
|
@ -0,0 +1,109 @@
|
|||
# Security groups lb-frontend
|
||||
resource "openstack_networking_secgroup_v2" "lb-dco" {
|
||||
name = "lb-frontend"
|
||||
description = "Ingress lb traffic to allow."
|
||||
provider=openstack.dco
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "lb_ingress_rule_v4_dco" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = "8443"
|
||||
port_range_max = "8443"
|
||||
provider = openstack.dco
|
||||
remote_ip_prefix = "87.251.31.118/32"
|
||||
security_group_id = openstack_networking_secgroup_v2.lb-dco.id
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "lb_ingress_rule2_v4_dco" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = "16443"
|
||||
port_range_max = "16443"
|
||||
provider = openstack.dco
|
||||
remote_ip_prefix = "87.251.31.118/32"
|
||||
security_group_id = openstack_networking_secgroup_v2.lb-dco.id
|
||||
}
|
||||
|
||||
# From mgmt1
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "lb_ingress_rule3_v4_dco" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = "16443"
|
||||
port_range_max = "16443"
|
||||
provider = openstack.dco
|
||||
remote_ip_prefix = "89.47.191.66/32"
|
||||
security_group_id = openstack_networking_secgroup_v2.lb-dco.id
|
||||
}
|
||||
|
||||
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "lb_ingress_rule4_v4_dco" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = "80"
|
||||
port_range_max = "80"
|
||||
provider = openstack.dco
|
||||
remote_ip_prefix = "89.47.191.66/32"
|
||||
security_group_id = openstack_networking_secgroup_v2.lb-dco.id
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "lb_ingress_rule5_v4_dco" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = "443"
|
||||
port_range_max = "443"
|
||||
provider = openstack.dco
|
||||
remote_ip_prefix = "89.47.191.66/32"
|
||||
security_group_id = openstack_networking_secgroup_v2.lb-dco.id
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "lb_ingress_rule6_v4_dco" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = "8443"
|
||||
port_range_max = "8443"
|
||||
provider = openstack.dco
|
||||
remote_ip_prefix = "89.47.191.66/32"
|
||||
security_group_id = openstack_networking_secgroup_v2.lb-dco.id
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "lb_ingress_rule7_v4_dco" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = "8080"
|
||||
port_range_max = "8080"
|
||||
provider = openstack.dco
|
||||
remote_ip_prefix = "89.47.191.66/32"
|
||||
security_group_id = openstack_networking_secgroup_v2.lb-dco.id
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "lb_ingress_rule8_v4_dco" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = "16443"
|
||||
port_range_max = "16443"
|
||||
provider = openstack.dco
|
||||
remote_ip_prefix = "89.47.184.88/32"
|
||||
security_group_id = openstack_networking_secgroup_v2.lb-dco.id
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "lb_ingress_rule9_v4_dco" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = "16443"
|
||||
port_range_max = "16443"
|
||||
provider = openstack.dco
|
||||
remote_ip_prefix = "130.242.121.23/32"
|
||||
security_group_id = openstack_networking_secgroup_v2.lb-dco.id
|
||||
}
|
|
@ -1,194 +0,0 @@
|
|||
# Datasource of sunet ssh-from-jumphost security group.
|
||||
data "openstack_networking_secgroup_v2" "sshfromjumphosts" {
|
||||
name = "ssh-from-jumphost"
|
||||
}
|
||||
|
||||
data "openstack_networking_secgroup_v2" "allegress" {
|
||||
name = "allegress"
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_v2" "microk8s" {
|
||||
name = "microk8s"
|
||||
description = "Traffic to allow between microk8s hosts"
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_rule1" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = 16443
|
||||
port_range_max = 16443
|
||||
remote_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
}
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_rule2" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv6"
|
||||
protocol = "tcp"
|
||||
port_range_min = 16443
|
||||
port_range_max = 16443
|
||||
remote_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_rule3" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = 10250
|
||||
port_range_max = 10250
|
||||
remote_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
}
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_rule4" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv6"
|
||||
protocol = "tcp"
|
||||
port_range_min = 10250
|
||||
port_range_max = 10250
|
||||
remote_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_rule5" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = 10255
|
||||
port_range_max = 10255
|
||||
remote_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
}
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_rule6" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv6"
|
||||
protocol = "tcp"
|
||||
port_range_min = 10255
|
||||
port_range_max = 10255
|
||||
remote_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
}
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_rule7" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = 25000
|
||||
port_range_max = 25000
|
||||
remote_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
}
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_rule8" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv6"
|
||||
protocol = "tcp"
|
||||
port_range_min = 25000
|
||||
port_range_max = 25000
|
||||
remote_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
}
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_rule9" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = 12379
|
||||
port_range_max = 12379
|
||||
remote_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
}
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_rule10" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv6"
|
||||
protocol = "tcp"
|
||||
port_range_min = 12379
|
||||
port_range_max = 12379
|
||||
remote_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
}
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_rule11" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = 10257
|
||||
port_range_max = 10257
|
||||
remote_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
}
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_rule12" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv6"
|
||||
protocol = "tcp"
|
||||
port_range_min = 10257
|
||||
port_range_max = 10257
|
||||
remote_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
}
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_rule13" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = 10259
|
||||
port_range_max = 10259
|
||||
remote_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
}
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_rule14" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv6"
|
||||
protocol = "tcp"
|
||||
port_range_min = 10259
|
||||
port_range_max = 10259
|
||||
remote_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
}
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_rule15" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = 19001
|
||||
port_range_max = 19001
|
||||
remote_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
}
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_rule16" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv6"
|
||||
protocol = "tcp"
|
||||
port_range_min = 19001
|
||||
port_range_max = 19001
|
||||
remote_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
}
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_rule17" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "udp"
|
||||
port_range_min = 4789
|
||||
port_range_max = 4789
|
||||
remote_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
}
|
||||
resource "openstack_networking_secgroup_rule_v2" "microk8s_rule18" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv6"
|
||||
protocol = "udp"
|
||||
port_range_min = 4789
|
||||
port_range_max = 4789
|
||||
remote_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
security_group_id = openstack_networking_secgroup_v2.microk8s.id
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_v2" "https" {
|
||||
name = "https"
|
||||
description = "Allow https to ingress controller"
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "https_rule1" {
|
||||
# External traffic
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = 443
|
||||
port_range_max = 443
|
||||
remote_ip_prefix = "0.0.0.0/0"
|
||||
security_group_id = openstack_networking_secgroup_v2.https.id
|
||||
}
|
11
IaC-prod/servergroups-dco.tf
Normal file
11
IaC-prod/servergroups-dco.tf
Normal file
|
@ -0,0 +1,11 @@
|
|||
resource "openstack_compute_servergroup_v2" "workers-dco" {
|
||||
name = "workers"
|
||||
policies = ["anti-affinity"]
|
||||
provider = openstack.dco
|
||||
}
|
||||
resource "openstack_compute_servergroup_v2" "controllers-dco" {
|
||||
name = "controllers"
|
||||
policies = ["anti-affinity"]
|
||||
provider = openstack.dco
|
||||
}
|
||||
|
11
IaC-prod/servergroups-sto3.tf
Normal file
11
IaC-prod/servergroups-sto3.tf
Normal file
|
@ -0,0 +1,11 @@
|
|||
resource "openstack_compute_servergroup_v2" "workers-sto3" {
|
||||
name = "workers"
|
||||
policies = ["anti-affinity"]
|
||||
provider = openstack.sto3
|
||||
}
|
||||
resource "openstack_compute_servergroup_v2" "controllers-sto3" {
|
||||
name = "controllers"
|
||||
policies = ["anti-affinity"]
|
||||
provider = openstack.sto3
|
||||
}
|
||||
|
11
IaC-prod/servergroups-sto4.tf
Normal file
11
IaC-prod/servergroups-sto4.tf
Normal file
|
@ -0,0 +1,11 @@
|
|||
resource "openstack_compute_servergroup_v2" "workers-sto4" {
|
||||
name = "workers"
|
||||
policies = ["anti-affinity"]
|
||||
provider = openstack.sto4
|
||||
}
|
||||
resource "openstack_compute_servergroup_v2" "controllers-sto4" {
|
||||
name = "controllers"
|
||||
policies = ["anti-affinity"]
|
||||
provider = openstack.sto4
|
||||
}
|
||||
|
|
@ -3,16 +3,45 @@ variable "datacenter_name" {
|
|||
default = "dco"
|
||||
}
|
||||
|
||||
variable "keyname" {
|
||||
type = string
|
||||
default = "manderssonpub"
|
||||
variable "datacenters" {
|
||||
type = list(string)
|
||||
default = [ "dco", "sto3", "sto4" ]
|
||||
}
|
||||
|
||||
variable "worker_instance_count" {
|
||||
default = "3"
|
||||
# Cloud names in clouds.yaml file
|
||||
variable "clouddco_name" {
|
||||
type = string
|
||||
default = "dco-matrixprod"
|
||||
}
|
||||
variable "controller_instance_count" {
|
||||
default = "3"
|
||||
|
||||
variable "cloudsto3_name" {
|
||||
type = string
|
||||
default = "sto3-matrixprod"
|
||||
}
|
||||
|
||||
variable "cloudsto4_name" {
|
||||
type = string
|
||||
default = "sto4-matrixprod"
|
||||
}
|
||||
|
||||
variable "keyname" {
|
||||
type = string
|
||||
default = "pettai-7431497"
|
||||
}
|
||||
variable "keynameworkers" {
|
||||
type = string
|
||||
default = "pettai-7431497"
|
||||
}
|
||||
|
||||
|
||||
# Replicas per datacenter
|
||||
variable "workerdcreplicas" {
|
||||
default = "2"
|
||||
}
|
||||
|
||||
# Replicas per datacenter
|
||||
variable "controllerdcreplicas" {
|
||||
default = "1"
|
||||
}
|
||||
|
||||
variable "controller_instance_type" {
|
||||
|
@ -23,6 +52,14 @@ variable "worker_instance_type" {
|
|||
default = "b2.c4r16"
|
||||
}
|
||||
|
||||
variable "lb_instance_type" {
|
||||
default = "b2.c2r4"
|
||||
}
|
||||
|
||||
variable "mgmt_instance_type" {
|
||||
default = "b2.c2r4"
|
||||
}
|
||||
|
||||
variable "worker_name" {
|
||||
default = "k8sw"
|
||||
}
|
||||
|
@ -32,9 +69,30 @@ variable "controller_name" {
|
|||
}
|
||||
|
||||
variable "dns_suffix" {
|
||||
default = "matrix.test.sunet.se"
|
||||
default = "matrix.sunet.se"
|
||||
}
|
||||
|
||||
variable "cloud_name" {
|
||||
default="dco-matrixtest"
|
||||
variable "k8sports" {
|
||||
default=[
|
||||
{"16443" = "tcp"},
|
||||
{"10250" = "tcp"},
|
||||
{"10255" = "tcp"},
|
||||
{"25000" = "tcp"},
|
||||
{"12379" = "tcp"},
|
||||
{"10257" = "tcp"},
|
||||
{"10259" = "tcp"},
|
||||
{"19001" = "tcp"},
|
||||
{"4789" = "udp"},
|
||||
{"51820" = "udp"}
|
||||
]
|
||||
}
|
||||
|
||||
variable jumphostv4-ips {
|
||||
type = list(string)
|
||||
default = []
|
||||
}
|
||||
|
||||
variable jumphostv6-ips {
|
||||
type = list(string)
|
||||
default = []
|
||||
}
|
||||
|
|
|
@ -76,7 +76,6 @@ resource "openstack_networking_secgroup_v2" "k8s-external-worker-sto4" {
|
|||
}
|
||||
|
||||
# Rules dco
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "k8s_external_ingress_worker_rule1_v4_dco" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
|
@ -112,3 +111,27 @@ resource "openstack_networking_secgroup_rule_v2" "k8s_external_ingress_worker_ru
|
|||
security_group_id = openstack_networking_secgroup_v2.k8s-external-worker-sto4.id
|
||||
}
|
||||
|
||||
# Rules dco
|
||||
resource "openstack_networking_secgroup_rule_v2" "k8s_external_ingress_worker_rule2_v4_dco" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = "443"
|
||||
port_range_max = "443"
|
||||
provider = openstack.dco
|
||||
remote_ip_prefix = "0.0.0.0/0"
|
||||
security_group_id = openstack_networking_secgroup_v2.k8s-external-worker-dco.id
|
||||
}
|
||||
|
||||
# Rules dco
|
||||
resource "openstack_networking_secgroup_rule_v2" "k8s_external_ingress_worker_rule3_v4_dco" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = "80"
|
||||
port_range_max = "80"
|
||||
provider = openstack.dco
|
||||
remote_ip_prefix = "0.0.0.0/0"
|
||||
security_group_id = openstack_networking_secgroup_v2.k8s-external-worker-dco.id
|
||||
}
|
||||
|
||||
|
|
|
@ -40,6 +40,8 @@ resource "openstack_networking_secgroup_rule_v2" "lb_ingress_rule3_v4_dco" {
|
|||
security_group_id = openstack_networking_secgroup_v2.lb-dco.id
|
||||
}
|
||||
|
||||
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "lb_ingress_rule4_v4_dco" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
|
@ -61,3 +63,47 @@ resource "openstack_networking_secgroup_rule_v2" "lb_ingress_rule5_v4_dco" {
|
|||
remote_ip_prefix = "89.47.191.66/32"
|
||||
security_group_id = openstack_networking_secgroup_v2.lb-dco.id
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "lb_ingress_rule6_v4_dco" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = "8443"
|
||||
port_range_max = "8443"
|
||||
provider = openstack.dco
|
||||
remote_ip_prefix = "89.47.191.66/32"
|
||||
security_group_id = openstack_networking_secgroup_v2.lb-dco.id
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "lb_ingress_rule7_v4_dco" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = "8080"
|
||||
port_range_max = "8080"
|
||||
provider = openstack.dco
|
||||
remote_ip_prefix = "89.47.191.66/32"
|
||||
security_group_id = openstack_networking_secgroup_v2.lb-dco.id
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "lb_ingress_rule8_v4_dco" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = "16443"
|
||||
port_range_max = "16443"
|
||||
provider = openstack.dco
|
||||
remote_ip_prefix = "89.47.184.88/32"
|
||||
security_group_id = openstack_networking_secgroup_v2.lb-dco.id
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "lb_ingress_rule9_v4_dco" {
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = "16443"
|
||||
port_range_max = "16443"
|
||||
provider = openstack.dco
|
||||
remote_ip_prefix = "130.242.121.23/32"
|
||||
security_group_id = openstack_networking_secgroup_v2.lb-dco.id
|
||||
}
|
||||
|
|
|
@ -1,95 +0,0 @@
|
|||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Comment: 3DB7 65E9 ADBF 28C9 068A 0225 19CB 2C58 E1F1 9B16
|
||||
Comment: Magnus Andersson <mandersson@sunet.se>
|
||||
|
||||
xsFNBGTxo4wBEAC2zcQZ7AMqErGhnRwWf7DnrB0+tu7XCXgCCruMG1opjmy/nsOv
|
||||
rVGam7eEYVz5x1jtcIH7ojY4PnFkHE2ggPBL6G6/2PmQvhrUWtuYtJRCdN6HchWk
|
||||
J45scYu2D/X3PPu0Q5gASTtQZ6WT2H+lbJkzx/1xiFKahP1NhvMw2iyjX263in7w
|
||||
z5yRgmJDa9de3maHEHE+MTxMrgVb3bPKKz/tbbwa0xOySAV/MxFhUSytL+A+jBEI
|
||||
nZ+8TeiCbQiva0ouQAp5xmCBgCrKRV2CsXcMPZFc+vnKYjdO4jcvOlpBhe1ttclq
|
||||
kWpXuvHl3iIxixRMCYK0BWu8yDsmIrZQmzvSszazifN++5svDC++y9hvFhWc45pr
|
||||
HZueMeVNxmmoUNRwUgSgZ62u2ipMwZMA9dtgxY9C+6LvC1ruQKfi2Na6AaepQPlV
|
||||
/Lkg5GFY9br360CA6mx8yb43l+uFhGwxEroXSQWQ8iPI9r6jViJ14DLrEwk7MQd5
|
||||
7K2woUQrGqx4EWBq/TFsa8/xaJHuvtVI//REUwaiot+cwzx83EUK59XDJk7K18qd
|
||||
BfhaK9UYCvqfYQC7CR4534LjjX5f9K4l605MNu+PsjNUcmjgp88rV/wv5RgFh5sm
|
||||
YnMUaLPRRBpPWmsW+AKeBlvOI8e4ME7OBuWusCzDNzV1ad1sPcLOVxNp8wARAQAB
|
||||
wsHPBB8BCgCDBYJk8aOMBYkB4oUAAwsJBwkQGcssWOHxmxZHFAAAAAAAHgAgc2Fs
|
||||
dEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnRRvtE0ooJuJq34ScByjfZaqxkOSF
|
||||
Xki9eGiIz61NPyYDFQoIApsDAh4BFiEEPbdl6a2/KMkGigIlGcssWOHxmxYAAHkv
|
||||
EACb7uiDpYkeT3zmEyj0GezvFePmxaNuezP+axJkwI8nptomGyqGnTwPovnR68W4
|
||||
AfVC/CXzzrYP3tNqZ7sF003GgbvW/5ho75kIX0wy/lBHyADrjoOsnpQS6N2sLud9
|
||||
t3haihTyu0Cs+UELJKPY7Orkl0apPEGCPYkfn9wNxQac4NPD82K0WOkLi0opnfrZ
|
||||
A+JI6lx1zgb4MIIxfs0PZ+27b8bc2JCl5WNmBIElNldypmFdTuIfgsLu+N9YH/Q6
|
||||
lM0DOQPcgWbpTxGjzqFnMBqVv/xMNjWAUe1Gt3gY7Spa5JUigkirsQYrw/4ua5n6
|
||||
l8pmkAZZ1FlUO3dWLDe5U4uaQe7vNL7sPEq8Eg0/KWUPCiVV+SYq3u7pmScMyT9f
|
||||
i34kSy09e9JEqDeomVh4tKABSTYnO4b+29HQtOfOW1jdT2gk8HaOhivK47wIdLnb
|
||||
T8LAxH06ImO0yBCIJz36y1mg9LB+y0X+YRIoTLoanNflj5uSBLILXlG4FKdeY+37
|
||||
bTxFoLKVn55tFc/kT6RW1b+94ruFd5kAWBCBFUMSDve5OSFBJ3dnmKu884Rf7XZu
|
||||
cn4aBTHwbP1MvBJQzJ6YWr+4tKuhHIOx3JLLCTfrFx5DmFOLejw65UGeUF4RNNvu
|
||||
7X9VKp1TCzzUEK0aoAuvxIQe6ZczedqRckO/oXolHg/eOM0mTWFnbnVzIEFuZGVy
|
||||
c3NvbiA8bWFuZGVyc3NvbkBzdW5ldC5zZT7CwdIEEwEKAIYFgmTxo4wFiQHihQAD
|
||||
CwkHCRAZyyxY4fGbFkcUAAAAAAAeACBzYWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBn
|
||||
cC5vcmcqKwTUOwrRkE+tMtaZLV+DfMEpzLxgZo380Rl8boRH1QMVCggCmQECmwMC
|
||||
HgEWIQQ9t2Xprb8oyQaKAiUZyyxY4fGbFgAAkngP/2Y7AjS0nt/+PDc9onDizg4t
|
||||
tedqdtn/6npkW3kSOZOmH3IMQ9vRe36m0vhmPMbxX91MP9jdxr7xAjshOSP3eP6E
|
||||
SiRf17RO60nafzzTeXD5ooUnG4GA+Fim/uOiX4OiIw98QdspugZwCks68YzLJXBA
|
||||
z/MfwUV4Cv2Jxgx/n2ctxt9dm5mzSy0AfW2TYckNd/YUjrNSuJdf7Z5aVk/lhylg
|
||||
FslhxKBcoArkBr2eCDW7S5Cwo1p8f0KW7CrOK4O772tDeqLk6CzrEEOOuuV1TzT4
|
||||
2Ubc5MYMbpB9xVnA55a2N9OHLytnsEyXYBIHZzk1DkKJdC1VzxoFbwk6ZBAfOVcw
|
||||
7nN27bJW0IQPKY5wo6y0rkit2Q/HGUAtvueMHLA1/J6bVxBaygPK4f2/li0fAp9W
|
||||
YAQSp5qCtRDvgw6B3oDyUOhudZnvd7QWNAAbsGzIAeO8HjVlgcEdT4S82yNZTk/s
|
||||
EG5DLe46b/DBUx46L3enKI+m0MUepzJk56WY+DdxaT0P7uWxa7iRz4h4ey9X90Vf
|
||||
of0ik3GvjqaNdPwC6CTlIoT8rW5vBEVrt4zbzRSTcL4p13tO/BDorDrqA/1eLm1t
|
||||
ReZzVDmCeaT9XreitsZKXBW0QR5mwcVl4r+dMBceqwgRWpzD/zQb8w2qQmqquGNh
|
||||
5Z6I0FzOztMEQVcdpp4AzsFNBGTxo4wBEACrCG8QKLcZsqWciN196fFALKXpDDZZ
|
||||
P4A9a8t1i5XqsxSZrriQmZVNs6lGGpuWcYcSqYdBUpaZTyaIO1yjRnN4flWf4VEF
|
||||
aB/ABWZn7ZyIR7Ot5fEg87Cf+av0O0jFUxltJkZrMDvMLv9FGwJ23aByIf90dETp
|
||||
e6w0oW0cFV8JnFqGdaDjgj/l5gLb0K0ktAaeFf9AKXQqBFJEVZsOzzgNdXIHWmBx
|
||||
SV1xRZxeT8j+zRGgVapIxDBREwzY8k3G5iq5rwyfQQJLaLHP6uvEGwZ6eGb1lB8M
|
||||
cjXx/RbLpiIDLXUZy02/yI3jCb2voMAjTto2GZnLRWOCvcWEo9xVrHHzP9P91W6l
|
||||
wOXqorQVHN0m6YKNN2yRl6w6ashh+L3LxVxbpLeYC6qcHjziKVWbYCFTOivZSf1O
|
||||
TTmd4ChnnxLqA8Jus4uP8I3w+sXobNdR6eMlLxM6rXh5OhjNdYogcmfkGfbQK6vw
|
||||
m/A9lIYejWRxvmk2fkAG9uUJG69+S70nwp1KpJIVk3EqyaNnrcqLbTcr52M8KGZr
|
||||
Mm4NtRAkkcZf4irs7uJRtaSZLMpEUKyYCY9Lnn/p70x/7cuhGoZ6YjFG74GTR5pU
|
||||
HQH9qXyVnUJ+R5xJAAV6FuLyqUlM26sSR9hFbOXW+RK12c3qB5wOLsyWyGdZkZAG
|
||||
mGWDK/XWVurK3QARAQABwsHEBBgBCgB4BYJk8aOMBYkB4oUACRAZyyxY4fGbFkcU
|
||||
AAAAAAAeACBzYWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmdX6lwHCIKO+5/k
|
||||
ZISh2+NkcDaejjar1UgV8OzRAWmQwgKbDBYhBD23ZemtvyjJBooCJRnLLFjh8ZsW
|
||||
AADwMxAAp3WXjnbP/S1hYpie/Sy5BaU9yoPI9BtJnzN8AUfQGo9nfFupXzQw6JG0
|
||||
bJfXrhUswxJMhYE/iyqI2maRp9396dGAYGKIx11X/G4u5P0fQGZhSj9MV3+G0oyH
|
||||
qBq9vgrYUH5fBUtAOIwGYUEucoAz/NDiH62MOFHtAbxKv7CZ57jdGSxnjDEvRlBT
|
||||
1Pebum/NDsihwOmFJKBe8LWfh9Z6+V/0yR6cnRFchrz9dA3HVhECK/t6VrHMMfIa
|
||||
hM52dQMX4IBp/vaqTUxtWqA/wujC1fdZSmcctTlP8/dkFSg6JEx97zdZa5m9sLIY
|
||||
ip60chbSFSKo3cgk02cN1MV7Ys2drPqZYeMLG8wxnuvtcSX34gVjvNauEZUU0+9P
|
||||
FUMf7baMs40kGVsstEodx4IoaVj6l1zTlWP+FlTnLvYao8p3PppikzPr11XPbeln
|
||||
d9sWjxfzwYSdzxu4wEplGInrxhHZ0zy+ObutY+wDYlGWELyZw8mde6iQIxTBEIsX
|
||||
nLfaJEO6EPvbFSUeE+2LYfOYUUD8LmKm/KHnUVAOwy48yOVccd+gnBoMVg9yR6bJ
|
||||
/+YmwUEw0QrDIikOSl61e+APzEqoX0F1/eWvL37ksdqe8jadSfOP/rtltjnGI7dy
|
||||
MmlM4LqRZyrnPRnc9WT4ODohyS+ZJ8sXc0HpyRJejES7BzrYUTDOwU0EZPGjjAEQ
|
||||
ALNw5tV/CbqB6a9K0DjBxhgrlBU4nZUvlCTfL1hIp8kvhm10LgSU/RMFnLQtO/R+
|
||||
4ildcdEgLPYL3X56xbfExrgtfYJudr+jIbszGfMgz8Hwatc1BhfXhPSfxfcgIgTz
|
||||
hMcaAJ47YYnNv+rpKEkTr+HZWpzOi31mazxMjRdpet91liMaizI5teeXFHG3uAQw
|
||||
WxY+PVGNN04YKeR1170/nZgqV/G1mVVjyK8VxalbQH6DE7IDCzviy7L5QqO7e8hf
|
||||
RJNV6ROmK3G5cOzw10qQ+c9JTPmRWeTQiBMkgLcV4GiI9uatRz2PDWP8tqs1yUfl
|
||||
l+5CcZ+xebCeyxRj3DfIeyAHS9xSJJNZhi8uAN76tLsaC/m6JeSYq0M81dtpqOEG
|
||||
xPYym3A/bnJfSrKKf/ySsDXbNfJ6vg5jI+y6Z+9yZmzWJsZhmCEu1zAbYHjdME76
|
||||
PRdHXWepCWdws98LQvx57SMgYGIP2iCftgMjB7GZDWNRwRTrIG3FziPZLugD7aHn
|
||||
+8DUtqwx1VZyosv3yDhlf+mBwFuPY9RFhFwLnw4pV76C7IbgpEOA/Pif2ErDzK2a
|
||||
w9bXirRduivj0aYFy0bYwoRytlwNWDjg+GN/nY4OmMwyTefES9VW8aqRLMngdnSz
|
||||
MM2IbzQ0aw1HhrgtZjxx1rL4fvYbN/dtM6pqErbWvUWjABEBAAHCwcQEGAEKAHgF
|
||||
gmTxo4wFiQHihQAJEBnLLFjh8ZsWRxQAAAAAAB4AIHNhbHRAbm90YXRpb25zLnNl
|
||||
cXVvaWEtcGdwLm9yZ9QVdGY2VE4v5B92uztaDtE7PIHo2i8W7fkiajqgKUJ2Apsg
|
||||
FiEEPbdl6a2/KMkGigIlGcssWOHxmxYAAHQND/9I5EohbJ7qy0BFgGXFRZASal/O
|
||||
osGWskRqaW3S5uqk/oEXCaOT6Z8tRYSRv8Im4v7f5NursYhfZanANbbqrwXJf3fW
|
||||
r+qW/Ms1AWO7gRITuLqLSSWj4iHIl4Cz4/v9tQoQoMmbfLj/0qE5otWkmm0w5Ffg
|
||||
AUcjW41PGu2PA3/hZerkkLwchFwXP13hActdk3ha/hCCskeVNDJD33tDTMqnz2ah
|
||||
sC0/pNkuCk16p4HFAyQJYU0GLmKVPtlaLBBfe4Oo9ArgUcjz9zNdmXJGNu0aVKed
|
||||
UoODwujT0jcQPXSEdVHjI/jwkA0m/PiLBW+wxvi58DQCnL03KIEPou8P9LnIRrrP
|
||||
hR7Iebuuj6BKLAZrgWGXc15VXAiIhsirIJ/vDyHCm0IJNbuN+qTpUt12o/lvhVlD
|
||||
deKu/TlnrSD8v6CU9kmELj6ChC6uihB6LLOT0XokahM3twvkabzFqlYgsw319VhA
|
||||
4PzkYsRIoiMMzFHzPTJvvG+XMqu8k2lniLvg6UJZqP6T/MPpPqDitfcMkd1PBPms
|
||||
nsvA+tsreS8BVFA0OE+7DGmytjjpmbwBq5EebVgINGpAk9AAgyT7GcXgzv4NqSmX
|
||||
VxqlIQIfbAQOtwh16wuaJw7p1H/Qz4UaNra2KCcLXmfVp3Ks9RuyPi89rfOu9B4B
|
||||
HEZm15ijrxpKeb8Ffg==
|
||||
=Hq+H
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
|
@ -1,350 +0,0 @@
|
|||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Comment: GPGTools - https://gpgtools.org
|
||||
|
||||
mQINBFpk+4kBEADeRoAvo+sbj6GFc7NOY0P1QasAiSTqYztHsfUk/dht8izxcd3G
|
||||
ba3QBX4CZlKZkpk8cYbmztOO2EroJWjKg6SDQUfCh+QE/Hx+f2xfVax3118cEbRo
|
||||
ClnfA1CD9+vMEvFRB39UrGckxHp0wxcUtSQXwxTSVhw1HxRVLPDj5xJ/W5H7GwEA
|
||||
Rmrj4S0OIRU9gJUlqLW8k18c8Di1asr0y99Fuek5Mw/oRZhkx8+41dRB0lG2BNOZ
|
||||
ncyDi9wSLi8sC4udCZuv0pVtTHR/onGrEYi71PpY7XYAL0YZnp6RB8ObdchMNZVH
|
||||
1WKED/aK2MVJoAMXmpA7SVRaGw+dUvJBwtnKqSUT1lNgX6dTyKdxPKdvzmcb1htM
|
||||
byx1mc1ruQy+sLQ+ZtWgRENvrPpYZ2vcQ3vSZ9YOXt5m75JzbfGNHyCAWhziwhVX
|
||||
u+UqPPKU8k8GVato3tB6PcAugG5OCqGE9EmJG7a+VFThDjJeWAGBolWydBeIqk7B
|
||||
NeM3zA/K0PwY/YlLc01bmiquCS5Z5MQwPHRGMKmuEtfJmSBOjv7CGnNFm4kkfRzr
|
||||
5TR6J9oWlFZXs0cJcJWxrwutYszBbNUgRebij5U6ju7QnJYH5zqctIYafpqotcoR
|
||||
I5VaZmeYhGBaZdf6ZW/bcDSQJYoi9wsfKU2Mcgb5GY3Aey6z9EYxNoqstQARAQAB
|
||||
tCBFcmlrIEJlcmdzdHJvbSA8YmVycmFAbm9yZHUubmV0PokCVwQTAQoAQQIbAwUL
|
||||
CQgHAwUVCgkICwUWAgMBAAIeAQIXgAIZARYhBB+yL7RJJlg7x0ABIkmkJRyW4KnU
|
||||
BQJbBAtPBQkTaxLGAAoJEEmkJRyW4KnUBrIP/0AlLjA+Q2N9c7JYOzAfAECFwkEw
|
||||
zeQHAOX4P3HM6ZvQlmBOdI3DqpmRC0OBee0jYJhGwzIpYvang5wwDGvj3bELfpRs
|
||||
C7152f/aKfktMJILHts4Z8uIgIlYFy6SIqL/JjffBuYWesh/06/8kMe+QUJe6IL/
|
||||
8lPZJ1ev1NqvSt9Np2M9GFiHrcxcarfdnPUZib+XZBkU+SGJ1LUeiUZFWdUImxci
|
||||
sh4Gcd+yw/P05oZrp5YzNs1lj+8hbl+BPJo4zG76tCaLnRBQ7A0cKUj2EHSwgHV4
|
||||
Ff8UMw/Rv44B4W5R05fmXiC0kY00e9cFzOml1QKJ9Ke1lBI7Kn0wRFIyIoZ9DdcT
|
||||
JAVCLmZkhLz6aLBloQPqu4vjmi07C5Fl93GGRHGUIfS0PSmQ2OGzr5aZAh7NJrHh
|
||||
SnxkocL55rtjycKyazBY+DdB2a5RZ8JD+UQLlznLlKuUFLdCx9ktbTo015Dp4P8R
|
||||
m4UrDadKR0O452cgxJTlH2MNKatYm43j/N9q4S6KZB9Vfpu5SpwTQNwxkS0xl+W6
|
||||
HqgekA6u82+OMmTqf6ULiDTbtj9kRpz349YQ/GKheEZZKCeFmDtxQ1zTENRuC5tq
|
||||
wDYe8orM5+6wmsnSkSlVMHp48NNnIeVnxDs2HGa1+Pq1RnSoHdFrVeQT9+uu1QPA
|
||||
LkKCskTxB0ngy34kiQIzBBABCgAdFiEENU1PghGRV/Ch1uInE6D159p8CZsFAlpq
|
||||
+7sACgkQE6D159p8CZsTqRAA08a08z9Bu3kOqIU3+m8BLRCMX0Hyd6p0HbzcA0Aw
|
||||
OgsMLLTQolMJdwb21kJleJRa/Q30J33YZoS1J0qfTY1xuLjaRMvJEXX5ujnWS7s8
|
||||
X0VMx1SWG1Kj7/WFSuS1iNzTQjitaQrmixMFxwdflXK1CExWdeeA10MJD1mibaXh
|
||||
yhysOf2fnTvvkBy+FHOTOkAs0d8NRnitWOyRkoYwFnrTFTYUy/HCfGm7EOm3C4Fl
|
||||
pbeJUC9XSmqpdlTTtRqxMmDscx3Ou8lTs4m1bmu9jsAjssw79WokaBM845jtjcXQ
|
||||
4vhvqaUuTnJ/dV/KCdnABlnzWdDqmfIks5kacCmZ+5oRMR3OqV2arM/f0R3Bb4VW
|
||||
J1SvZJYENRlg4wPLWw1iXlR6kf0eXGpQ3qF5dnKjOU8QSmnJHuVh642/++9k3+71
|
||||
xttRfzsA7yjQOVJCc6YrZ2OSTZ+hy5xGQ9gkODFrRRHmw4ozh4+OTv0dsZJunOEW
|
||||
Ih5M+lI6zdjMfOUX80L4BhVZAZdBqG/g4VrLEUWdDPoF/9VSJuo/HaZyxEom8Z2i
|
||||
9939mJ+gtKAPfS9RxqHS7bGb44L2goFQQeRa2g4otx7HEaS3rtWoytjzlsQI5mHK
|
||||
uZXhYfCabjRHkMh/c/h3SGzSqgufMQ2fuqiR2JqgXW/j9krhLRzmlkg3GTuy/lp0
|
||||
eyyJAjMEEAEKAB0WIQR8IIKN3HGIvXMXDmHKWPvCG180XAUCWobCvAAKCRDKWPvC
|
||||
G180XM6MEADRshCqez3sQ48oeafWhxn+kYGIcm5W9LYCwCheom6AfW7yDJ+x+StI
|
||||
9Oi07aQVuqenqwjkp+lLsjTSnmb9bqeMP9d4zp9QDPK+C+NBsqy6T5FgAnOYg9yh
|
||||
KScNwTYlXpQGERBGJyTZesH4VibdeAmwn9OjqnntMVuDXPknS3gst+yRwJvKGDeF
|
||||
Ht6z0MfLk0/qMoutg0qDQsSz3zGNOaLQPn1d3IHeHwv9DsNF+2ZSqPWBIAzHmbbS
|
||||
0qZ1hUIt1KMCmteG07hRJkgw0FUC5STxwJVy2vwhUFhR4B6vsz6lTfRP2jMMH9Qy
|
||||
hJdNQD/DfloYOU+Z/i5laY3LTl5VUNUoOdicWi7zfnHrfGIRRb7oDINwbz6BntzO
|
||||
E92MAXWGBJ2/bSw2cCpiNJXjVHGWTGyF8GvvV9OsAztwgV1Nu46QEUVxJMz2e3Di
|
||||
2vyZA+qjRnV3AN/Nz8iF2acI+kKJllg2plYFn55MshbRFTpLJYVroJfLYCyDqsh4
|
||||
bOCetU08JkKdW1BMRD3IYNMxBI7e53qsyPYbLMXyO7jZYkLUZQHZ1qJ+K0IhbTrS
|
||||
By7zJj787d/Dmdd0qJgj8mLX45os0xXFHJJFunQZekUNUvo0NCF7MsOrg7cGdltV
|
||||
XKfRqzoc+4KOCtrj/eP4bO76ua3k6IWVZS7SXqTHvhmlk61HB7FX5YkCHAQQAQIA
|
||||
BgUCWtdrrAAKCRBqlHSqmtx07PB2D/9Byz6k41mtK+0CsYCVYuW1oDOHLS48Ne+V
|
||||
zbxtLrZWLysB6Fe9mZ6CA3cXsdJzF1j1q43/WwmNj3Eyia73swfAqIl3V29oCgCi
|
||||
oW+y8omgGlSJdPCPXIH8hxdrKRfimpWhr18oonZTXMNudYOggQ5qsbjzND3GWVTU
|
||||
UbDWsQHK1+HwGhNHKorJML42mLDY1su/emAzaTnhZ4hDy65UXDdp1GbMyNb3ysx0
|
||||
Hym16isvre2oLpjcPoxEjbOPeW+VRTiGH8f5yH6WZDaTyG9v9+JycoyPC5DCvCTO
|
||||
Use9rLhsM/pl9QKbnRXRaiOFL4ssSSGjxM8UW6eMbG5beaDMuGyZC676dW/jm1Bh
|
||||
KiuGmR66GOv7xpDMI14JWFCSqlPTMxzw7A1lZG0BlrOrlFRzSuGdIfHNiJ1sQKy1
|
||||
413H3Y7/Gzrv9/tUeXOXfYFBHERald9bPxvOmpqNBdS0+KxpJnHC4ilhlIArAYgp
|
||||
HKHrWsPQdbIGcjA3qdd4CyhZjh9wQ5d8v4GCRzh/qRAWeTpGghGaRKe3QhNKrZ/v
|
||||
Jx4Tu4QN/a/bShWrIwrpt/bYvTG8bq1zjtA46Va2sVcHAQUdZXzRIHZxK8o3ywKA
|
||||
IDkwaZtlUAmlYYK7P9np0N9suaRRj2L+t4nmtC6BqP6+xy3paP/EXEaOe20VXK+H
|
||||
XcUNOsu+ookCHAQTAQIABgUCWtehHgAKCRCi1Dq/l8s0RcNUD/0eYHM6pfQ4gqNx
|
||||
0wpoPwjcQthU9AGr/nthGr5Pa1rDLor9BgfimKDUOfHSUaEJfaz/mEKSKjCNRAlf
|
||||
1PFFidwgcwPDLFc39CtjPBKQo9lj73X9YB9WBCPl3b/Knr3IZdas27fca/vseY78
|
||||
Vmj3ynBfGm2H+4tkDTfy84F6hLIJ2c5gitNPKJ+C1fuldSaHU4enab3tADqE9443
|
||||
PiVPbUJSmxHW+iYEqs2ALyvIgEmFVPqfgyMXLISOjQboam8aFm8vdo7T8NcdXoZI
|
||||
vhzwq79iEFBEU9GpblyJGktueVHrWXTsqAOq/voIs57joMwZ8yNTwVhlG34KxZR7
|
||||
49e1Ha7RAQbRfuhC5tlQfE4iRX2uEwPw9ZkRMy2VFID7DrAPfUW9SvOZXFlGeoCU
|
||||
x8yf+9b6A9XCShRvck17jvADQq9WmHoiJTJgyh55Q8WzqW/7zsSr0WwxjhSu3ADG
|
||||
TXy94ZTSkvjM7TxrZ4W5aKApBgp9NoYj4i/iKOf1rA1CaddqAbiJGncygmWXI5AD
|
||||
E5oeTV156T4dKItyymPDZtT5G5JdYO01Ho3fX1I5/u05FFTOhMeQidtnWghHKmif
|
||||
b+GkHrV8p8lKPc8TuvbjPG7Wj+xViLCTnRuOuEIp/mmRyHicRlgDfswQcTdBrjTg
|
||||
PGidlrlHeCEqzs6l7G+QtSCE01rLUokCMwQQAQgAHRYhBBl/zlwTROqiPn/AajJO
|
||||
JO09WgAcBQJa2CxTAAoJEDJOJO09WgAcCpoP/3YqRdWBoZR9JVechCjGUqbwOXeK
|
||||
/IPxtUclYKUnQoGQ7UvXt+b00i4Vq7N6UY22fcja1yKFlccqq5toOVmX4OVZasIX
|
||||
SAITSSwiuY0yy5SOmNrU7deCaGwpiEvZP5U3NP17/h4dS360MwNOOUFgMXIvpPmu
|
||||
+uHkXEN+VysxkGPfU6IkTGS/mjzJwu2/kHD4/gjPUiKGfTN1OfoJDSZh0qqRu/Xd
|
||||
s22wUsKaJHKHCGmZqx9fZRDLlw1ulG+yYh4e7y27Gp7hDZfuKCMR0ANGRguT1Ahd
|
||||
nhzxOhEz5gnwU/z6r/G6OWA+vtZQuq7hW8hVI0/1kXRJBhB+GQ1oZRRnG2ysfVal
|
||||
LB+N1z6/W0A5r0Nr4yfLXH87fFg10jQ93EtOcsmTg2FRCs2OKWG0HjaGrDTUFjn8
|
||||
kF5uFqRgcuYKYyzx3fqY1I89l+Kjj4JF/o7gF9xNy497xlJfN7SDUNAGWZpw02V5
|
||||
yygondXpVGHMuP6dB3tRg3au3lJgJflEIh4DOadpkZHg5XLkj4zPAoFS7AWqRwEV
|
||||
jDCnxy0kEPL/A/1uNJMMuRo307gJMG9diACBCtRrRARXaAoFnQwkNnkwCdtLL+mV
|
||||
mEcd3Lsj3jDeJHjq2YimcMiXKLerIyrRj6rnWe7qG3fT+N/b59YW/OftKFIr7+m+
|
||||
oznpZP3S1sMPMrz9iQIzBBABCgAdFiEEQyrFVeaoSJN1vFzSKpaP2Q4JqQEFAlrY
|
||||
Pn0ACgkQKpaP2Q4JqQF0wg/+J0utkOBJV7pZueQt+8JUQMvud3x7nTraviyAMKyP
|
||||
yPi9mF+GYxpqBmLpXP/Gwy5Mm1AIom5Rml8ZelSax7j09wlj3Q6isVSWtFCRruAl
|
||||
nRs058Key3EIO+i9IkuBPs9QOZOT9djaGpX5B14OE+ErAqbhqs1SX9x2CHYK2+Gb
|
||||
3If5uF2+tVKt37g0Z7az0GClv0YZFw7Sc1s9hXrUsSl9sh2Qki1fVtqYQtDR5Pix
|
||||
vbE5zdfvG3eQjS2fxif2E1YJVxcrLmDzocSZV/lLaO/uWP0yqumK1u7i2y+7s6Ye
|
||||
dUGjgEf7Lib1o8IuE1TgwXksvZDNhX+MU37LnAHckZd6RJGH8doyDoGIme0/HLV9
|
||||
s77T/7tapkx5QSOnXPkrjP9/KSJS3XAohMZdAUsipHphT/ZNjRbhRA2VgfjTaeha
|
||||
JnX8z+CcvUZUTofO/H35izk4nn2Bs1z0jhs+hymb2Z4QoBnuGhNLycP34vG/3nUO
|
||||
Sp7QD7hXCJHCA3mpfxh0s9YX5kKP9KWCuBgNY2ZzU3GonFwELo99Enmv0NYrbWRq
|
||||
8GDIhaw3dTriPtZf8GexWsE49e+oArpxO/bvH/K+8asnqapgXD7jkKgfMMP+iHZx
|
||||
JpzDWNiJFpBmu4G9UDU9x1vtFL8gNckuRckhFrORuVyB1YyZQEjmkidKgxmdIXGx
|
||||
fMuJAjMEEwEIAB0WIQRZis+gxN9b9JAAC16ajKfVlQ/z2AUCWtmWswAKCRCajKfV
|
||||
lQ/z2HWYEACvBm+6+uBwF+TbNPyTNkzBLkt8fDio0npDXm9862ZA2hvSxG7CeDnh
|
||||
WjsEtrIUCH2gQz/0FX90hPKa+xU8P7LihC6wcRwJ+n51tsThrK5LopblUgb/E2yn
|
||||
YFW2OCxz/1VPfJQ3pYJuiCraUClzsOMZyRkPkR3I3iwpl+gD8L6ZXVKshuaCzFjZ
|
||||
/i8MCgBtnmxMTov+gVDdo4xPPVxv0wpde7N0mgRztSdwtCC6onVyp9es9Li/n0TW
|
||||
+/zJgokGCxRSRHABLwm1f4715Kbmkuf0l38N8HF3SAmFBrE9azTAim1XmYfVvSHG
|
||||
EIOoQcQRS/6focvWRxe3RHjJMEvvTU8i/gqyhQPLEf6fQz4TMTSnGV+9ltxC/etg
|
||||
4zhFwFx74SLlW87WDi4KIfaeNnTSKZ54hQ8nDVbKBv+AelJuvGjVAbZUEcYEU+jx
|
||||
zmXC/wxynQgCIN1FtpLe+g1EmbIiK/nhBILmlegHMOKGhLvC+0XVQTHki4dRB1FD
|
||||
ca4aks7HM/G9PU7HH80r0vtE9EZi/f02hYJStCerTtmPyZPNqf5ulq2KcgWEI52l
|
||||
EQEB9rHprd/cP5czwvKiDz2Oc3CELVbXmVGJhLWj/uJoH2FpZN6sPo9l5cqM2FKM
|
||||
u7Cx78sGTZ7UpcDCEhff+EvKJTskOyILiFqGpNAQW4uFmSNEO+KEkYkBOQQTAQgA
|
||||
IxYhBDHDr3PuPeAtcUmD+VgDNU0h/p8IBQJa2dCYBYMHhh+AAAoJEFgDNU0h/p8I
|
||||
MrUH/2npDWMIOChTblB7lxqG+BBt9JgP95gpJT6FQGp9c4Y4GahiicCGm9v2z1+p
|
||||
jid9vHnsb787LkBtt65z6ijIeIAhj0D21sbS6zVidRn85GUWvbimlnoks0reF1tG
|
||||
7SBRUcfmMh5tr3nb0N3NYrs4EKGVCv6CMQ1FHAbdxUQ2Annu9rXJUHZEYc8KRD2Z
|
||||
GK9h8ZXxWEMiqWlU9HlOLN1HdJyg6z0ymBHVmdlQtRDJULEKC/Cln8caBAxYu+vc
|
||||
fX8XvIhJs8qMM8IBodkJwDUxDngbOTAuVwN+BarBb+mqgC4LNhhsGQDsMumjXfLA
|
||||
H8a3KmF9tULRLRSJX5S7PXhttQaJAhwEEwECAAYFAlrgSisACgkQPWr7Q098QA/u
|
||||
/g/+PXizHzsLtbpxH9Get87H5OeH5DcObvLwVE8sKDYaZ20d1cMd3KAW7gq2aBWt
|
||||
Zp7jUmjjFjaEVkz3Of5OO8iU5teqFgo0Wkt8uSJNdNUyaqwfwsEXKUoC7QhSDPwI
|
||||
MCUnL0SbBFkb6kEqKSq8VR6UWnrHpH2XMuD9M6aL9DPGVuEivKHPwXXXIaOe1U42
|
||||
tEQk4TBrD0Ok/WlUH1U9yzYRH2HhEszKePpFGfZycgvmBxYVCmHSarDV2a+DwDN2
|
||||
yrT7zfYMmwpTv3NaURZRs+4g3D3+AbW2kiPI1yddgtoRG80M/gkKwdIUxPCw9/+K
|
||||
dwfq1tvre5Donu3ks2qMilWA2IghuTl1R1zNI93Hi8G1nYvlu9KtajzjVKtiYfZB
|
||||
D2HsNllqsRhbaS5LX9xTOnQpb2TXeUMDu3v/FEOob4pNqOVOrPwAscagbnsvShvr
|
||||
pWeCO7+X+9hvoaZOSqimGf7UOC9oLtOgJPXyLZVw+KGWIIBA2+tul49jJfmOCn84
|
||||
nxyo0F7oO/9LtjbXWRrFDIS+pUR7Zf2dsBQJytdXQ6AesyHuvHg76zWLJJkPCR82
|
||||
QCaDxUN2P5ZltmhnYekqLXpx4rppQOMyhUEwRWhnUhW7MXlOo7dYPFJo0g1zNYMj
|
||||
w5J4M16z2CvQ8KE0RUAhViXVFDVGBVfr+npNvzROQBHYuj2IRgQTEQIABgUCWvK6
|
||||
TwAKCRBYqdDzyTDbFsW8AKCGkFUnZJ7qMAY15kYsODXwBVdzKQCeJcsKFg9X8ny4
|
||||
H1FPp+LlhH6xVKGJATMEEwEIAB0WIQRBkFEu1zqayxIDQdcEDFEAfBqYLQUCWvlW
|
||||
VAAKCRAEDFEAfBqYLZGFB/0Z4nly7EJCcyrAbimNzuAZmfkVohgQ0vvrW/NVn6YA
|
||||
aLQHQoI/feAJCL6stqC3KxY3pTVcKUFZk/gBn3BT6FDptC9GPZ9mcnWEiUc1Czw2
|
||||
DK/lRobhMbrNzoQcEgsa/++uIrvJAuhW2zg9N5F6p1edRkBt6gyR2X65GeopNcm2
|
||||
vUP/vjmx7Lbr5JD+vhq8CuepO075T7y+aciDewijPj7I9m2zeuQmGBhlKiq37gV1
|
||||
WnKZ40NBm/7/9mRq95AXq7pdHOtGjqqjDtlobI8Nf+3gZgH9c1+1C82N2MhDEu3z
|
||||
CC2Lqp4U2wrsEZLzq7hhgur6r3dxgCiqQLOBl4GBfaMaiQIcBBMBAgAGBQJa8W7Z
|
||||
AAoJEKJ/4hHFKvzW/JIQAIh+YOtAVhWkj9iHlVe+me7S8A4DtCDK3RWJjuAIx2JC
|
||||
F9VbXxhqShP3V43LCbHVXaJEZ2eoT3iLx6qqHiSn03T33OQFbgscITkw79aF0Mn2
|
||||
M6MTmt9MXVTJ6Hb0X03sHu8bEYeyd3HR52eOOnl6qrhEE+7ZXU5QpuTkk2GOGE0G
|
||||
B/Th03AI46iami5nlLi5tsaOQR6CNtL9bBz0KALLHEAL1dHvZUTZ4tqiHAgEROH6
|
||||
BxWQ4HUi1uwAGUXC0Dn2tJ8/Z9xmFwZNRqRPYgcd62PXKXYr6O6Gt8cfbW579XJ4
|
||||
oBPh4QbQ65Oy9V/qV8UGP+xlufNnqNXv0nYDhuJcNL40pUHGX+50X9EVAp1Ocsba
|
||||
bd+84P0oYmI4Wfc/06VmGqgCP2bzPH6m0dmjemx0O9JXDa4ydhBwrzUg8RcooKE6
|
||||
xiLDOjdefR8iWsHCEFabM/oNv1xV/UR4H2DscOj20X421+U4HOpxCBsW54hKSPVC
|
||||
Wx27f4UZ565ZsmJl7w9B+6CJBB9fbI9Cc/tnFDIHkCWVr6dXCcGtMsP+fTo7GARb
|
||||
Z21XvtP8twzXnNZNXo7WB6sX9MdTXfyx1TGxv9smN3egLi7jwbG7VuzxVSP9OQR4
|
||||
tl1qYpGCkiiwLQ12ppoHavOzkdSd76WTp4oojx1G2Z2jgOHSmeDaLhXdVrFm1yjD
|
||||
iQIzBBABCAAdFiEEP38RmoiukSTBIo6eSKTSzT93sqMFAlrq1wIACgkQSKTSzT93
|
||||
sqMAYw//XPwLyCnPRIo9jdjtz62wvBX8wmi98iqDQgBB03ArJXD5oM06jT//htaS
|
||||
tOAaWbQzfQEDgB0mLJPeIOFYYP6sJSrIhOhR0/KQGYkMzAIpR4cIHN/Lm/FSapi6
|
||||
2J/60FX4wr55UZK2yVHrZxvkrUBjK+maYK8LQfjKIAkxTFJcvyDPeI7oF0emqibn
|
||||
sGuW/43zDQyaci/oYRa5mB86Zxo7MdrJymxLk2UXzWCIX0AAcXCai2DQMwjhMuyU
|
||||
v7YGJaCRMfx/vcnhtFcFMxw5ZJ8TGsRG0KGlHhjIB9He0tFuNFXwsbcqtnuMmrY0
|
||||
sijGqWyGa4//SNv1bzv7+APr4VMN5T/V8C70qFHg55pnpeR1tczLy2xqfbDHK1of
|
||||
WPInCB/H/ooca1U0B5PK5mQIigA6VeBHgdkyWd5AOaOsXaldywEgamcsrEGYljLd
|
||||
YxbRhBmxh/RsO5BZTCVauCG8J0kVcul9+Qdh6OixQn+UOdLqEOLONqdK04SM3ceZ
|
||||
WKpHg6PhnYOe+kGER74tCKy+R6bz5ig3HDks0vPraY/mlAoCSJ9i0QZdvZz/f7kq
|
||||
ISqgrdT7Oa7L7A0MXQbkOAbMo3AOyEDFgk7jH7hsIUntymvBLGxPtBsXV6Q7LSQO
|
||||
wHr3t6EFuY5ukBpbxJfr8dQbWLZTNuCRn/k63XdRpGr0035Ys4e0H0VyaWsgQmVy
|
||||
Z3N0cm9tIDxiZXJyYUBzdW5ldC5zZT6JAlQEEwEKAD4CGwMFCwkIBwMFFQoJCAsF
|
||||
FgIDAQACHgECF4AWIQQfsi+0SSZYO8dAASJJpCUcluCp1AUCWwQLVAUJE2sSxgAK
|
||||
CRBJpCUcluCp1D/WD/4xwPTlXKxH12D3vP/2wmkqbf2iudU+TlmcEERIEin2aBw5
|
||||
+GzxY9l8rNi8HWz5c7xA67Gss81I6RJJ0yXvuMwrfRPE8/FRFLXfgsf0twbxUI9x
|
||||
krxXrqMho+zIXAXHA4K8ClKxJ62sp/IvxEZ8uuM/BAsoNOGWdDjxUWJutmgcwqKW
|
||||
t+6v16fz0R8/7W21F8J0aru3XTrygPsddx09LsUN5E0aenUrYq9XN6VnobQpserM
|
||||
Pd5lDc6wxrmlPPVNH+TP2Ne4QUKFhPvvNKqtafc1QBdpnttOHQ+xokN+KFDp5kht
|
||||
YRrXJnzSVRQgE4qvmddPxn0ihTC7Rb+JVinZUBEFfUDKK+cLJmsU4o3N6OeRpjbO
|
||||
qw7nlqOfqAS2iM4kabeqwUZ72fCSRk2cVkTJx+P30eztdLHISZBldFMV0iXyL1L7
|
||||
uNUxeA9zbKvy2XDsJqiuVh0v6saJunKs9Lbi7i+6R7strE2ixYqLP+gyOkJSNAhW
|
||||
EqCZf95rN86ymZkGHB7qDRjJP3KjPqtpqQnZIRFJsRlaVrTDu2v5XxqBVoITh/tk
|
||||
2tP7N0DPb5rDbl5e0ABGgagEAXeW6loWootI9Jy08Fh4MCWwKHwQhF+xtZVtKpP8
|
||||
N3AKf/rwNeK4320LhmqUJ+UtzaEuFN/EhK51uH8d948bA27GawVaKUOjHy4D5IkC
|
||||
MwQQAQoAHRYhBDVNT4IRkVfwodbiJxOg9efafAmbBQJaavu4AAoJEBOg9efafAmb
|
||||
yqAP/2rH578p7e7bvmsoPFBbdhzHhij0GVBPXt3nOvHrXLrQi+7uY7iNJoLW4MV2
|
||||
tSvHU6OTISzbmgura7GbtGsMRRx5U3Q8fvY6W1VKoiPhMBLGBLAFsp25e3C/CMYX
|
||||
2s8ymMnXlF4OiycdNDBQBkn7E5qhMLflkdVus2u5IGFKluNQJIi5Sm7Qseq/26Da
|
||||
pmiuSq+DgLYiOs6dpjxWbLLSocdVA0GAC1lJhCF3usjDAEe9Vs9VY3NG/IVMpOR8
|
||||
1kWeOWMJuQIzF0iCKyDbeoYIL075QnnrCXVeh60c/O9Op7t4J5VqLNINxeB2nRkp
|
||||
1sa7+Y8w8WDz4Rcx3No4lqusCKFTDRGBjjtzIDNGz9j+dslx2DCQlYWnO78JyM+U
|
||||
aBuKwuE5x/e8b68Vx0q1mhbEF3Kx3fsklmxmsmKPJo4BmPTD3m7Ah/sAEKHCQxjl
|
||||
qPbsc5bBgJESG6w2ex/EbbA5kDPfpN3ILSCd4l8Tb+YnX9hDmbjVT1Z1BwIf+sUm
|
||||
8h3cZkOt3VdJkF+/TeA7++G5wHb3MSgreMe9t87C7/mR6PsTcCS5DV6EJdpJoE4o
|
||||
DuDvX9/ttacOM8SDGPc+snI1DgwvsBZzF+Vy+NuKyh74eImJDN4EOE1kKbiiqD+R
|
||||
XQEuom8ypLHgPE5eKUoTlu+q+/Kugs0L5boNOnMyFVqtSFbHiQIzBBABCgAdFiEE
|
||||
fCCCjdxxiL1zFw5hylj7whtfNFwFAlqGwrMACgkQylj7whtfNFxOxA//WzvhwdID
|
||||
eLPJQSnHW8hLwA8R23aqOPL7A4uyDp40QWpt43fXGFKrOnHRvsOvp7VBq+kCRXbA
|
||||
eTV4pWQVwu2mKFnCpdHWS61FYegQGMwsBNHscsV5/OByctQ9grPrcQXyJmDv75vb
|
||||
PJGlnM/WYMEbuDlHTtiDY9l6aiTaQyxu5sPSe0FdEfT3+kIliy0xXBctUBaTrC8+
|
||||
nTIfnSIfXunXdujeHVpIWYOiGxuG9wCsA1UeznIqVj1eC9k2aAVYw7anJ2bGC4Wn
|
||||
CqJcTGWgZ+3z6PxzI3+c5OvqpVCdoeKTZSWpV/S+oqZPf8cAd46uZJmaJ+TExA2P
|
||||
qHzDYLm7xouHQldC7K+fJMEsPwa80erlKJAz9l5GEAuIJi/FZnn2Zd0nkYlUJjXR
|
||||
4t4Py3Rk5yMfowiyplyBS99DbmdI0STuIkAbrIP/TAxLTVr7XRgkX4McbawRK+7w
|
||||
By0v9f6mKWAVw9HgAwEQUB2Ytr2qv6WHev+4g0zdvYejLeh3wXSIVPG8YO2M1jwu
|
||||
RB3JFTSzSkQNPBDwDDS+Sn60Hv1jyiW0MoSnwuGEkDkBl1Ec5UmotExig8iaor/c
|
||||
tAabWrUxbcn732j+zPDu+FetdsIxj2UcJFUwxcolqv2mGBPcJvNjJbOBAhd3c44j
|
||||
qG98R3Srsd8ic6Hc6tDNzqhO4gO9K9lsmjKJAhwEEAECAAYFAlrXa7MACgkQapR0
|
||||
qprcdOzJvA/6AhNvUVyFvtaLy0B+1qhK6Oo1xz9r4ctW+582q53b+SzYcV+kIAiB
|
||||
fdkFFQO+ipeIxp9YAkLRroCoYcm7hgJWFV3YP5ZyhL63dWR548znWyZRn5/AW3Q3
|
||||
sSkkzscTsdM84MPFKoywXhL5QqMgoBZ+oNVgWALzwzHfCPBVHv++iD1/DA8PUovK
|
||||
eP0t6JmY1Kjm7TI/NL1hM9P/RjfPXjFVRscrQ9mDBKw0ZDxrZ1FflWfgujOMdzYe
|
||||
VtUet/tX8VpQ/zLAOYwxp/R15m9OfMfnIR3qpXai1EAEhnmwGXXtGCmFthHBoqlr
|
||||
0Pa5ZlzH4m4khpF3vCaATnw9LiA32xAaZtGuIVhur68QTp3pmz4gJsmIpSIe5vGE
|
||||
qJPslNKP1zOCyS4VibX8k5vVKxqu0ln4uOD8dPosYsyUjoDOICFVlTEpKUgtK5Sz
|
||||
ym1ZSeB71vvciMC7haaonyCnpVgsX1LG4hP9kY0dloXAuxl+z8rgphN99W22fPkL
|
||||
2GmR5nBpg/3/A5a73xFajzEWQPQ4aowk+LkgrXkNnqCt46gNq5s0vfg/STVsTsEd
|
||||
LbhKZZy9kZ73kuwgwrX3DzAfe28pJnWheazFEn8ClcVJQGVj60DqsTF0MRH7FKDY
|
||||
XInzZWMR926aPGIQnpPSb4GKEI4STJNTf/YfnUF2OfW1FqjjGAkcIiaJAhwEEwEC
|
||||
AAYFAlrXoR4ACgkQotQ6v5fLNEUa+w//csuigTGtWof0aZ8YpR502opz332kxNdQ
|
||||
NxRwxdMbISBZheapP50P/DRmIRqXJ+O9qRzs8Nlofhm/Rp4S4xi+Q7j9IfmJmMY2
|
||||
8e0ccpPxFLJl4YFhSNUJinuXvByj2yTlRExnIwb9toJu5zBfVK7F64etx1nAYU4j
|
||||
Ri2D8Ns+jv86wZBaeVdwUkxaoq+p4+tjr3f4XNOGPhzaaqv59c3LxPm8otpUaVox
|
||||
NoSlE+RpWlJ4+a6tfATRQhGg5fHKc6A0ygOPgWiMgySTqn6wUV9YAH/gp6yBB53d
|
||||
x110nNXZJVCIH/LOKm+OVoU8dRETOIkG0f2YJPF7/l75owZ3J8AhpwRpQbBDlQjz
|
||||
dtxrewqiyFhUD+3jq4mIxag3gB+Kkf8+bA8i7Br0Io5RGTkAD/eePNtCt/ONRKsb
|
||||
So7GxgdQaWsyJffhHgBBnf/Zy3iHnxJiyaQ8ju7WiITmG1jZdAUlQ95uNEatHrjU
|
||||
01Hpwp9kGz8BVcxeQxKiihXgp/XBpRnN0cMCqH5xH7V6nw1EcVdXvrq0dU6B8qKk
|
||||
D8IOBbTYZ+j5OAZO4knBJ/ZUYEVUET7ZVUD1coQ32Wa+MbbR9+O+8n3T73m/uBxy
|
||||
MHqpY6EZqwm7uzMkWJo1x3mBDOFHT95N5detTR1KfKAPyK+yM7cjhXb7pXcml4Mi
|
||||
109Zy53NVFuJAjMEEAEIAB0WIQQZf85cE0Tqoj5/wGoyTiTtPVoAHAUCWtgsUwAK
|
||||
CRAyTiTtPVoAHPXbD/47v1b9gNCTWTdR5mDF4Xgj4u3wc22YFXbcyDNyGrd4S2tP
|
||||
HkvGhT7zWfYs+T9zdtE5n7ZauObJN8NS6RyIkAwIxVVdfuJZLu3OCKjflCSGhwTf
|
||||
CS0Es8cFUqL6yGYZ2Fwq9tAwHLH8N0Bc2geY6dH9TlcI8RkeEocnj+ESKRAuwPF/
|
||||
9ancDpvI1/ZyYCduZeDbesXBHY2wV4fiWYxn2Np4DR7USqoEBHDgyQMg4trGDNcL
|
||||
Omym1JwCXEE+RK1Q2r7MiBbLUqR3tdCx3oUCypwbeFd8JTTZ23QBgLyi3BKoIZC+
|
||||
hgpFmDogYkHc+cHjpsYtycI0pRoZSTRKOs6Kayp9DBLhkkMnvMGjBCDqjPc/tmZH
|
||||
Q5gFvMQuagUT5gSEjNIyoTPBvuoWPsCZsAZgZ237DlIacwVoWc5zwMXDfFmYyJWt
|
||||
ZTiSpyTGPtRvBEzte/DiF1SqmL1G3TAvBq/ljzQmnBMaBY3oWIXuuR089zz/ZZhd
|
||||
pYg7c9eizM2G5ETYH/eM85M+b7QPBihOTButa709NuiE8WCszp4vXZ12PpLArBFc
|
||||
MKODMrnv4lrhEwzjq6qT8lk8rOVwj7q2YYqRGodaYPHm0MZIalZwlIBxqKRZPWpd
|
||||
ak2FT1eXIcS0Dfpt45hHBtdKuiVjIQzqCYHTh2rb+apjozzVvRzHm7eAENw5F4kC
|
||||
MwQQAQoAHRYhBEMqxVXmqEiTdbxc0iqWj9kOCakBBQJa2D59AAoJECqWj9kOCakB
|
||||
R5QP/iCvOUwkm5gYA1NRoI8p0YtKV6jVVr012o9dms16pBSHwSPR5VtVCe1CoV1C
|
||||
16QiImyh9ncECTbh5kFYyLpZ2anAQWlbbeEmznwSZ1X67kJawnL/yZ3Aq+35oh+3
|
||||
mzjO++B7J+uvhN44Go1qWKTO9iWfWlK74UEZYwdPgRwkPP+MPGfvna9Z/yh/Fbsx
|
||||
cuclk2oyevt0xIypNc9SHc6LxR2Nj5yIay6RURS7IQ3xtM4fejR5C3pJVYRxVgFI
|
||||
XpeAAg5+2HvsOXE+IqqiIPVOJiuM/KBQ4I3R0i0mlWbFzzct8VFXbRmpBI0HCwb8
|
||||
3FWX8QjLspMpyWTzZAHu98eyf8WRO1KqYhK51wiw02IkJC1MouXkcZHxpWJPNDsl
|
||||
Sr6dC8AlB11TfQ+s1eB0NVUYcvlK5lohbYL14rXz075ASYDsPxwMju0EebR6YDcS
|
||||
tq7CHGCCqs4Vm29cLcI0qvn2Z38HGnw29yTtfM6yThEBGPUq0IJ/xCJbpHQP4xlK
|
||||
jpROVmwFqxOdgIewxAoLpd8GOOIFaVDknCfqB6Z+m/GbPeDy53/Ux1aYlRyD6wYX
|
||||
jI1CrtaGGAlBtSS26Xm6yO5+Y5Zuz0XNQeafv8Q630wmZX8Y6LXVPhLN2s2TyUV0
|
||||
1ET85otSLX8veUg1VpkL73S8g9+MnVgn0RTcJJY2VH4DuZHpiQIzBBMBCAAdFiEE
|
||||
WYrPoMTfW/SQAAtemoyn1ZUP89gFAlrZlrMACgkQmoyn1ZUP89ipog//dZIRIsW6
|
||||
kamerPl+ZwKdOHsWGQ1BkJF63j79Qtykfqkt2eiQBYQdqs3wvyuDjMWyLi6fWAoF
|
||||
aSiLLdZtoAeBL2EvLV1SeZSgSyqLwYJCHEdnK2TcS6kJCV3h36ZZ0qlRS+ebfyjB
|
||||
01eV/jNQpZUUvZPzMaDGQT6YfZFo1mr9wsRyYVKo1WPfBTrBHaki0hR0cOL9uvGz
|
||||
N0Og58ikQNioVAzqGf4rfUlAZS555FDCdQkNTpPPO5bxr4IXIQ9Zsw2RvO5U6e4p
|
||||
5qVEO9zNsA0iwEyg4rLtpm+ZXVwn6DkU5rFwfn9aqZqme/cRLVwWFGHSgLiRPIJ7
|
||||
Th1Cs4L7rGhaYP92HHDZK2u5wPvnNUzbSDiWUgYyV9jTpjBIORS4zFD4AdbVFeMM
|
||||
ENOfQqYrlOrnHhbrLUtFltM8VUhJb25DnuZ3GG5uLS1cakxKgCAP9JC1ssMQZiB4
|
||||
/OhNyo9zSLp+8Hd+KKsQwu5abl2Bv6CzsS+rJomCjeYL6P95gCJOS0+PjZZ6nyTf
|
||||
uOMZegygyiKXqq0VHnxS/UL9M0vjdT786LtBODWiaJU+GPWNxa8LNSo890IqH4RJ
|
||||
RjkhF2/wWhYtrSt+Mhlqv2BErts2d00Lf1RK2G31mFXMNzuR8/PkRs9bBHHg+hur
|
||||
KCClEZetocS1QsBhlHxO6pWS+A8F9Sv8DxeJATkEEwEIACMWIQQxw69z7j3gLXFJ
|
||||
g/lYAzVNIf6fCAUCWtnQnwWDB4YfgAAKCRBYAzVNIf6fCFjXB/9+t3dUvOCOCBOT
|
||||
Z+WvNbMzka2zAmJTpqCdN8U4b4NwlKrvCdqNXHCtpSSQqlJa01O8liUpaoyCq0ZX
|
||||
uORYhjBtpNeDhZqtEOVrwc9LOfp6bwN1X/tElITgPAsXHOIe42RH+hVRvT5kwb1t
|
||||
WvxCSTlXYkkjGSkn47vnUSLhhhPKa2MIcR5xNMkvAXn3seTX1JBTcduRDkjeo89E
|
||||
8dEk7RuE1zdzoJ63sKv4FNL97lcS+U07IqzO9xN+45qgaIx05uskVBMqrBcWXr6I
|
||||
7azilkK4lil0atodzWRYM/buef3WMTUhrCauNZla8BYJTw8PBirIpwIulcQ9SyfL
|
||||
nalHLyROiQIcBBMBAgAGBQJa4EorAAoJED1q+0NPfEAPSxoP/R3i9I+V/GNszB0V
|
||||
JXWUVFBS2luxRV0Yhdj5duErVv80NOY33s2Z1irdavNw21KgB/YTUGCZqrSzEtDi
|
||||
vp9NwAUnWstQ1XKBtdxzajDjOU4YZKKwo08N+EH9YjCyvJrGrzd37jcp7abq9Gf1
|
||||
KNQXIrJ3UQoSsWYA8h8x0GSzNc+bIBoPJ/ccHOC7YHjxku6Q6lg0lyZB4lXYz8Xq
|
||||
WPTyuZ1A/qzMx8OaLO6EoF6i+VwmfNzvH2eiRxErfEpieC8ZJRTagq2m4JgrbGfG
|
||||
suHQUc0bqB/LcZi+fde5UkONvVMIn1IwsObBO0qYB9musuNIYF2nKr7F3j8PZTfK
|
||||
D2kj6+SoN8iN+EtHM4B6rGPGhwR0DndPKyIk1dxp1RPw31KEytImnyoFdreNLSdl
|
||||
hD6KL6XfPclZoz7e/+Nhs45FDqaTCrPetXZHbZchNp/lGIHxpNHzI7rks6AJh64X
|
||||
uhNLjGnzIshIhOsm+oBxLzEznpWPF/DaD8dDxbXD+6NMr2yUBMyY0Mu+bxLpaSII
|
||||
Fm/NFKygl5ETQSGJx1s/KXkd0z5dALgoyvEyr9O600z92nXZ0ZcRXdHaLTBOkjCp
|
||||
SJFkCm/phxHMAHC9pZS99bBGAFNlqSx6ACpjB6gDrPs5lQtitR+OMQPXNdiOv9HP
|
||||
WC0XrXgMCrllUS2hX7tT4P7dpbHwiEYEExECAAYFAlryulMACgkQWKnQ88kw2xYN
|
||||
lQCfRa2coErcne1WA3okQha/V0Ut1xYAmwUZ7Wr08ZH37oCNCjjEDNxpQ5tciQEz
|
||||
BBMBCAAdFiEEQZBRLtc6mssSA0HXBAxRAHwamC0FAlr5VlUACgkQBAxRAHwamC1D
|
||||
Mgf7BLmT5BrrY+2qs96UUnWE/fBKQLToJLjTHJQuNouTQjt4ELS/UBCqK8R/DK1W
|
||||
VKSuaOlv4Rwgfyti0Ft+YcnsMxulTfNgnsMEVMB+Nj8qNClP426RStNxj27m0CR5
|
||||
CBvgf/KOvinAsOwXbetl2VEbJCU8J4Dp385nRfuMN51OmTBYp0d3HSkSksPU1MbT
|
||||
dC9EuD9cu/n6ju5Rf04MUQHjl79q/YNPxJ1mc1UTOzzUVxS4g3epDImmsgwXO4eM
|
||||
K/RaaDHz/WYlMKfqjefONTeRfcRtf5MgfEjQ6F3aHnSZiSEHPef+Y3LMWfgmJccV
|
||||
9Ua/XJGUwg8hu81F5Kev8aNjeIkCHAQTAQIABgUCWvFu4gAKCRCif+IRxSr81j+Y
|
||||
EADSX5NU5AQsE7NkeIckQ/LuDH8W3OaY+IQRk3k5RTpFq0rnwfXdnwalLa0p0SMv
|
||||
k+IDYiXlhcjqq0B1pPBTVZzNftEpkEP766BNgjz/uL2Ual04DoLf53Dn0D5ySpLU
|
||||
Dd2XzeeEJAY54Zkjre2kLkkXCooxaZpkzuktKDVXp4R+rynDjWK7fMeJpZl7+BXh
|
||||
MDqQXK6S5MQJbQ6eNfJwz9ONu256DLVVvmAYB7RbBFItTgste8a5gBMnrlo+ydC1
|
||||
ud5nOrzQJjbt/tU00392iL3XDstaMLC2+eNAjxFKq8KSEEbaPMTkFgV330Tjd6Lu
|
||||
fJc7c+fTz5HCuHoyakRQ0yiUpVkXjpqmjSz99mhw6rC5/++bQLCHPHoJtIdjvfb+
|
||||
uzxIO8v3r5SfcGUZghTOzgKBE66QQYtXm0pv2r5B/OMi7Y3cpQEyh3ABntXzB+DP
|
||||
pu592DLDQblwBTBCYmZ6Tr8cCubGaOd6WY9YMOqUucGeKJRYhdZGJ47LRSjjILBw
|
||||
WeSAbUpmm6nqFUdRGDt6OhNeWqr4R5u77JCfwpVTVVUPtR75ypdZYpft/qNkTGMq
|
||||
JwLjIIeiNVNln3FEpIA7y+j7ub4bFqsvmpYy9DR2s2tTVs1P6xA8Yl5I3D9q/302
|
||||
k8YsqZagPA/gfh1jVpwu1+XrjfaGiTAM9kidxKKmGjnGTIkCMwQQAQgAHRYhBD9/
|
||||
EZqIrpEkwSKOnkik0s0/d7KjBQJa6tcCAAoJEEik0s0/d7Kj8kMP/286fEObmNvo
|
||||
9RK7K0v5K3qXxDycoCSScieTjSH6z4CX2k4agyMB16+OTa+u8cutPyZ1OCmLG/at
|
||||
eAnmFDkSsdfRqw6qdeO/FL9eFgRkZfT/3uLIkjdr2Sz7kirkvTOUgj28RC6+9HR7
|
||||
cH0eAKZbcIJvu8TLcfhktftve0JGAnWs0ag+m6N7mjNO4ROrfb8JX9xrKRgPNUjr
|
||||
Beyd8e8sptBSs63yDDXXXPcZCe5Wa9N4Cv0fxumyK3KmSfME4KozLzy+BtSBdQ/g
|
||||
/ZiJrzhGSNfpDlunz9/ffVxk+p7VbxDkAP+KxpnuGvSWQzdTtFO9/eSynwwPWVFS
|
||||
0aFwQsyvEqqeWD0zk5VJaeRfws7CYVJuD7EoHSBocHknmd4zsF17eeH7XGpstCIv
|
||||
LvFtKLuwau0CmGkYyy563GYJYA1sQkLTjeiQ5ebdrNMUIBRhigrQfERS2yt6ht7X
|
||||
LvfFRuMUqOhbku0Y3vXQ7+uoNum9pxnEHvPp6GQwd0HyfUREBQls/QQqRG4XB4l8
|
||||
H3/TJDqi1R3os6D0naXhvQcKX2gbGrogD5tNqKrCeMAZmJJSswmhijhEQFzKgTxD
|
||||
NRjCvY7UpyTwcbLQUsLwCmBEnlXBqYYfH3rsDWt9Waqv91Yap2tz44DS70U7XKsL
|
||||
PTTLlFZyeAV4ijxTsXnXF+UHrbwBlcsguQINBFpk+4kBEAC7yqRbae/se4eUF14+
|
||||
pePi+ZRNyTsdhc+vW2pRDQwtgSi6Rgs/cnTQnjKbxWhvmGxM6lKm+N59J+N9aGOM
|
||||
Sf+BGWabxfN/HIf4+slaI+89ErOnKUtXcXnhxPxLGfa1OpEeFSMihjNFoCTCEngt
|
||||
k+D2ng41GOKb/qh3IItbLasqev6Iy6A88L9UZt9Orznzd5vctR6nk+nJwnsbVE65
|
||||
HQuT7jiMr9oWKIqZpsB3va7kGwzcC8j1EGIFHxdT509exAaoAEco/aN7ywLD3JWP
|
||||
CYXEj1Xnq1GZHkh/2W9gHDQzLKEXdoJ0hOnmGHhRdC/MHZZYrTSkvb1byBJIamC7
|
||||
HTK4rkU3jDJZwXeCUpdxuxlh4KHv0OzvMwJ5r/yS4j5KhbUhTcJ41gSDIy3bH9/W
|
||||
guAKOY9TYLitBZBcOUNnA6Oc3iTZDex0Al2Iz0kYAJK4NJxJ6QIe7VwgXV/HwdBU
|
||||
hy9tGbfSYXzPDusfjv8Q5qtz42S1RPkP4w0ochb1KdD76i5N/HAknHvTbC626IQ+
|
||||
HAELyG94exy0mhjjzIVLdUfz05BtKirZPMqaNFpAeLJbJ4pW7iU3IHlb2Hj1oBKO
|
||||
fkZ/6T/sIqwigJZj4aFsrl1IcoAW8y2XHOMpQ20/PGf0PA0kbJ8jfmAn/2Qnpz09
|
||||
g656aSbiawkbgz8OR6+WtX6X9wARAQABiQI8BBgBCgAmAhsMFiEEH7IvtEkmWDvH
|
||||
QAEiSaQlHJbgqdQFAlsEC2sFCRNrEuIACgkQSaQlHJbgqdRSCg/+NtXKzjOKS+VD
|
||||
uW2u4lRcl8wm8QVIwFoLl0cEiLeCBTNnYqrvgaaLTcI3XL1N6wFvWHcIRGOoVX/7
|
||||
3pJUYfDlN8Xjgf9vDMEhAdELW/lYq/mgC9O0dPoNRuLlWhMMzKvfHIz0ntQ/TBUD
|
||||
ocl4Cz26NfeGCDBPoi1VOW+C5Wer65r10DT4C9WhDjSJXUS1p3jjzUw41LTBKNqw
|
||||
svmevMotadzSe2t8b8wGGFanYonXDJlMAZdaZj8kAjMnOWT50ws7GhxGmEr3HrLg
|
||||
J6B9Kcq21O3Oxl2Hb+QyYTXmaNaDs2vboe11z+/y8COMlKc+yHZVMsfoqgowhVEX
|
||||
f0A/nPMCqHDS+WrHza8SmKtdt9ECgI4nzTZycwBmNk9JrQs1M+PTezNB82RAxXYs
|
||||
WmPYJBKenJOoMLVZLHqydpHNR6c0pPPr3cOg4SZWEdX3nIZBDCilx1rRPPGOyS4m
|
||||
0ncKvpNsUqK9a37XrD5VBtqMJS4QcLcPwYDLzJoF1geB4ZBh48d9eOq/0uDgLIMs
|
||||
QQH0qnHyzAjTgTY8gU+w3fUVRlVvlf2tW90jtMtP6vvzx1rTh7uEW1BospGhly44
|
||||
PgjdLYK0aaD3QEal6SJBMN2h85UnJGivgm867+2icMCrCEV97vHeGBoBHpxw59Ok
|
||||
BnCrYW7FDz6A4xjXuY2RsynF+XpPNa+5Ag0EWmT82gEQANLhyooD5T8reN9yqakS
|
||||
OBnGoe5NqWbDwuObbrFFI/jiq8SV8MzDMOC4MRgRKSeR/gulj40r+fL5s8bs9QFa
|
||||
3WbK3galHerfQ9F+TPCJaVWc0GkH2M2P3yH7ANTugqnp+JENzPF3ybypht2c8Rue
|
||||
M8QIkcCUG1HTf4G2JYky6HppkcCgWgpQjoXVJ1foyPfxPDqwTITWPR9mgpYu89+e
|
||||
CV2eePZS+F7EcXGZPji3KGSISThDOpu0tBBTiLtS5fBmcrO0u1g7GNy9KVSwixvp
|
||||
HiCPsxeodjIH5o4Bg4/5OBlzoLsLfgdKQyQ8HHCP/VtmGwZIhVrAVT08lN3dI9cF
|
||||
osfYtpzLlE8C2suEhX0yGJHPnfel8qC1Ly5px5MDIAkWExssHPN/g9VEMsE0taZw
|
||||
hdPmkcHm8rhz1cxBA9mb2J2lBP6pOp+l2csLLIr5g2e2gV9KdNq4ognNWD+khWWS
|
||||
tKVp1x1Cy2CiJ64pYGzkFxFPFu89L9XG8Gjt0XwoYM01gn20K3qb3yrSvjFh3exy
|
||||
qfE51DuqUntAXxv3KmgITjs6/OCHd+qXjJKfWh7bEnNmywtQZHsfqC3p8Ob7juP9
|
||||
R0HuxlV3q72BVXsfGBPtWPnNeMHCszAQLoaoeoyznXTDddDye8BoBJvhcyI1fayL
|
||||
tOxD5nkXoW/ddk0ym+JlNBnNABEBAAGJAjwEGAEKACYCGyAWIQQfsi+0SSZYO8dA
|
||||
ASJJpCUcluCp1AUCWwQLjwUJE2sRtQAKCRBJpCUcluCp1HPlD/9MZaFi/ndpzRU2
|
||||
8U8ePpD1uzSaG8voOK9lWmVX1lTboliBZ11iqZC/nSVi2gGmlr1snFJ3Rp85C1Bu
|
||||
syWC17FtcSyJ0n9ZncfkA49RFJmYGoxd0ZhDWBRGbNugTMjEzopSKv/OQsmm+UBd
|
||||
IPdYAw8S4grfpDStTNFFAvs3Rg3c9WlLysGcr6swnsu2VmRhkQk8Ct5DD1sCA/mV
|
||||
d5+ib6P0UizD0GwvQyG2oUwDTwa53QU5ItJ7S7YkCWbsv73uvuU+se/JK9T16MJm
|
||||
PwOTuTQjXh09yvUU5Eqy+AZjTewZiV1ouLIZG2IPbBJeXyMbH7ZfcocjzCN1nlaS
|
||||
oMewhlaiSKLrS8JVKhIjGUhFgJWQZcgacBludhkiILmMsRaQak68pYAToS/RTjTc
|
||||
lUYo2xKeSLYH03NmxWa5D4WVXQUeVLmHFkI7wVPXXHsvBnXn+J+cG8mawDewNIv/
|
||||
TsVpMgqv/KX9LcKIrA09tmrQSPxcsxdJSl2Ar7UAkx/so5fFgC99C7UXGqcUFR6K
|
||||
7WpOuoDNii2BJLm+nNerbNOKAFdAbaotFavkjHVxOAIYwUH3wopDaQJ/Bf9SmGer
|
||||
0OALs9cStcG/MVrR7R7mf7YH/piTO1CjCKWluklHmEXAc09X9nD9TxxdO86DdNjq
|
||||
j12T4eep8d/jFKethdMgvtVy+k8V4g==
|
||||
=FFHM
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
|
@ -1,118 +0,0 @@
|
|||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
mQENBFJK9qIBCACypED81H1N4YmhMJrb4uOtTDzo+lFZDVVOcK11+NhTFl+AZZFn
|
||||
WH/7UPn+q5ZZBd/IhONfb5QGw5FzTyBWHsbAteXgCvHAIyumwhQzhZnow6myyC6/
|
||||
MwDhomT5rb3MkCKCyQMNfj/yMgL6ZRsXVhlGOLMmOekRfKe2wiC5BhRaQQwPZPwg
|
||||
FS5D0Tro8Xfxjk98u8rNpQXi9walRAffRY+byhkPiBj0sVA2RXK9Dx2DL3EY0xx0
|
||||
7r6Qhs2XkbXNDDCHRuChhHSHwWC16VS9x7Nhfg2EwKqmMGRNREikjwzDl/aHKz+F
|
||||
XTLONdmc83sRyklqgH90f3na6s/RT5XTb08xABEBAAG0IExlaWYgSm9oYW5zc29u
|
||||
IDxsZWlmakBub3JkdS5uZXQ+iQFVBBMBCAA/AhsDBgsJCAcDAgYVCAIJCgsEFgID
|
||||
AQIeAQIXgBYhBIqgkoGkEvxr5Qru5Nc61kMK1HjWBQJjPBkgBQkS0lX+AAoJENc6
|
||||
1kMK1HjWwG0H/jMMu5r/CafcnFftGP8rAErrx2hEyFApV2ZSDk2fA8H/jhd7e8GV
|
||||
QWX8Gql5x2IhcWqfwGLPn8MJFufnzbDNP2UL9gZrKfq3mWzBjf4w1PEu8IhePVrO
|
||||
dChylfhG3WNZIKQYFNFMdisi9vegj0huLhtDopn3teW2kl+baJWQZdcmYO+ByhJ4
|
||||
2pQF4WP1KQLe+XtOoDJlmSpyU8a8628Tktetj/pyvk9ZwtMopT+RCM8mDdO76HnY
|
||||
lIGzFFKiMt3bMd8GMT4H8ZcqBT3a4SQsmz58CaYXuQRWOlBpA1eIKj+g2rJeZdTO
|
||||
FPmqc3k3Oigi38EgqHgfGsBB5kRr9Mlc/oyJAT0EEwECACgFAlJK90YCGwMFCQHh
|
||||
M4AGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJENc61kMK1HjWzCkH9iPY5J5f
|
||||
vEDt/mhHQCIzxBUaovooraxD7DuMMzYB1UrJPiw2SmdnCt6LaI23BQiia6ewB4AT
|
||||
79HLLBqDqBNY3djZ8pp0v6rHsb9h3Dc8a+o/RdldmIKmq691V6nQlhO9rRbRmrpW
|
||||
2ZkznRtDScja1C9gfVLjf+egiaVDhiqoTfAbz5JDUXubDARlR1pDuLFHjebjZT+k
|
||||
ve0ZD5TWJhI1cSh1wEQGtSh13QFXO98legODlwYDk5FFuZp+NsPgCP7bBt1JBe9D
|
||||
SrPq6OL2DZyuh+clt33UoqB2mr6DKLn2JJgqwUOo78j3HrLRkNtdPnqmU5YeSjwa
|
||||
WwZrX9brJdb9QYkBPgQTAQIAKAIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AF
|
||||
AlQuS2UFCQPEiDEACgkQ1zrWQwrUeNYt1Qf9F489tYvbRpKMdehExF7T2omKyrn4
|
||||
RjRckKBxLpbQ/F+dqApO8kMyTCokYLEDonHLh2dUEsDyflJhq8RGhs6dnWpnFRLW
|
||||
0A9sc8JqiJLJDBDSAHRudq/6Y9B4s5LYFs7bFgdSuh68W7nQjxD4lEmymYpgWLw1
|
||||
9mJ1v99HaMx7mkJ5fEZN2krFb8bYvYj8LpA6nGvkxp1zoqLv2Pj5gTdiL2z4ns79
|
||||
+ZFWFAgj34FJSPNf5WLhUmRerIOU5Dnuk/DMsLyHw/mjoidsGfcPK7imTB7ZiSKJ
|
||||
apBSOWow1rX1iR9JB3yu/z4e2/FR1fCnmDX2tO44bIQihjQl7I/NGfp4l4kBPgQT
|
||||
AQIAKAIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAlYSe5UFCQlrH3AACgkQ
|
||||
1zrWQwrUeNbEjAf/VQ8uRtxiyneECB14wjar6q3Gb4m8xblg5rKsrIDcWsV4Sz8r
|
||||
d73Xfs9YpQ09402khDhuO/9go5znzNwyF114hm7WnqhvnbcpD84+boviQ5tncSa3
|
||||
LYiyCqYLdkh3OZB6vFQDj2OmHEpiUcnqyxqDCYKAo4rSjNBHVAmz8xSv2OM9HHI2
|
||||
B2qLVkYbpyp8iJM3/6Gn6G/49daYYt286UQnKSjf+BYv219xDRBGuKhXAwinueJf
|
||||
6DEoDhtPRs6ZIesFCkMZRprrQWtoopyxikc7xC3PfLuPD5HcVFy7+N4mAwImv+lX
|
||||
b5E7+te4MJGEPhIpqFh/RR9DCjf5hq1UnmUHULQdTGVpZiBKb2hhbnNzb24gPGxl
|
||||
aWZqQG1udC5zZT6JAVUEEwEIAD8CGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheA
|
||||
FiEEiqCSgaQS/GvlCu7k1zrWQwrUeNYFAmM8GSAFCRLSVf4ACgkQ1zrWQwrUeNaI
|
||||
vQf+JmHKXWcH81yjnPWyrMUa6lr1HoAtnQkYsBJFNoDZE0PE+y3pat0shphsm1wn
|
||||
4VTkirQkqViGhVA44xHiRyU5InSPmlmIpeq/tZmG9X6891qAlg2QsFHDhxTfGe4V
|
||||
Nr/58QDmBUpWVgStaI9WbcIcO86JbH1BuUqQyXG6VUNiLVtJ47cwbFGlTOzbaPiv
|
||||
vBtg8/BgoLVkG6onGJX0QoMC6t0FItOf4KSdWQ/IapjB4WDLRLoYwQsKd5Rcjtl4
|
||||
3tOsp7cOiqV+SdOTfPG/zK+aL3wexPEPsCLjwUoqvQTdREa+xa7Krp6ohmIzbE1G
|
||||
XWK3lVJSoop2DtrnzEOKLBpuR4kBPgQTAQIAKAUCUkr3UgIbAwUJAeEzgAYLCQgH
|
||||
AwIGFQgCCQoLBBYCAwECHgECF4AACgkQ1zrWQwrUeNas4Qf9EInrx4bBN1PWVXWo
|
||||
UL6b0OdnO8PQLigazE+PTn8+CCUq8snGEYJdJNGET9ltWGxQnryoS1IVBTy6WDkZ
|
||||
rGsW+zzp2WNbCViAvXtWWYbFax041StZdGcOtw0EkIcxuzVUrel37xRdNhzYuP7T
|
||||
Qj0d0GuqdTLBza/MCmp9AYh4oa4mJYZjGTAXGy4cPQR0D99BoCz8BBCj/LeprKaW
|
||||
cNAaU9/PwhYP/AY8uoaizSzwDfNHTB+2a3pi85HUnpxYL/DIXx+gXIceVQiFGPkT
|
||||
ZAlq+j25ZfYeU5m8Ee3YHoBbaYThKxoyHTZhN39liNMiOKI6kaPWLJmYnetmSBqk
|
||||
wRX4fIkBPgQTAQIAKAIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAlQuS10F
|
||||
CQPEiDEACgkQ1zrWQwrUeNbTQgf9Gv6mC00g4bLeVYrjfa/gYz+jfBNJVA7qnIDc
|
||||
0B5CLZLd8AUEEJgvZN1yqaBun6j9d2YdCki0iAoJeLUCCptnrIkO2JC7394ibgLR
|
||||
9HsyHVwVH+xj8EFLvS3W7F1Us+7HnctgetCcqafOTygSF4UxT8XGsBE9qTnJ2NXj
|
||||
uPJeeZ5U8jaxhhShgjLsIFJoKAS0PG7Hw3QWXrXtaXUGuMEDT+EeSI+wUKaNtvRy
|
||||
6pSCYF/ZSIx+gfQcqNWCK52jvvHvAPShvPVg2JA9vlnT/4tAomAK8gvkN0gXmn9/
|
||||
ybTGBHa3UBBA55/b3W1YhHibB/GZtWxGxwuodEyzKPZ5dk2goYkBPgQTAQIAKAIb
|
||||
AwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAlYSe5oFCQlrH3AACgkQ1zrWQwrU
|
||||
eNa9tgf9EZ58HkUlQpx231qm21yS4TlW2E5pVjE4CBp8YZsn4d26YXOlgUDkTU2o
|
||||
CKcQu33yyXASPclqmEnbzHnlUm7+gujs36TmBh59Ec3VDJCrCjZNpLFjccEtpb3A
|
||||
LCLmsJf5o67JTl9pvle+evpKzXqYNzRdELxH01Gtfecsyeu1S/VAbSPMT79qqWA0
|
||||
iyROzABX0Hr4mUQZjdW4/Yp0UrWR7yZT/2zcK/9nYw1Sa1q4rxRHW3bXKeAPjupv
|
||||
xsHkLV+AyAcEqHy+IxKgXvJuteLqEblYi04tFMMem595EsJZvWOl5l5aH7vIzHKh
|
||||
YfOPlRPzgzhIIa2vjrsQL9WPDWlT3rQfTGVpZiBKb2hhbnNzb24gPGxlaWZqQHN1
|
||||
bmV0LnNlPokBVQQTAQgAPwIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AWIQSK
|
||||
oJKBpBL8a+UK7uTXOtZDCtR41gUCYzwZIAUJEtJV/gAKCRDXOtZDCtR41gDuB/45
|
||||
icHrbHcO4P8xSnOJTvfsRmg/KIh6JQkUOXIwJOW3isjvVKShR8m9LEUwf1thY3bc
|
||||
MVl2ukeHXgGrelOGfTLII8rceOki0ddNnDovdhL6vKSuWfiDq//WMde+7YBU8Izl
|
||||
EBMU6x9sLMS+aTrIRmP/rZWNYIdTOmG4JQMKy7bkQ0AM2QejWkPXZnlba10WnF6j
|
||||
cDwWPgTkAt2srHQrGyn6JLF3W9qOhAIFwz7kG/zi5G01EaFNJJ6CsayPrXjaCFZ0
|
||||
GzubB7yAjdKu/MqIJQlYseoOrR1PYJsyMZq6QCuxygOhGnbCquif4to0+6Y/ACfK
|
||||
ZcVhfP3vRGE1YJLj20SviQE+BBMBAgAoBQJSSvaiAhsDBQkB4TOABgsJCAcDAgYV
|
||||
CAIJCgsEFgIDAQIeAQIXgAAKCRDXOtZDCtR41vdKB/9pw81jWa7jBZ0Ujn/eQ0wQ
|
||||
YmfLvNp5fcHjEIUtmcUWtVeWwRnLb+lwZURRIY5rNmx3IwiQL0TgHw3y72ByDe3/
|
||||
N6O4lytSKpWA1rtfS/8Evc6I5WEvod3w6cMO1vPxqNjUZCC2gLvbp69LULFrMN7T
|
||||
UBTIx1qmTT4deZ7UXUg3/Rsep2lPQPL2Gz2JpwH/ckT0WPlPoTp1+fKloDIxsTcW
|
||||
M3ow21fx2YQuXXTOt9ZjEDS+NiUeRrNEmKi9uHyMoOeIZfW7i3L0NknlXbAiycrY
|
||||
VTm1r0/uSQSr46jBja7nqMVbr0OawAgzwzBmWDINGQyd0I9zFR/FWmJRxm7T3Gek
|
||||
iQE+BBMBAgAoAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCVC5LYQUJA8SI
|
||||
MQAKCRDXOtZDCtR41vGaCACOrTXM3VKyMdMZTX6873zb030UezvbtkUyYC9jybb1
|
||||
t+8OBiM2s5OFbE8AGwkEGdYI0behwNnPq0FzRarMGhIQDHTqjfg5qhEMnKUGuhG9
|
||||
lzWLZsVEQwNqfAJU6eOsDXXMvt4foLvYjsMYPTDm6i90FqDSyslr5j2bqgzP21hn
|
||||
xXiaCzCpplRfQo+AyVhlw5F25fmnESNsG+HCA7wsVdATg858SUFfgPe0N1fIP0MV
|
||||
R1LTtDWdTLU2G6QFNkokkDAX69FT85/TqBXAJ/46/R8pLKld/GJM8BgNP9YUi2se
|
||||
Ur1cf4OTqFUxWHs8JcAGYty9R2f3M0UrjpgW6RblRWs7iQE+BBMBAgAoAhsDBgsJ
|
||||
CAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCVhJ7ngUJCWsfcAAKCRDXOtZDCtR41pr3
|
||||
B/9o5p8/9bgvq6MoUCIw1nuvuRszXYTiAhurNewBTXikPFrIcoHAYEsue58E1TyT
|
||||
z6p4KXzPJDJOHFVBx/tod9ddHeCwACRjnBg4fayGiRPpjzL/OJYq0ZMKYofjEDI1
|
||||
u7YP88XYV64Cq+aYgYSsIraCOi3NKC6AVkD9xBI68zco/lkfTBVML1YqPS1hmppc
|
||||
vl2aHH9ttVaPT2KdPL/qBdKNR1pw330GEjn1+EXb4B63L1P5PRM4GTa/8rPIoUgD
|
||||
sVmQgvaLvZMJ1dOJnLxDkBUBhdlvs4j+lApLvEQl2mDT3qUall1ClgYOZq1tA64l
|
||||
W4Ma5t6Kio7eJRPbSDFl45xruQENBFJK9qIBCAC+k1tFOeDS4gMxEgRkfiVLHFem
|
||||
wJWQiGZHYhtDgjh6w6mB8G3WZ+/gD2CMp5DgHFRC1sW2iMj3gOzrfyxzd9AmWbhX
|
||||
YceR6EFkTc6OVsaIb+eHH/Zo3DKyB1Dq9CA5fjjnEQzti+KKSZYWzB0Fkt7qrfOS
|
||||
6YM1zMjEUxUUwsl1qirx5DuByWLDX7ULU7H/xmPVhHUVZO8XEaFV2m+ICx8Y6B98
|
||||
KMeJ0Qz8b8wp2g7vWEkwS2R6IjF0kMrRxnxUvwA6EUiZuFphhuY/lWCJusLl1olg
|
||||
OE+BKMEUStJWEi0s+pd8FL1vOLeNKbIUFro0+oZr9byABpkPNjMxKV36uj1dABEB
|
||||
AAGJATwEGAEIACYCGwwWIQSKoJKBpBL8a+UK7uTXOtZDCtR41gUCYzwZNAUJEtJW
|
||||
EgAKCRDXOtZDCtR41kLZCACHHrLT9XpqJr/tbIUwrPKlqXQbgHQUHKLHokTFF2mZ
|
||||
Jhejr9olv2Sf2SiU9ie/P5DdnBOxG8NJ1VT/7pYIPzsD8UoGu8c9eGXKW93yohSc
|
||||
33eUFooDTE2Pt94wbEDbq9En6GzMNmIwvWLLAy3gkC77SyNmJLf8ZuSCQ47DpUK5
|
||||
79Ym2p4ASsxV9afQ7bAwpKB4VGSMG26kFviIRf+e9HEROYIfz1W9eC2z/JjNjNiw
|
||||
aHQjuNzi3covFF868ydaKc2AG9N3kzMOWjiEAh1nsmnDCmQr8ZAMfh9HvOYtAe0+
|
||||
8bdc9AYZbAQLt3hv707nLJU6+3M5kt0xJcdvBEBamQMVuQENBFJK920BCADVvB4g
|
||||
dJ6EWRmx8xUSxrhoUNnWxEf8ZwAqhzC1+7XBY/hSd/cbEotLB9gxgqt0CLW56VU4
|
||||
FPLTw8snD8tgsyZN6KH1Da7UXno8oMk8tJdwLQM0Ggx3aWuztItkDfBc3Lfvq5T0
|
||||
7YfphqJO7rcSGbS4QQdflXuOM9JLi6NStVao0ia4aE6Tj68pVVb3++XYvqvbU6Nt
|
||||
EICvkTxEY93YpnRSfeAi64hsbaqSTN4kpeltzoSD1Rikz2aQFtFXE03ZC48HtGGh
|
||||
dMFA/Ade6KWBDaXxHGARVQ9/UccfhaR2XSjVxSZ8FBNOzNsH4k9cQIb2ndkEOXZX
|
||||
njF5ZjdI4ZU0F+t7ABEBAAGJATwEGAEIACYCGyAWIQSKoJKBpBL8a+UK7uTXOtZD
|
||||
CtR41gUCYzwZNAUJEtJVRwAKCRDXOtZDCtR41g35B/9+8i+Rb1rTANbAGdRypX/N
|
||||
H9sF0ErvYPFRKuROUk0VJqc9X7yyhG4ExN2tZkdIM9/hbYxX2efPP4WAJdN2BDzo
|
||||
6PJsIRso9va5dGnCp2Bg9D36wmfo8RUZ6eYSY7vpCMPFsso42pE4q+IHRQyoErm6
|
||||
Bm7hGX8zgg4Y6n3dcfi8w3tcG6vjS3Tyc+iRvETrjC3RiNmwItYwiPUGDzoX1sCQ
|
||||
bSooGcNEFM2yvu4015ymBamn3jzFpHj5D5gVHGHZPF0oZtmn75slLsTcgnyfnPOj
|
||||
RblmB7O7i2szAarIoc5n56zRkJABnAYDVss2MoYcvAjtfTVBgYIM8ha18eM5xKDC
|
||||
=PbM5
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
|
@ -1,58 +0,0 @@
|
|||
|
||||
Leif Johansson :
|
||||
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Version: GnuPG v1.4.11 (GNU/Linux)
|
||||
|
||||
mQGiBD7DfnwRBADpIpOw6bXfx2Yo3vac/j5WzVcWNZKuiYc4uuFnBYxH8zTA5cdw
|
||||
ytuOYNtecX1yrPgmObfPVU0EFktdBMFgLE5TNRUMeJZTmAl3QYDm8N32SeSUEb6G
|
||||
PFsUTGgxsCW3GVAoq6DBopKqhR9HT0+crQakbc7XkS4FjeBWiXjuNf/IqwCgyoa2
|
||||
Qfq8UdjbcH+DRGzPnRTeqzEEALIEsCzDp4HQqXqqNLCoExbgmCrEHvnqFmilCHJV
|
||||
nyuY8LXmcpq2uwJaiIdsTqLeQ8WrMxWgmZc6F9QSdLP6MVZT3v+5OqOZMUDsu4nG
|
||||
om3HH+tG238vMSEF+klGdrI0wdscrY+28Oshjhqj4FZxCwdNU9RTU8xQ9IoObiEo
|
||||
1yOHBADK9a5GhkLT+d2cb48orETGtG7i//HOnstouw/TmEUXreZPtT6wpIdN9Jf3
|
||||
W80GA6A34VEGA/I+/5e+9nFvINpLvEF2ghJBH+sWwQ8EXpo0M/yir9oGeJI7gpOH
|
||||
Rj5Mq9uqFG0wcamInuWgbMP1cefjXusHbHyDFKr7ydWSsZHqXrQfTGVpZiBKb2hh
|
||||
bnNzb24gPGxlaWZqQGl0LnN1LnNlPohXBBMRAgAXBQI+w358BQsHCgMEAxUDAgMW
|
||||
AgECF4AACgkQ8Jx8FtbMZnfN2gCfZZFbqsv6Tx2P2aqo8uq9aoAozNIAn3iKFa+U
|
||||
5NKW0LqLE9yfsGdg+6kEiEYEEBECAAYFAj7DgisACgkQGrAM3ynKb7+xEgCcCF6J
|
||||
/+KfznDzjM9pstb52uAIRrsAnA3WKCpHVN1aqkCXPQj5m5bhcwUViEYEEBECAAYF
|
||||
Aj7DhUkACgkQvW0872wn7f6G1ACfZSg9ynS00kDncG60cn+5OknZYQgAniUJ/j3u
|
||||
FYpFNHvM0H5v53uIH0vciEYEEBECAAYFAj7J6rkACgkQP5nw96jJnKNrrwCdHRo3
|
||||
MYh4U7nduh77lss2X2oxEB4AoImHbwUg779PnXCiKXrCuU9qaBBkiEYEEhECAAYF
|
||||
Aj9Qqa8ACgkQ02/pMZDM1cVqyACgoC4wtpXlMSRzG9wAH0FfLglZdbQAnRfQfAdq
|
||||
XaItNTG59LNSC3wXElTbiEYEExECAAYFAj7E1soACgkQvpNrbHcR9Bl7mQCfUF1+
|
||||
KXNMsYoHp3dmSnxeY9smvMoAnjUumD3ak4HYCuEqufOj/dsvnNboiEYEExECAAYF
|
||||
AkG22CAACgkQ/I12czyGJg8ZEwCgorz/TjX+e4bUvmEf7Jta2zrLcpgAni9Q3GN1
|
||||
V5xPr+j4gLpHCZEJRMntiEYEEBECAAYFAkQgevIACgkQVCc8X9UG5FLXwwCfdhhh
|
||||
ZY2Veuq2783JYKoDepP7p8gAnjRyYsV/KZQKDczoD9vAKE5ver+GiEYEEBECAAYF
|
||||
AkUZrXcACgkQfwlELCNtlACgOgCeKP4u2/dzmbfYNIjiKtayAem7/+8AoI+s37rc
|
||||
BWZFpD8wh5JR3cCCyxZ1iQEcBBIBAgAGBQJEts3PAAoJENxm1CNJffh4CNEH/3Hp
|
||||
AukVW3lB1a+jNEFKvGrjU7RcZQeJYjTNtK+Yk5zKyR/z+z3OmZYXfj9oi8dn6qWL
|
||||
gMkoTO8m+c8e5vbTosbCodZaWUBdEL1YkjKMxtnAnVeSNC1lEksT3nkaFtNy8163
|
||||
IHQrlpYTyGYb9/53lTtTlKYjxN0PfQCsUsnh9wTZR5Erw8Yup1EdUBaV3ghU0lzf
|
||||
HC9lPERpa4/4wf3PCr6PSXYM/O4Gpkya1RPPlNQmg1VXaMospyqZVzgvBVi2T60i
|
||||
0/bfuztt91um3gYeEMM/4un1+yCnYZUTIbTXsRZ8Y/XDXsAHrkEep/LbDu++v771
|
||||
mYV7x0Td7T3hZM2tbiW0HUxlaWYgSm9oYW5zc29uIDxsZWlmakBtbnQuc2U+iGAE
|
||||
ExECACAFAkpwvMMCGyMGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRDwnHwW1sxm
|
||||
d8fDAJ4piDExTh+Cy36fG0J0j1pugUMgOgCgpOEuOvvj6arUzNMCGfpLmGgbZMu0
|
||||
H0xlaWYgSm9oYW5zc29uIDxsZWlmakBzdW5ldC5zZT6IYAQTEQIAIAUCSnC81wIb
|
||||
IwYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJEPCcfBbWzGZ30GIAnRfhfh/++wBd
|
||||
qrUhS7YbAmRi4QOrAKCs1XjJ5XbNBh+PMjslPEhXNvZyp7QgTGVpZiBKb2hhbnNz
|
||||
b24gPGxlaWZqQG5vcmR1Lm5ldD6IYAQTEQIAIAUCSnC85QIbIwYLCQgHAwIEFQII
|
||||
AwQWAgMBAh4BAheAAAoJEPCcfBbWzGZ3J1YAnAiLOGwjJvm08O0aQEwlq9jExHJ/
|
||||
AKDDmnmS6GxoYOQCdWa87weOd+5sk7kCDQQ+w36FEAgAr1zK1qIIXmoeEqFulgFi
|
||||
17FRpSibNwwge9bkG2+IO7MOm4Ih+f4CRkqaP5U5diiWb4nyQc/Yqzf3TTSE+CH0
|
||||
ghvDCwfZHrzUsVl9t57S2RFKaQhDUUw3lz0TgKN66z1IRnQEARuz9PFd96pIhLaJ
|
||||
BOn0e55Cu5qqJVwGpst3+I3jqT/cxjymRxPz2O6R9k/ZOOiOGROZYAjNHKcdoeBr
|
||||
7OaIHcPRCi1R8MBKE4HOK1SwaVvs26Fd2enixIOBmyFTkrue3VgaAd3zrJauD0qa
|
||||
/u5y2kGEyFFJwNsKnoX0aCmNNIG+aKvnSCWfba8bmYOAsbxS2lo4MKmuDM0rrVyL
|
||||
hwADBQf/VzM77aviZ3Ir7qXj0uV/62wyrg8/5flXl8XjuATewD+hTaux1lg5LgPU
|
||||
9cokMHYHrTsnp79nhEB9qOpsQLX+npae7a27x3zyqLP0V7neyKy1ycuBI9KU9B3i
|
||||
vgSMRlKR91GcmUpRnKiSnxPYNtq018mY72YYHCpfAh0OOUA88bxbYIuF5cv9dYyO
|
||||
BhNEkI8xB1VOWev1CPkPb0DwDABHdOBq9e0hT3OUOaat2JPwCEHU2NTGsYFuZRys
|
||||
q8xnxFgHd00+h2OJZ50UYVpBjDxaCj5gvHHFFnmfCLD5VqjEJGi4k2znZHg67i2p
|
||||
w0f5BSq8fsfdUML35LzL/aaZPMzlg4hGBBgRAgAGBQI+w36FAAoJEPCcfBbWzGZ3
|
||||
djcAnAxF3084vKlsRNGcyj/rn5lA4Q+nAKCnjZYXsnFG51wbu8OI88aj3LJE5w==
|
||||
=TBju
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
|
@ -0,0 +1,130 @@
|
|||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
mQINBGH4/cgBEADIPhFLAnngQbOpTG6gbarEKQGJ078N/cUeISaQDX9PaMyZ9IzU
|
||||
yvn0JdR17rTofN8XAAhfWcX5qL09XWE67Sa2M5XFbr/5SPaQpE7Altxjl5QVpk7B
|
||||
umlwgU0T8Z5nX0B0vpPXzZ5fV7RhvPz0muKbFd2TcqAEasFb55VEDjz+ngfPIw8i
|
||||
EKWhhu2Ll6OTL6bzGdZ5++Ip7wSkCRorRiifyHHM+P7EtVmBx+HyeqClDjAXzvSA
|
||||
cAw/G1RdSj02qlavYx1mkCTshUWEft9UNeb6QE0bn4alX+uLYRkEZOkdSBd6Eqgt
|
||||
4o0Y91vg12INY6WOtBkT/7UhPSZDy+mfa94lfchE035V/Fj/DMeoJekKO0DYIrzi
|
||||
IRHxzEjgXRdjQ3HOnz/2qPFf1lPMoBZiZniWbvYbAoG9GiRrdLh/pgJpc5JDu/b0
|
||||
FNYzur6fCWhPnXu2kbMltTMvhFyPv8eK+eTP3HlyNTmX89SnSYFXfDQxtIGO6AVt
|
||||
ertXnOXBEC4FN0aoaAUrLE3KnU7k63O5Z22dyUuyQSbrKvONe0RgwLX2IaFcv/Dk
|
||||
36OZgHf5xizY0xThV6geq8HpMECmailEcfYYDJAHI1H4fdWwMU9MjHtvJ4cu8mld
|
||||
oKDIJdiozFG4NGx5t9Zurc5gImLZoPsWaNknSPn1fHCYAiSm2oIzMV6ibwARAQAB
|
||||
iQKJBB8BCgB9BYJh+P3IAwsJBwkQnnxhalzbE89HFAAAAAAAHgAgc2FsdEBub3Rh
|
||||
dGlvbnMuc2VxdW9pYS1wZ3Aub3JnmaI/ED4jxIu79r+Fu8PQ75LRTzHK5dmAViO0
|
||||
uUe6boYDFQoIApsBAh4BFiEEbK1wndVaMkeGgIupnnxhalzbE88AAAKhEACYzH+U
|
||||
eorxsx+aYR3qJvwZOY8uiPqUs4zPaufoPJAZFLztNAjLvYcPYj34+v+KkvqPvB2+
|
||||
svsa9v3J4cwnfc2VnAYsZh14vZzAJXWfkXUHX0xJv60pYwy+QQDEJxyOcSYwpXSN
|
||||
/Eeq+1qmsS0nb64zdkJCAG6z/MPjl7yOeUjCM3e+LctKxIkiXsSqfGWMFjb6MAKP
|
||||
CGfpnCuu88GdSHVlNf5cVkTtJhh2NdcSlLN/hDQDn0vUo6Y8pshiB9OYuKEVE08U
|
||||
fKxLiJz3F/YSRGBnO4FKFk+meVB0x55tK5hg6fQDGlrP0rPOOZ1lHVlfOgjWIiPS
|
||||
/JGOnF6AGtz7yV1AxdmZsd7H6a+M1FX6gjcgehrndI34wmrrfa/4yMnKZr4udFv2
|
||||
X//3ivSLF0/8alOh9F+CBkJzxUkvhlKssrcWn4paKYRFWcw9G1374QZ3cGyAonCO
|
||||
Yrigcxrsi16b16czHBqswtDzK1bjbNwIVffanJBAg79CnNuxX3qJSGBCWl8bLZkK
|
||||
/PFuRWDMu4VNJKRI3YEU4pWAwtDb+szxwJmSrh4pu0oz88iqpMXr9+RQD7i+Bagi
|
||||
DNiOsVph6uDdh7QihZmAHF2encFfG/l6bv0mJdvP0Cyk7sBO9pZ19MiBRoSMe4HL
|
||||
QFcl9h0kps63WLgcq/QpFEB1gYZ+ExFXyQuSxrQgRnJlZHJpayBQZXR0YWkgPHBl
|
||||
dHRhaUBzdW5ldC5zZT6JAowEEwEKAIAFgmH4/cgDCwkHCRCefGFqXNsTz0cUAAAA
|
||||
AAAeACBzYWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmcixOeEe9R3WK/oCzqo
|
||||
qmu/eK4cCeGDcqQ+CRyITkpHbwMVCggCmQECmwECHgEWIQRsrXCd1VoyR4aAi6me
|
||||
fGFqXNsTzwAAEmUP/0wDLtk2BW7qevVTACaGwdl9rmMhLxzgCXzGbkuohdcFqDRm
|
||||
dtPj+soYVoYOPUBQyLmyk+XliS32zkaaNdt4NgCk7YzK16Me2SNxS8KtoBotgO4A
|
||||
0b65sCxHn3BfluCaWwY0Lkiu6+/vqjqI4FJyoKnM55C4c0pQr+vYtSaGDA15eD0A
|
||||
RWiWxRa1CRLqpJcoSn0L8U3W9CC/YkvuFjCqqhZ0xDbf4rnpgTpZoZd3CHHdTiQu
|
||||
pECue3NOrSsd5pLL03No7sdiZfi5aH4/VOI+0pWGMfL6XWKqln9637EfTwPyR8db
|
||||
KDlabCNg7ikCJQ3z3cagZSVpijA8sT9xpZ76nsp31vrYAViKzH+t/i7UuIJbqYQp
|
||||
4TqJ3eTAS9k1XgUp7i4j1TqJAAIZ6N5M4XKy5zblJmHNwWVrDEVbCS0HW59Cz4S6
|
||||
t0+pT98Z+Onr+WrYQnNodt1SCNo4bMvvMrISlYf4Thx+69MXa88OajpsEYXHIlwc
|
||||
RResVvBVaA9fwjC5lCYBWPrDlwwREx9amqzxLoVW48A5pZlfF/kmfb0UPoL5ItJ1
|
||||
J6iDqSkc95c43++X1rmrOeFa2Kz/SMlxFUO+2r0xR6Ap1rCyT5rKRkDLl3xTK8zC
|
||||
0KotXRgZI9GkQC5aH/OiNedAzqdJqKDOyLDvmvljgrLnrioDrSgX15V5tqG0uQIN
|
||||
BGH4/cgBEACwdio4gvADawt8HLtVvAWLY5vb32yb7KeFT9B5lWOvLnkg2KQ0hU1a
|
||||
EsHk1TIom+SA1nJ6cuLtixVfY/XF3iQH8vsxHf29nhBMRoC+PX85bNjinDv4XNPj
|
||||
gY0DVTrsx9q9MKc2ohBRZE95xhCr97Uyyb/JFuo5GrcQVIJMi+aGU+5DNm3/VhhB
|
||||
BWFdDEDW2OtvJsfySbmHm1JoPt50c5dBoq+O4R0nvAvapg6Ct98yFGJmIpFSedxH
|
||||
XH0YzGSG8ru7nOifeX6knARxSRdC3XtciRQQDHHQA78oKSGCQkyBpRS2VIhF6Kuj
|
||||
3wmN8nTvrvmQDyu3N8eK76psVUrIYdGD2syPV1JQ/6wKmQLbDKDibf2hJ5tCEIvM
|
||||
P1ipxkKn0OFPKkgK+KmyO6K6r2bpSzpSIm7P0RBrbjWIEqxUmiLEEu4Lo0HwoNhT
|
||||
EmWBxMtNWuXo44+buBpxwqCXY0l9LBWkr3S3S5ldc/buz7+BAQfZL6WjR21u7wPJ
|
||||
pEcV1ze54xuixitSXCkxnyoUc+6GCcNBKnJPXd07q3EUPdKzPXBLxb5I15q6i13c
|
||||
yMlgXqdjTxHXTW1ohyW2+rsUdwFfTcYlidHH0XPRvBym1YtPhV6iLSpE5Xhh8ilQ
|
||||
mLMrWqx7LvKuwVX2chx2jKv2CwhBPkIlShJoxi8+g3P05gpfTM9rFwARAQABiQUC
|
||||
BBgBCgL2BYJh+P3IBYkFo5qACRCefGFqXNsTz0cUAAAAAAAeACBzYWx0QG5vdGF0
|
||||
aW9ucy5zZXF1b2lhLXBncC5vcmeNP0xFxrxhSaN/0u4mIUg30aag1kp/BKBtxhuT
|
||||
3XlkugKbAsG8oAQZAQoAbwWCYfj9yAkQzfLDgemnUb1HFAAAAAAAHgAgc2FsdEBu
|
||||
b3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnJPr+uwSdB9jKBP14qnNQvxQpV7dypr/K
|
||||
45bf6+Ia9fIWIQRjpa++/6ZXGLDFAb7N8sOB6adRvQAATc4P/1QINlCt3o0AwkKr
|
||||
+JIUTaVxWTvqDIRfUTlQWz5JhvIOXM2FE2qUP8ArG7kw1/LYheMKM2ftqh6EHodG
|
||||
5yT9N2rucbVfLAzLxMuXjJoCEBMzcOm8Uf8YK37OoaFhQ97r4eoe5TpSgJlKS1Lm
|
||||
GRJVDC9L7nbUkCOfUZoksBPmVyL4mywELbTJi7nSe+iPm7yaO5AYUgXoxFZbnRxu
|
||||
kaf7ngxRdFvnqydlf/idUBeqfAwlJwqu5ctjLlqgag+KVyCf9lt0yIFf2sn+Tz/7
|
||||
6McYjXBk/7dmeEqXmxduetRmAAVMmsKBGqoeKwskZGHPB9psalDe2xLvnK4ABuw2
|
||||
4aH7MmyE/OnxAQPBjzR0/8K0m5AAzm+C3tUzgJ0RPwEHree2h4WOcUP2yTCq7xwI
|
||||
fxvmLBbhEjpBxb0mr3zTYsYtFW044YE/iE6kh9KX3jRzomvL4firkkNJffBhQJJJ
|
||||
tAXb2nSmnunKH2R6C4V2XYUnBuuCyOYitqmoL0a8h2Qg3u1NCC5xtuhQaS/c2QkT
|
||||
+icb7FK5XlWOSbf+WwbRTBwqrdR2dsuUkCAlyRxnYfsqPiWiTVn2l3biZOyN0sEB
|
||||
3I70j8LxS+Lvqibbk/ecESc9vZUgWROHV3buRoW/4+238AF8MAFhsHwA2Dksc5X4
|
||||
B7N6KPUp4PEGzu5D20JmvIiym02nFiEEbK1wndVaMkeGgIupnnxhalzbE88AAKSm
|
||||
D/4/Ssb+JGa/H9UXUZpoxe5mmyfAmL6QtxtlysvusY+AUMPBxJTXonczm11J0xW8
|
||||
I8iVXan7OVodMruuMFfrOWUbybk+uuHECfVQ9woKev2XL3AoxRtSwZfXuunaJ4f2
|
||||
WtPnx9CIyu/OBjS8R+E+PFsK1u6txPmrh5FW4iieXBlpkexgPpChlg4HRiIitUpv
|
||||
dT6ba2nyEd7q6jKnza8PCwkihyMjGiaGKRnmcd40SsyXfbg0hbdbHqjV/KhbdgJr
|
||||
pXku4NUNHW/HTc8R/VVteC8NRGVQ5LOrKOtqg6FZ1vIQdQrjjPb/aiE+Lye7/SV5
|
||||
RwhlXGIRMLvgM15ESPgpCP9PoT5Ga+G3/8uSzlHrKQNmFZ/Ni/QR0xzehENkoF/y
|
||||
Jvy0kFfuvfXA68H0f/MJtVQ+CMWQf1dsDi7PAaDRxRk7gxsWKl7aYhuz/B9CNkoS
|
||||
1O9QE8hUJHM3c+b5XhXCdw6G6QbhEsztE1A08XUN3Zk26TbD9gnZkwKaB+Gnk9IN
|
||||
dSVzZDnFkUfWiLDi3URC5rn+Hrf2/mBBGtwOJJMi5+SwRJShJvR2XO3SephOxQLE
|
||||
UNOMtJ7FBZk1jNyv5F1lbG4rAOGlv8wPHm8kFijSTEWvLY2EUgNzIkC8VryhV9Um
|
||||
xDIWGRBE7m5J/pG8OIsq21xSDu2H+lvwiTt0GY62RnzPabkCDQRh+P3IARAAuUFF
|
||||
AoWst9HmwefnNEIsi4Nk5pMygof0jMDZFqQ5mPOzi6krbwgTUZu4Il0w5pfKJt2K
|
||||
88dQOC+kSEagdpOAEp3q1xVPcd1GduYqIlRghHzS1flfQBhC2PZOrByFn695zNZT
|
||||
TPTxe38jsQBGHGJeC+Mg2thejZJo2XHaLYM5gF0CFXdUivCz1x9dkx+fcPHMmVIz
|
||||
W+DS5+KJR/N8wh2Uw/VF6aWZikrbqZXrSx9aqdZpRPnyJ4OILhCXV2JCWUlS8l+k
|
||||
5eEiQwi8zqtXlp0mOjJEV1HvWzAduvKqXa3ArUHR8WsKZpWkzLl3Zy0Pbxt+4u4D
|
||||
uaWG9bFEpb78qSCMraKHs/ZQKuwdHQgeBy20x7GsN7grNKXT+xVIG/MQVlGGm1iM
|
||||
O3MxSYs42mYidp3Dj8wamOAD69LWozPyLyCF+cpEH+S3E2C62480kiXEXEXhKTfj
|
||||
WzbzggHy9CNa2TLFhcD+G7CxAYxwNyEuf7BPIr9hjNm3HBkczwYoKnhB2EJMarnW
|
||||
1LmSClmnqPyJrfR9SDEdBw2vF67tc/wcDv3ctPnv0H9x6EqhxQx7IE1D96Bi4+Cm
|
||||
s7JwyfqX4fQlBeBT2c1MiXfwyEugaxKVX/h9olfuBEi+ZoGryyTdM83Q1klMvI1l
|
||||
e4ffykqzHA2H14CUDbnLCe3S5a01WSyCUa72bwUAEQEAAYkChAQYAQoAeAWCYfj9
|
||||
yAWJBaOagAkQnnxhalzbE89HFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9p
|
||||
YS1wZ3Aub3JnhjfNA1exO+rxxBgIipULe5IoQ7FSuQWtKdXBteFLyUQCmwwWIQRs
|
||||
rXCd1VoyR4aAi6mefGFqXNsTzwAA+4MP/j492+RXBje+9UU0Ez2yIll4j4JqL8nP
|
||||
A8PibBSpzq4y/F3OPrzTCG1nmgvFGKNKcyGpKncG7bEt5Yh8II8UEwjuiwfMhanq
|
||||
IBfnhxYtQWjKKySgDi7TssQUoQA0DLWLP7QPnAZ1hMWQpd2v8LVQBlwH6hIauspp
|
||||
NEMiBrZw0BCitM46YhNfCkGfcD742j9P33ju03GQtEct7lxWUCQf09s9ZxUhc1u7
|
||||
/izQgyMoS/lmokdupUjrCCV3Au/u8xgUXka9jX8tz8AWHPvx/IpVdd5LZm/THs+P
|
||||
vfeStUk6zqA3viVmCfSD8nX51vrs64bNragVWcvi034shAobgysJeKNmVdN0zZyG
|
||||
zO8G6B0aDv5/D/sO8vyBTAxxtoiSW+plvsQaOM4uhGBoqbqXff2GYDViy/RVsjqW
|
||||
x574UJgJC5H7q+uUkHaN+buRxmpLgrRmaurYCSwnkturraNgmPjevosNh/kr8JmS
|
||||
z5Q1NWaWSZvPPp2Jh7TeVxeCiCZZAcq/SgkMMO43raPRG8iCrJy1/u+BoI9sz+qM
|
||||
LWa+8ACRDdXJ7fRnqkorlrtPUwRXruiS8subfhHaVYd2a3+r/7lw8TRfRuoKKDT2
|
||||
4TBr499a2QBmqL9bzlkctB96Rgo+JG8SS8iEAqTk9x0SqgTXVgjtCBrXV7DwUTR/
|
||||
DbdskhnT1dQeuQINBGH4/cgBEADnIQ2mZJT13YuBUOLM4Xlkp1165nlKvSC3oNE2
|
||||
Z47sKmcgwgKwPJssd1WsmkKDOsoxsvS6FJiAbmCQe/EdwT4dolRpVjczpp9p+w6w
|
||||
jtTXsWPsSUDbT0ZD8IOmOr24F8Z0WY/ho1Bmm3LwCMbW30KROpZn9VWyzGT6QTGw
|
||||
iZF/lyItsdGcYC2qgaXJpI0sEc5W1WK4ozpTu7z3BtzpyjOvVAQirF7Dp2yU3dLB
|
||||
93vj+/BYnB5F/1cmTWfu6lGRtO60E0j9DSH20AqTGfsJI4fPM7tbJnT2Fhj+MS8b
|
||||
Hf6iEnh2QwlUSUdMlJAxXVu1XcLiSbbHXV4Mh7gCuGB0p0rMGiBg9W/t+D2dYsBQ
|
||||
xuXq8fT4iqlaHaUwoVYtsDTMIg3c17mcYni5VRk2d49qpva6zR0zU3v0X2YtvHWl
|
||||
CCYBmjWSS/8X8FUgHVOaCEAOjTU89TvG9uvxXoqO64Wznx7sjywkaWuwmNck2K3x
|
||||
lhccw5iy+K1xxalKgcel6nMxdoBuW2RFRAYCCAT8IH+ONzLOcGj/+sRJx+bl18qY
|
||||
WcZGcYA9IbfJCNXuQHX4uRLjtml+zNac3Kefmw1jyBRUUkWbdcAsW3kvf3+CcP62
|
||||
URCk+eFMywnGk8N6UX9akSxgMKTR3IHuqZLHtzbgUxgeRHCLUid9GwsqDmu3fC8f
|
||||
LRK7sQARAQABiQKEBBgBCgB4BYJh+P3IBYkFo5qACRCefGFqXNsTz0cUAAAAAAAe
|
||||
ACBzYWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmct+zTDHUZ6Bm3R8Ppvd/bN
|
||||
JZM1ZIMgVssw3CAr4P+FsgKbIBYhBGytcJ3VWjJHhoCLqZ58YWpc2xPPAAAk3w/+
|
||||
MI9j1sls78BhTKrkUfI4S+DrQHQ5Fa5n7mBPaAVGUj/rT8UM1YZejWUvB7Eu6qlf
|
||||
e1+Ukl0E7WEqyLr1P6WOh+kW+k199gWqM/e5NcZQdRD5G99eXtC1iVdnhmZyJP73
|
||||
EWp5HSFdejNpnJ2S2LqPHtFSJt1hoQScdKYHOegIJwehfBOPD/3c4zQyXZ/8EZHV
|
||||
IjdvmS4QVcymuEiu5W0gZq6Uq5YfPtf3uWEfwXtjanXJCK3jYWVUVu99M73p1Xj5
|
||||
q9aRKdIWHu/2NMliZCtwYYbwVFLuDAN86+zXslP1As+AcxPbMvpjkt+AivhS9g6U
|
||||
uvov6ou4tjUsfHZKiKU4K2u96QkaprM0oPD73GX+fb5VnnaMh7Jh9Tkptx4VgSuZ
|
||||
WNHenrqhPG+GhaOdksSLFyrcn5jQcTx2BDaOFzeWtX5R4Iu1tVAqdEDJhcK+36Ee
|
||||
VoM+E7eppzA6bWRx46gKK2RMkqLbeJJJSn9kR/cxDPlkBomRGHXEKLf4ljXWG0Us
|
||||
G5iBKU9bU1oVH4eathSJ/8qURDiEaXmGa8Q/Ojo8mq/uwdDWzniCAr7TLHfSWQMb
|
||||
1pmd3mk2SjsOIogMeHJxNK5g1QXHkFGbHcqGx2R3G2aHKcUgYfwRJc0m2gpp7Ywx
|
||||
u6jTlXM0VVxcL3hfAAom3jb0NC/f0+wqcER+OZQ5UGw=
|
||||
=jlA+
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
|
@ -1,14 +0,0 @@
|
|||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
mDMEZeHASRYJKwYBBAHaRw8BAQdApEqGI538OjNii+FRA+EAonLpQlQ4o1SvhvSu
|
||||
rsn44J60LlJpY2hhcmQgTGFnZXJzdHLDtm0gPHJpY2hhcmQubGFnZXJzdHJvbUB2
|
||||
ci5zZT6ImQQTFgoAQRYhBPdL6RIzabMyVv7tXvt67Plk7vvXBQJl4cBJAhsDBQkF
|
||||
o5qABQsJCAcCAiICBhUKCQgLAgQWAgMBAh4HAheAAAoJEPt67Plk7vvXMKABAJH9
|
||||
knLFrVFNuuA8aeaUoHFl9wHorgkJpwa1imqglSESAP96ufweJeO/6F8WhrM4Qiao
|
||||
5YABXIhBkHZ7/WN1OH61CLg4BGXhwEkSCisGAQQBl1UBBQEBB0CSj8gnBWVtxSwj
|
||||
6iGrX18HauPeS/xsChXaQkiN0BJ2HwMBCAeIfgQYFgoAJhYhBPdL6RIzabMyVv7t
|
||||
Xvt67Plk7vvXBQJl4cBJAhsMBQkFo5qAAAoJEPt67Plk7vvXuKIA/jXcWEDmj6QV
|
||||
6EzKqc/V1FZqtIMOTlmTmhqC/dSNMn2QAPkBeUSlnpXkL/3cJgFRqcfD3aqxLccI
|
||||
cIKwgEeMLbs4Ag==
|
||||
=XLZu
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
|
@ -37,33 +37,6 @@
|
|||
- 89.45.236.6 k8sw5
|
||||
- 89.46.21.195 k8sw6
|
||||
traefik: false
|
||||
'^k8sc[1-9].matrix.sunet.se$':
|
||||
sunet::microk8s::node:
|
||||
channel: 1.30/stable
|
||||
peers:
|
||||
- 89.47.190.40 k8sc1
|
||||
- 89.47.190.118 k8sc2
|
||||
- 89.47.191.240 k8sc3
|
||||
- 89.47.190.86 k8sw1
|
||||
- 89.47.190.135 k8sw2
|
||||
- 89.47.191.12 k8sw3
|
||||
sunet::frontend::register_sites:
|
||||
sites:
|
||||
'kube-matrix.matrix.sunet.se':
|
||||
frontends:
|
||||
- 'sthb-lb-1.sunet.se'
|
||||
- 'tug-lb-1.sunet.se'
|
||||
port: '443'
|
||||
'^k8sw[1-9].matrix.sunet.se$':
|
||||
sunet::microk8s::node:
|
||||
channel: 1.30/stable
|
||||
peers:
|
||||
- 89.47.190.40 k8sc1
|
||||
- 89.47.190.118 k8sc2
|
||||
- 89.47.191.240 k8sc3
|
||||
- 89.47.190.86 k8sw1
|
||||
- 89.47.190.135 k8sw2
|
||||
- 89.47.191.12 k8sw3
|
||||
'^lb[1-9]\.matrix\.test\.sunet\.se$':
|
||||
matrix::lb:
|
||||
'^mgmt[1-9]\.matrix\.test\.sunet\.se$':
|
||||
|
@ -71,3 +44,34 @@
|
|||
rootless: true
|
||||
rlusers:
|
||||
- matrixinstaller
|
||||
|
||||
'^k8sc[1-9].matrix.sunet.se$':
|
||||
sunet::microk8s::node:
|
||||
channel: 1.31/stable
|
||||
peers:
|
||||
- 89.47.190.119 k8sc1
|
||||
- 89.45.237.43 k8sc2
|
||||
- 89.46.21.148 k8sc3
|
||||
- 89.47.190.103 k8sw1
|
||||
- 89.45.237.161 k8sw2
|
||||
- 89.46.20.60 k8sw3
|
||||
- 89.47.190.237 k8sw4
|
||||
- 89.45.236.55 k8sw5
|
||||
- 89.46.20.191 k8sw6
|
||||
traefik: false
|
||||
'^k8sw[1-9].matrix.sunet.se$':
|
||||
sunet::microk8s::node:
|
||||
channel: 1.31/stable
|
||||
peers:
|
||||
- 89.47.190.119 k8sc1
|
||||
- 89.45.237.43 k8sc2
|
||||
- 89.46.21.148 k8sc3
|
||||
- 89.47.190.103 k8sw1
|
||||
- 89.45.237.161 k8sw2
|
||||
- 89.46.20.60 k8sw3
|
||||
- 89.47.190.237 k8sw4
|
||||
- 89.45.236.55 k8sw5
|
||||
- 89.46.20.191 k8sw6
|
||||
traefik: false
|
||||
'^lb[1-9]\.matrix\.sunet\.se$':
|
||||
matrix::lb:
|
||||
|
|
|
@ -20,8 +20,9 @@ if ! test -f "${stamp}" -a -f /usr/bin/puppet; then
|
|||
puppet-module-puppetlabs-apt \
|
||||
puppet-module-puppetlabs-concat \
|
||||
puppet-module-puppetlabs-cron-core \
|
||||
puppet-module-puppetlabs-sshkeys-core \
|
||||
puppet-module-puppetlabs-stdlib \
|
||||
puppet-module-puppetlabs-vcsrepo
|
||||
puppet-module-puppetlabs-vcsrepo
|
||||
|
||||
fi
|
||||
|
||||
|
|
6
k8s/cert-manager/README.md
Normal file
6
k8s/cert-manager/README.md
Normal file
|
@ -0,0 +1,6 @@
|
|||
# install cert-manager addon
|
||||
microk8s enable cert-manager
|
||||
microk8s enable ingress dns
|
||||
# init the clusterissuer
|
||||
kubectl apply -f clusterissuer.yaml
|
||||
kubectl get clusterissuer -o wide
|
16
k8s/cert-manager/clusterissuer.yaml
Normal file
16
k8s/cert-manager/clusterissuer.yaml
Normal file
|
@ -0,0 +1,16 @@
|
|||
---
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: ClusterIssuer
|
||||
metadata:
|
||||
name: letsencrypt
|
||||
spec:
|
||||
acme:
|
||||
email: someemailaddress+element@sunet.se
|
||||
server: https://acme-v02.api.letsencrypt.org/directory
|
||||
privateKeySecretRef:
|
||||
name: lets-encrypt-private-key
|
||||
# Add a single challenge solver, HTTP01 using nginx
|
||||
solvers:
|
||||
- http01:
|
||||
ingress:
|
||||
class: public
|
9
k8s/clusterroles/role-namespaces-read.yaml
Normal file
9
k8s/clusterroles/role-namespaces-read.yaml
Normal file
|
@ -0,0 +1,9 @@
|
|||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: clusterrole-read-namespaces
|
||||
rules:
|
||||
- apiGroups: [""]
|
||||
resources: ["namespaces"]
|
||||
verbs: ["get", "list"]
|
31
k8s/examples/registry/matrix-registry-ingress.yaml
Normal file
31
k8s/examples/registry/matrix-registry-ingress.yaml
Normal file
|
@ -0,0 +1,31 @@
|
|||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: nginx
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
||||
traefik.ingress.kubernetes.io/router.tls: "true"
|
||||
name: matrix-registry-ingress
|
||||
namespace: matrix-registry
|
||||
spec:
|
||||
defaultBackend:
|
||||
service:
|
||||
name: matrix-registry-service
|
||||
port:
|
||||
number: 5000
|
||||
ingressClassName: nginx
|
||||
rules:
|
||||
- host: registry.matrix.test.sunet.se
|
||||
http:
|
||||
paths:
|
||||
- backend:
|
||||
service:
|
||||
name: matrix-registry-service
|
||||
port:
|
||||
number: 5000
|
||||
path: /
|
||||
pathType: Prefix
|
||||
tls:
|
||||
- hosts:
|
||||
- registry.matrix.test.sunet.se
|
||||
secretName: tls-secret
|
43
k8s/matrix/matrix-deploy-role.yaml
Normal file
43
k8s/matrix/matrix-deploy-role.yaml
Normal file
|
@ -0,0 +1,43 @@
|
|||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
namespace: btsystem-registry
|
||||
name: btsystemregistry-reader
|
||||
rules:
|
||||
- apiGroups: [""] # "" indicates the core API group
|
||||
resources:
|
||||
- pods
|
||||
- configmaps
|
||||
- events
|
||||
- limitranges
|
||||
- persistentvolumeclaims
|
||||
- podtemplates
|
||||
- replicationcontrollers
|
||||
- resourcequotas
|
||||
- secrets
|
||||
- services
|
||||
- controllerrevisions
|
||||
- daemonsets
|
||||
- deployments
|
||||
- replicasets
|
||||
- statefulsets
|
||||
- localsubjectaccessreviews
|
||||
- horizontalpodautoscalers
|
||||
- cronjobs
|
||||
- jobs
|
||||
- leases
|
||||
- networkpolicies
|
||||
- networksets
|
||||
- endpointslices
|
||||
- events
|
||||
- ingresses
|
||||
- networkpolicies
|
||||
- objectbucketclaims
|
||||
- poddisruptionbudgets
|
||||
- rolebindings
|
||||
- roles
|
||||
- csistoragecapacities
|
||||
verbs:
|
||||
- get
|
||||
- watch
|
||||
- list
|
7
k8s/matrix/matrix-namespace.yaml
Normal file
7
k8s/matrix/matrix-namespace.yaml
Normal file
|
@ -0,0 +1,7 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: matrix
|
||||
labels:
|
||||
name: matrix
|
7
k8s/postgres/README.md
Normal file
7
k8s/postgres/README.md
Normal file
|
@ -0,0 +1,7 @@
|
|||
### Postgres password
|
||||
To create the postgres password secret you can use the following command.
|
||||
kubectl apply -f postgres-namespace.yaml
|
||||
kubectl apply -f postgres-pvc.yaml
|
||||
kubectl create secret generic postgres-secret --from-literal=postgres-password=xxXxXxX -n postgres
|
||||
kubectl apply -f postgres-deployment.yaml
|
||||
kubectl apply -f postgres-service.yaml
|
75
k8s/postgres/postgres-deployment.yaml
Normal file
75
k8s/postgres/postgres-deployment.yaml
Normal file
|
@ -0,0 +1,75 @@
|
|||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: postgres
|
||||
namespace: postgres
|
||||
labels:
|
||||
k8s-app: postgres
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
k8s-app: postgres
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
k8s-app: postgres
|
||||
spec:
|
||||
containers:
|
||||
- name: postgresql
|
||||
image: postgres:17.0-bookworm
|
||||
env:
|
||||
- name: POSTGRES_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: postgres-secret
|
||||
key: postgres-password
|
||||
volumeMounts:
|
||||
- name: postgres-data
|
||||
mountPath: /var/lib/postgresql/data
|
||||
- name: sharemem
|
||||
mountPath: /dev/shm
|
||||
ports:
|
||||
- containerPort: 5432
|
||||
name: postgres
|
||||
protocol: TCP
|
||||
resources:
|
||||
requests:
|
||||
memory: "2Gi"
|
||||
cpu: "500m"
|
||||
limits:
|
||||
memory: "4Gi"
|
||||
cpu: "2000m"
|
||||
livenessProbe:
|
||||
exec:
|
||||
command:
|
||||
- /bin/bash
|
||||
- -c
|
||||
- exec pg_isready -U postgres -h 127.0.0.1 -p 5432
|
||||
failureThreshold: 6
|
||||
initialDelaySeconds: 20
|
||||
periodSeconds: 10
|
||||
successThreshold: 1
|
||||
timeoutSeconds: 5
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
- /bin/bash
|
||||
- -c
|
||||
- exec pg_isready -U postgres -h 127.0.0.1 -p 5432
|
||||
failureThreshold: 6
|
||||
initialDelaySeconds: 20
|
||||
periodSeconds: 10
|
||||
successThreshold: 2
|
||||
timeoutSeconds: 5
|
||||
|
||||
volumes:
|
||||
- name: postgres-data
|
||||
persistentVolumeClaim:
|
||||
claimName: postgres-pvc
|
||||
readOnly: false
|
||||
- emptyDir:
|
||||
medium: Memory
|
||||
sizeLimit: 1Gi
|
||||
name: sharemem
|
7
k8s/postgres/postgres-namespace.yaml
Normal file
7
k8s/postgres/postgres-namespace.yaml
Normal file
|
@ -0,0 +1,7 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: postgres
|
||||
labels:
|
||||
usage: postgres-btsystem
|
13
k8s/postgres/postgres-pvc.yaml
Normal file
13
k8s/postgres/postgres-pvc.yaml
Normal file
|
@ -0,0 +1,13 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: postgres-pvc
|
||||
namespace: postgres
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
resources:
|
||||
requests:
|
||||
storage: 20Gi
|
||||
storageClassName: rook-cephfs
|
14
k8s/postgres/postgres-service.yaml
Normal file
14
k8s/postgres/postgres-service.yaml
Normal file
|
@ -0,0 +1,14 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: postgres
|
||||
namespace: postgres
|
||||
spec:
|
||||
selector:
|
||||
k8s-app: postgres
|
||||
ports:
|
||||
- name: postgres
|
||||
protocol: TCP
|
||||
port: 5432
|
||||
targetPort: 5432
|
|
@ -1,3 +1,74 @@
|
|||
### Rook deployment
|
||||
|
||||
In the operator.yaml change ROOK_CSI_KUBELET_DIR_PATH to "/var/snap/microk8s/common/var/lib/kubelet"
|
||||
|
||||
# initalize rook operator
|
||||
kubectl create -f crds.yaml -f common.yaml -f operator.yaml
|
||||
|
||||
kubectl get pods -n rook-ceph
|
||||
NAME READY STATUS RESTARTS AGE
|
||||
rook-ceph-operator-6668b75686-l4zlh 1/1 Running 0 60s
|
||||
|
||||
# initalize rook cluster
|
||||
kubectl create -f cluster-multizone.yaml
|
||||
|
||||
takes lots of time before the multizone cluster is initalized
|
||||
(should be around 47 pods...)
|
||||
|
||||
NAME READY STATUS RESTARTS AGE
|
||||
csi-cephfsplugin-6xhjh 2/2 Running 1 (3m42s ago) 4m16s
|
||||
csi-cephfsplugin-cgmqs 2/2 Running 0 4m16s
|
||||
csi-cephfsplugin-hs2rx 2/2 Running 1 (3m43s ago) 4m16s
|
||||
csi-cephfsplugin-km7k6 2/2 Running 0 4m16s
|
||||
csi-cephfsplugin-ms8c2 2/2 Running 1 (3m42s ago) 4m16s
|
||||
csi-cephfsplugin-provisioner-dc97f9d65-6tvkn 5/5 Running 2 (3m35s ago) 4m15s
|
||||
csi-cephfsplugin-provisioner-dc97f9d65-bwdkn 5/5 Running 0 4m15s
|
||||
csi-cephfsplugin-wlks6 2/2 Running 0 4m16s
|
||||
csi-rbdplugin-ckgnc 2/2 Running 0 4m18s
|
||||
csi-rbdplugin-hmfhc 2/2 Running 1 (3m42s ago) 4m18s
|
||||
csi-rbdplugin-mclsz 2/2 Running 0 4m18s
|
||||
csi-rbdplugin-nt7rk 2/2 Running 1 (3m42s ago) 4m18s
|
||||
csi-rbdplugin-provisioner-7f5767b9d5-gvbkr 5/5 Running 0 4m17s
|
||||
csi-rbdplugin-provisioner-7f5767b9d5-n5mwc 5/5 Running 0 4m17s
|
||||
csi-rbdplugin-rzk9v 2/2 Running 1 (3m44s ago) 4m18s
|
||||
csi-rbdplugin-z9dmh 2/2 Running 0 4m18s
|
||||
rook-ceph-crashcollector-k8sw1-5fd979dcf9-w9g2x 1/1 Running 0 119s
|
||||
rook-ceph-crashcollector-k8sw2-68f48b45b-dwld5 1/1 Running 0 109s
|
||||
rook-ceph-crashcollector-k8sw3-7f5d749cbf-kxswk 1/1 Running 0 96s
|
||||
rook-ceph-crashcollector-k8sw4-84fd486bb6-pfkgm 1/1 Running 0 2m3s
|
||||
rook-ceph-crashcollector-k8sw5-58c7b74b4c-pdf2j 1/1 Running 0 110s
|
||||
rook-ceph-crashcollector-k8sw6-578ffc7cfb-bpzgl 1/1 Running 0 2m27s
|
||||
rook-ceph-exporter-k8sw1-66746d6cf-pljkx 1/1 Running 0 119s
|
||||
rook-ceph-exporter-k8sw2-6cc5d955d4-k7xx5 1/1 Running 0 104s
|
||||
rook-ceph-exporter-k8sw3-5d6f7d49b9-rvvbd 1/1 Running 0 96s
|
||||
rook-ceph-exporter-k8sw4-5bf54d5b86-cn6v7 1/1 Running 0 118s
|
||||
rook-ceph-exporter-k8sw5-547898b8d7-l7cmc 1/1 Running 0 110s
|
||||
rook-ceph-exporter-k8sw6-596f7d956d-n426q 1/1 Running 0 2m27s
|
||||
rook-ceph-mgr-a-6cfc895565-h9qfg 2/2 Running 0 2m37s
|
||||
rook-ceph-mgr-b-85fc4df4b5-fv6z9 2/2 Running 0 2m37s
|
||||
rook-ceph-mon-a-868c8f5cff-2tk7l 1/1 Running 0 4m10s
|
||||
rook-ceph-mon-b-6f9776cf9b-w4dtq 1/1 Running 0 3m12s
|
||||
rook-ceph-mon-c-8457f5cc77-8mbpj 1/1 Running 0 2m57s
|
||||
rook-ceph-operator-6668b75686-l4zlh 1/1 Running 0 7m36s
|
||||
rook-ceph-osd-0-79d7b6c764-shwtd 1/1 Running 0 2m4s
|
||||
rook-ceph-osd-1-65d99447b5-bnhln 1/1 Running 0 119s
|
||||
rook-ceph-osd-2-69dbd98748-5vrwn 1/1 Running 0 114s
|
||||
rook-ceph-osd-3-596b58cf7d-j2qgj 1/1 Running 0 115s
|
||||
rook-ceph-osd-4-858bc8df6d-wrlsx 1/1 Running 0 2m
|
||||
rook-ceph-osd-5-7f6fbfd96-65gpl 1/1 Running 0 96s
|
||||
rook-ceph-osd-prepare-k8sw1-5pgh9 0/1 Completed 0 2m14s
|
||||
rook-ceph-osd-prepare-k8sw2-6sdrc 0/1 Completed 0 2m14s
|
||||
rook-ceph-osd-prepare-k8sw3-mfzsh 0/1 Completed 0 2m13s
|
||||
rook-ceph-osd-prepare-k8sw4-dn8gn 0/1 Completed 0 2m13s
|
||||
rook-ceph-osd-prepare-k8sw5-lj5tj 0/1 Completed 0 2m13s
|
||||
rook-ceph-osd-prepare-k8sw6-8hw4k 0/1 Completed 0 2m12s
|
||||
|
||||
# init rook toolbox
|
||||
kubectl create -f toolbox.yaml
|
||||
|
||||
# jump into toolbox
|
||||
kubectl -n rook-ceph exec -it rook-ceph-tools-5f4464f87-zbd5p -- /bin/bash
|
||||
|
||||
# init rook filesystem & storageclass
|
||||
kubectl create -f filesystem.yaml
|
||||
kubectl create -f storageclass.yaml
|
||||
|
|
|
@ -1,169 +0,0 @@
|
|||
---
|
||||
tls-secret: &tls
|
||||
- key: tls.crt
|
||||
value: >
|
||||
ENC[PKCS7,MIISnQYJKoZIhvcNAQcDoIISjjCCEooCAQAxggKBMIICfQIBAD
|
||||
BlME0xCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVTVU5FVDEOMAwGA1UECwwFRV
|
||||
lBTUwxHjAcBgNVBAMMFWs4c2MxLm1hdHJpeC5zdW5ldC5zZQIUUXNN3AgoU9
|
||||
LDj51WjMKFKDBvyGgwDQYJKoZIhvcNAQEBBQAEggIATZD52IMRDXX4kFc1ic
|
||||
sujwttiASzziDBvsZD1x3GDcXHTSfucMYIcHLavnZxlaON/SP113pQxBPALc
|
||||
A5ZXpLsTIxnd3iGBJJk3mwGz1U1CFEM4QZSOuh2f9cFlD5f+p9i8ggvQ8QvK
|
||||
jut0N11EwFlbGd3A1jq4s5B1pu8S0obEIrayeoK6iUUBbk8nEKnILyKf908X
|
||||
1Nnhv4XalD6rvgSZDrWzU8XpAHZ0b+ttpwE+dinu160rVELWpM8dZCqkD1SB
|
||||
ByNKdSpQHnIobHpg6e1XPLvFvFqJ0ljcKXbr54ju4YmIPEu6fh4n1TgB5jMs
|
||||
q9QUIW0xUq53Qk6QYUiasy90NUMWO/zrhV6BsTAwKSUCmvcq0YGioBtuhixt
|
||||
/CEbtyr3EqqrYJ7B9MHQ5M+4wl8TfalZTyVjiFk51itzyQI5j2Sow7q2/Fia
|
||||
mDyUR54Ks6UqbKTk6JFhj+LWCAOjz0bH2bk+2CIZfXcCD/em/wFWpS4h4Tx9
|
||||
l03iC42rG4VA0Fv/9i9W4/cd2v4j4/hYbf7m55xY5Iy83Ijbghcmo8OOyha9
|
||||
Sxb6ecCfPlO+8hAXm7xspWF0oFXfKYuVG2S/Z+OIseAaw4XFxUJ5lagqBnhL
|
||||
9hymFQXp+IAZBnNPM4W1ewOKEEfxZ3GL3flM+qYbf/TRlW4BiJ9LpqiidC4b
|
||||
LsNy0wgg/+BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBPh4TbOm74T+Z5NK
|
||||
NU+cGEgIIP0CAVBJmuzDH6Fsh4rg0dnqT1RshGyyttY2jk89WQ9R0K0rAvYp
|
||||
lN/5ykITDRPEjqTxzOxoC6X+G6yE6C6ILHgK9nQvuBDblMSeRaBB+f46GNrX
|
||||
BAQzsjfTD4ePk7hNx8jKaoPrzwK7eXcK+e4jwxhnAdPxBSavEWv+JFECbdvf
|
||||
43x5Rpyf4CIxhG84pFBKKejPOC/xHg2g/RQHip6iI7IN5SlirEdANQNZriWr
|
||||
dqN1fMns69VA3729T1SP9ntUlu6LB8BaJoCiexF+OTLvSvhFCPPuzIJF4zN7
|
||||
IWwCy/rrxXOLXZnHOu4ZFiV2ocDx1H8pxlsCmXq6JkNViBpddMixRfEJIJs5
|
||||
GGw59coNef3WDIyfURuvNlN5PktdPmqFs4Y1M3BUjJYDRPuLTI7FGt9QKpEt
|
||||
K2NlnJiRvspnXOzhNTV8WX/NTt831Lw3iDS2ZAMNzY6OsoGkcRmqLW4T7uM2
|
||||
+unkrnx8GitUZui6hkm+5dTUh43l+EDuv3qeNiw4HxcjwceSklZ8JYjOJuQ4
|
||||
VHX6Z2yza0EL8CACh+4KZTZhXMXfxt/w1bHVzZzKekQHtz+LOmprF0PbFxln
|
||||
xmxOg2ZRofGtMeRgtVXGpHGj7dA0FiODSRUOBgZbcaMVxSdpCnhm9q+mUXh+
|
||||
AS4YZnXKuIEDZ0zQI9iq/oNfgqtbv7taPZPgBucOdkQm9LDIGY5iRWYvMNsn
|
||||
6F4EXzBwK4zbHkiwSquzPUEtylQ8xlECwGmHZCiwNi9lvtjlNIL7syYnyqhL
|
||||
0tuBGTwaGWJVSw2yPb3GtfZ/f0wUQcQjSNNWwHolrjExpasa0PMQSRZ93+V/
|
||||
sU9/YjtVBGoKP1ldAOyEL1WmIJJC5GOl49nJjixpHwOB1DneHvc4B9JAlK/e
|
||||
4TmIqP4mEetAuA2nLJ3Y9HURVWxlA7eIc3rc4/TVkSjtq1A+bnYdDc535Pw1
|
||||
vf/N8wlU9VDCtYPhROLghlwYfMByvuOonMV6Fnd9ILkMcRJzT7zqE85hn4Hx
|
||||
dLaSBFSwcNKcvXsbtnDwPuVioZ/58ygaT+dIr0uRVfkR60S46CcHXum73IBL
|
||||
9/KsRzLsQ6ys7bjKITE2u0d3zSI87wJ7EbwiM+ljz1BRUxjP7AwGehH24Btr
|
||||
nDk2sIzdp0jRv5JxIrLuHc5TKiki9l2hnR4Owx1NxoKy2dquww1xp07G6S+/
|
||||
LK+BTWmnE/rSKJoCEcKDGC1wgItwqT+wEkxfGVibVrNb1yv94jtsdz0M4r1D
|
||||
IBB2uhZqPhIrfhG3Dgg7XYVMLXJkRF/o+WoCfD43IcyTcA961g2CXczUaQmL
|
||||
BfOoC1bx+k17u+/qNJGXvhf0J8A7v24yjQmVwR2ceHP2KAfhSsUKTrJFlS7o
|
||||
R+k4QmsvR1qzT+KgcPLkBO75cbvbBnL1e5x5rrE97TSHLvC1NrFJZodJYbeP
|
||||
kL6eyEy/aXIkFEUS44EBOsVD7cNni35crdW960PWxrh25+fyOAHvUwXfCkDq
|
||||
SYo7nnkglbR2UwbdSGfhFypUO/W0IQtu0D1liGt9W0e5k38LmnpbfDDaf5mP
|
||||
ei3uaukC+8Dss7drRCCA9ay90XhX2GACmzGPdGpfFFdihtXiYBhgfKjCCUj+
|
||||
b6M+bz8sUsKLOmyByXtKMRH072j7BxIPzre25pldbs1RxfwaVRb7TmA5e/kp
|
||||
Ldp1mE5nQXQWzcvoIAeIW1mWxQi717ncXGeN9hJ83hbW32sSNnuIoRl+CYBr
|
||||
gO3oT/ypP8wgoJ/ZS0xE99lie7/ZMELFUmhNR5MvRQExO02uvJTfRf3REuyA
|
||||
fVrw0rXRSlP/Gg+WN0rt+2vuk1qEZkZghlMTMGttt3jugC5mTYnXtXA3qqLV
|
||||
hirE+6rmDs+jAMhc+WoGVaWbwRkn/2RVU1Ne4DsI+GIKZ7GuRSWiYDvJySNH
|
||||
bL/fAt7S+xafiLuihZKTC477TIef6LBOqKzMf1+OrPna4iAmFhWSU/VKvCJX
|
||||
0EAynNNhn3gfOG6zcQy/W/walNB5ZWNRNTjM+913ZsqgtgxA6/7ZaT3DTH11
|
||||
kczhamLZHZzko5oSqpokWSPV0DKJN3/2i0j2Hj6cWBCzGYz+yGbEkDq3Kqqh
|
||||
Q0RKvBLwe6VAStdRXjvlb2swbm4rtLPoXooWrVALy5g8o0OKZCsOlLYbMk6x
|
||||
Enf9g5jgCoJcd5u14hR7b4foCu8nnfr0/2ngmpCvvRNs+UEX83a3WmKFVVzv
|
||||
acFnAx5imn1MdFFvMNcox+98TjMLAftOzxmxaR3x46NPB+69wRh1Z/0xxI0c
|
||||
Yz1pqjBYs/rQVyF3fh+5jsQmRs6ueohfvsAkwOxKcVpOzgRSY3StzFdMSMmU
|
||||
HKEmoNiGQNrnr63OGdY1wJRZ6vwtlUm9mZ6AyR9Nrd09kbJfV7bsDgydfU3P
|
||||
8n+8jdZM6HLUcl5YOOXhAFILgrDS90u7LZuUTOA4iT3KN41J/qqaSTbgUZDb
|
||||
eN73yHUcBP0cFF1fSO6+HzO6bfmEjoe/SS+w4BBjEZb12isTT5pkMHPRW9Ue
|
||||
duiJJ6DB+ebPFBAZEcIZOe2F55d64trIw/4X7IM/A/88d8UtpbYfBWlaE95I
|
||||
wb0e+Vbg380TcKo7ZwnV2QsSWe8pSpcUjADiJtlMGE2FIq9/BbwDEVqXKHNg
|
||||
zCbx1oARanwS5vfKUl6gpPi7rJONvV6j3uAFJxMgdrS6aHFWecy/24FNLxgp
|
||||
dlkv5Zo9fwWOJIvFSu/XogjGIQqCQEaSGIQIuzLefLn92ea94LJORDWdPho+
|
||||
AfnyGfovQ3PpPPHxEBIMVaL3x61/Di45s4SxYXrxWp39VJa2J0396J5JQ1r2
|
||||
NOre1SspPXg9mtBFw0UrK5uCGWLAkJUlgKdGZdL3sX8X7n0UYpEp4wQgf1Dl
|
||||
P0HU4FJvIgUsWlNB6sm3Rg3a7XBnnAXDB7jGPrM8C/TJQg1AMiPSMhSf3icI
|
||||
9pt3PW5InjUCgl87FuBshJ5CHiLOQh+QlX/8+34EbziBRocyBVu8hbjwXILM
|
||||
6p7/MEwJNmlhmEFObsKPqvQpi9lbYRNUwIZqFPWr3DIBOTkO3zatimXwdCDm
|
||||
LLJG5Au2h/shTB8Mksm9eqyb8vbnUiyOy+Yk3YDNUauMU7+S5KHT9Q4Ht0hn
|
||||
eTd7d+2e7MyXwD8gCWNFfnBpK7WBR0w1Ix3qgS7QEsCbaCGZ/yBPN39TA1XV
|
||||
u5re15RskGcYjv3L1vcLHnzn5hToe/IQm0YGglJqXauqxUMaLfjaYTyKGNFS
|
||||
QtYwt9tePAiCGHGVLJJFG72EhXhiMZ1Cl+uPixaNAp2TEhGazkaeU3egChhI
|
||||
2WItO/f/F5tYInvbPPJqkXRjL6kQvojgKSD2fmIwm/GV6GVInw1Mb/n+jzv6
|
||||
5ozwtm/pI7eLXi7aWpUjZGx64Pivn+prfQqH95k/vikv8Bdnaxg9MZd5UKK4
|
||||
CT8CWXxHxgAl/CniobU91IPqTdiDbvtfRr0EslSS4bGVV27ztfzjmXpf6bCX
|
||||
MJy3lalBGtI0tWhXo33dsZzS2L5kjTk4wnK8vF47lLfIZ5x+dah2vAohLL6G
|
||||
XXcYkKpm3NnxfmRw3i3DAKRBEs+SHwJXdB9SfrccpuKcbPqrC9Zn/DKiu09O
|
||||
+ED3T7oczUm0zqgGLPh0FWmVbQ/JIjYmkGZKHWJluczDDucacOLZUNTbJN/0
|
||||
IKWSZH20vduKQBqDkIqPpOWNmvXyuH7a1Zlh7EXRZBZCOWSPTP+HI1xnIOUN
|
||||
/m6oFKRfiVHgmA/oLkRQ6griV3M/aNnIypudS8uZW559T7T2wXj9j+GZjZAe
|
||||
gKi+qdd6P6KDlHbR1f1lu56dvrjBK+UeLeK2omXiRjHIYX8jTBtwjYUR2BQu
|
||||
mq4KZcmfPeRe+8aP1zT1uMVJBQQuSTofCiyupxNCEyhSgb/OgmfXB3TdQ5CN
|
||||
NQuhRbVzMMo20gmJJ+6hlg9m7tpenhDkqIBtzKB4f4/veXZHr8b5+/RbYMDV
|
||||
qoxmQk4H6lZ/E80EjmsgD/wsADzkhUXTMiRlSLIujPL9m8FgO5SeUnUN49Q6
|
||||
c1W8LAOenr0Xkkiv+cbfzTPLN4D+ACzb9z0LBR1KAD4ZyD+GeB8Ou5hOGE0w
|
||||
WM3GeBdimkHeyE3QrO6xhdrscHsid9sJe7yFnG15kkQZXPbYomiur8yqh+QG
|
||||
zIHauL8RyZEEu5R9/lsq/DVOwP7vDxPX1eztDhT/i+64Z64hd/twGVFk5JxF
|
||||
iDfx6yJN4SlmbFjeaQ1Zl2cHDQCaUlFiALC/SFk9Mdt+EaRYJEZhZnSgpZ+f
|
||||
YI8RWgLlD4DC10JQ5zmFjfnzMMiVMhAbT0W6C2LdVd8zPQXT+kQrlaq8s+b6
|
||||
d2s8IoYx3x0kTi7gM6OP1etVM2L2ocdWvVHippsQXfzOLQ747bbLI028vR1B
|
||||
oEucGS/RlxNqnOgmujMRty94mt+U7fU/u3uVg07meIv2Wc3nQl/tpbG8olLt
|
||||
r17lAiPsP1tyblo4iqx//GOdB6jCg1zO5KDmJH1ZgSJVCNNW+tLhVmtfB1v2
|
||||
bRnincyr7842d4l+kmuu69Y+10THMltWH63JWnBrFyiG/T5zD/EH8XXOgSC7
|
||||
0MlWYPiLtNkCcBi5lrvgISTwUGeW/qIMNTkbmJxpZ5TjBjcyYQpORtnoAXQj
|
||||
3SLgNiZdXeR4D5j0/kYrI6blz6fw1DV1AcfWUvCr684oYF8Rg+vtl3xJMA5l
|
||||
BEQwyZHxGPWgAP8nzQ66ofyktkYOskw/1KCszKv/i4myitGVwEc2PqoTva/Q
|
||||
tdjWXqdh4lwBxLvYFt19EvO76cbwnXUBNFLXkyFHtis//q7mgTwi+13Y6LbR
|
||||
bUm4JRBBxT1Fx3XmTCL+th8EI1XVM7wh+NKZkZak4ummJgf0KXC+QXkynJXb
|
||||
B+28oGU9mUW3DXBv2ceW49nLY66iJzI8YzyP+YfTDiJLtmB2hVA02ZFcKMyN
|
||||
4UGa5erlTGixAFPBcDrw603f1fjYrDVQZfPUvjl8F+jIRheevy5b7VhcQxr/
|
||||
KbNFCqarHTsO98NbRIV+2VU4nip+9Fot7TXvpYloMBp7EyDKlSpI4JLD1rRH
|
||||
Y2EjtRVyNDNubWBLo4fKQ4CwsQLaIjWdD4RD5K1O0vsgk+NWoPid/BHguF/p
|
||||
U/gn1VwGydI3T3UhkUZo/c9OnBTHzn/1BRwbLCO1zLE8aE+D4HDCyKRDuAPP
|
||||
D5iJLnrWbhaFMJMJ2/7t/fgE75mrSyWA/12ERhQiS0mTPhvvKaNM5qv5POhd
|
||||
C4pqjSnXf9C89YX8T6DTHDKF2qknGBGzpKHPWX5NGFGc6SCiIiZrTVp/PLHL
|
||||
JjJcO0N8qCmlsIWRPPgkPKa6uRndIq8dux+fjZVUruMKmQF2DwArbOWLSCWL
|
||||
ZheKiC8dHs6ObcNYh5kON3nEp9mGHfKYNKzR89o7qwP7Lfy1uKc4+y1YTj2F
|
||||
RsCaJuUiM=]
|
||||
- key: tls.key
|
||||
value: >
|
||||
ENC[PKCS7,MIID7QYJKoZIhvcNAQcDoIID3jCCA9oCAQAxggKBMIICfQIBAD
|
||||
BlME0xCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVTVU5FVDEOMAwGA1UECwwFRV
|
||||
lBTUwxHjAcBgNVBAMMFWs4c2MxLm1hdHJpeC5zdW5ldC5zZQIUUXNN3AgoU9
|
||||
LDj51WjMKFKDBvyGgwDQYJKoZIhvcNAQEBBQAEggIAWMkR/oj9qeRsaHR7rH
|
||||
fY4RhGy36hkAO2H24s7OeuGRWvSppZCjpSQ/oQhhlX2w54pmNrpEwQiD7FRY
|
||||
85PNucFzC81uSxGg9woj4p6py0LiWagv7Q+jZFE6NaHL3W/Y0x6HR+4uC84t
|
||||
LInng4BTXZybUT6qZW2JZBzCOrcCyBfwQdIaulX0lL7yHljnnB54rXZ7JW2Q
|
||||
LFeWe8FqCC6ZDYcVFrzD/fQGgJfnJics98ATaSAyNTuEpZr75O6z3HbcS53C
|
||||
VxNyJ6O6xeYxcvijF4ykyYpTbp3iUCWGs7JuVWm1XXJNHT3VtIyvI6oqGhoC
|
||||
JKUuXX4bD4BrLjTu0uCKmRilQhMnQ4mq5zr+e1mMGTfEj9nGciFY9N9uvke7
|
||||
Ig+jIvYQ8OqGnKuVsAUEvrmnacrXUNuvaOtLcitpOBg4eROiF5Sw6xnxcHSk
|
||||
ug4FZmv2H+xpBZrjNmhCLFwDhkHOZoT2JYbS8ui9/DuR3GoJ2uSvHuGvWbsO
|
||||
FGTMOFYR5HJ15zivc18vPko3hjWCmPOJXBEBGsSgawSoCa50b+bxql0Z3t03
|
||||
2FboNGNloqi0+Hw7gNrL2VeRyp6QgWkILy0vJHjq0QOzUcCXcfzBcj1jqAli
|
||||
NU/iKCXVwUesIwU44eMBBUMqm9KF1L5Jk0vbxXo5/8WuCYAZkpbTdH5heks4
|
||||
TWNZgwggFOBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAQJUXVen+bf8+ePd
|
||||
0FkUEsgIIBIM/KpUADCCPTZOfBQmNkwyIt00Flw6Ko7Vm523NHu0ASzzWD4n
|
||||
rE/nA6TvwiAzL8dti77ujP3YvsCwrA7LCMsbBVJun7IUUqytdcVMhM+6LLHk
|
||||
Sy8Qj4mLsq330TA/7G8JFJLj4HmR1JYOwe4Ua2yxAyey8UxILJ71RvEyPJLk
|
||||
QxD5NMejTkD/OeN574SRQQX3Mu7RMjasImlrG/9DPdnS0friOPlDG4djPYHQ
|
||||
S5mItq4eA4NfhCrE7bLtyZuDYa0yIgaEQ/zjMFvWCMiw5r0+vhXs8pjUqg3Y
|
||||
U3S3XIFAftDVHUnfcprG9zLcfytifL3W7lr7BO64qRbZumtkxPpJx3KK+ui/
|
||||
0Vxi1eI5MXsS25gc+TIlfVmiUhhvEZyYVNCw==]
|
||||
microk8s_secrets:
|
||||
default:
|
||||
tls-secret : *tls
|
||||
health:
|
||||
tls-secret : *tls
|
||||
kube-system:
|
||||
cloud-config:
|
||||
- key: cloud.conf
|
||||
value: >
|
||||
ENC[PKCS7,MIIEHQYJKoZIhvcNAQcDoIIEDjCCBAoCAQAxggKBMIICfQIBAD
|
||||
BlME0xCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVTVU5FVDEOMAwGA1UECwwFRV
|
||||
lBTUwxHjAcBgNVBAMMFWs4c2MxLm1hdHJpeC5zdW5ldC5zZQIUUXNN3AgoU9
|
||||
LDj51WjMKFKDBvyGgwDQYJKoZIhvcNAQEBBQAEggIAzfe0zL+en5RwlhWAIo
|
||||
z+rpqysj4xEKFhIdLOZVJouEzfzhj8eoiQheGpk8tstA51FBY9ndvGb8pguH
|
||||
bbd/mmrSU9w+U8SXj3IJGFPCm/GtooFoJk5Omo317gcSX7MbFijKUjiTGRip
|
||||
9iAsaOlfAZlRbVou6HLXLRH77w1WIa5wgkWKsmazAsdP9iD1EZHaQhqgHA7S
|
||||
XbqMO0Y0Cxz428NLDj0sW5YQW/3YsUYpMYSLSBwMMdTcxh3WOiDcvkSX6ZAZ
|
||||
z1XVaVtV5zvg1HNWgb+10mBsGhDyPdynH4jyzq7dGR7GAYOkY7BbKAQjwxJg
|
||||
3bpnLftzXPb6G/TohmJFZ9HnaL4oJFsWpsMTB9maUjmze23F9X3cqoW2Kuud
|
||||
RG2svizbNJCHgM65ja4Njaw9Xsu+OSLdY1Q9CjXWcJupUYelZu9oV5hEYXHU
|
||||
wrV3LAZBbOWA7l5zoBimmDwZMQAhIQujJylfVscjSbtM0L0HXlODT9gQ0ANp
|
||||
jhndvgH8ziHPlID8SPdjKU64QSwFpWOo9e4/Nslptx29OvunCWeh5a9iep+Y
|
||||
EAZxiVgL1s+NsizkdZHFDYrMXPeH1V+ZtgXaX6UGEQSbVPZXzQzAFK4T15jP
|
||||
IAigbknSSUOWne3VDiQ1pjY+n0bZLuk0VhcTQtKKBnjBxln/dSw+ADoF++Hq
|
||||
EuzjcwggF+BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBT9qTTK5NMbSXdDl
|
||||
rI+52FgIIBUNxHt3AmQB+hLX8DB/+hLDgO4HC6qw5j5Pj30rvcOcwZ5NjQ1/
|
||||
uRCJyp3jATLH3hmCITgi0iCUj0BR1lxglR9rto8Tx2zDoqTWzgbFBfhjf9k5
|
||||
rKIX08Wdqg6J+ztk6ElWsc2ciC0wqhEQLpGoO0iNHFTZ4CaFG5g37OKHesMg
|
||||
cdfE8rpusXFPdj8ysntTduuvdE3KyPpsYteF8ej8vHLv3B+6eoqxEviWuOl1
|
||||
wWse4tSQCcb0kwBQ+UXHrmG5oxGBdXjTfwytBbaKPo0ol+NjBpfsVyCPK/Dz
|
||||
QnESVnIFXtHgdtefLNcHukUPECa7GQtd8B+7+w50ZzWq/8v7ypMBC5S9GfWO
|
||||
OUHtONp18qIynPFyHUlsAQ0FSPXxGAX/xtTuwpkYJwYLSp0Mlupqhyq7CZUn
|
||||
gSrZGn5u/4OJhwmYJoJlF9GCa9Z/OEHs6JRCcsLA==]
|
3
k8sw4.matrix.sunet.se/README
Normal file
3
k8sw4.matrix.sunet.se/README
Normal file
|
@ -0,0 +1,3 @@
|
|||
|
||||
The system documentation is in the docs directory of the multiverse repository.
|
||||
|
3
k8sw5.matrix.sunet.se/README
Normal file
3
k8sw5.matrix.sunet.se/README
Normal file
|
@ -0,0 +1,3 @@
|
|||
|
||||
The system documentation is in the docs directory of the multiverse repository.
|
||||
|
3
k8sw6.matrix.sunet.se/README
Normal file
3
k8sw6.matrix.sunet.se/README
Normal file
|
@ -0,0 +1,3 @@
|
|||
|
||||
The system documentation is in the docs directory of the multiverse repository.
|
||||
|
3
lb1.matrix.sunet.se/README
Normal file
3
lb1.matrix.sunet.se/README
Normal file
|
@ -0,0 +1,3 @@
|
|||
|
||||
The system documentation is in the docs directory of the multiverse repository.
|
||||
|
|
@ -1,3 +1,6 @@
|
|||
---
|
||||
sourceips:
|
||||
- ENC[PKCS7,MIIC3AYJKoZIhvcNAQcDoIICzTCCAskCAQAxggKEMIICgAIBADBoMFAxCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVTVU5FVDEOMAwGA1UECwwFRVlBTUwxITAfBgNVBAMMGGxiMS5tYXRyaXgudGVzdC5zdW5ldC5zZQIUPX0gRG82aZiAotUfxSI1PCZufhUwDQYJKoZIhvcNAQEBBQAEggIAXJshcFEueSHFlLo3kKvRWqUltrPBNrEligleurVbh64R2T/Qhq6/vwVfT6cmOkXO6AsPQk2+uyPOKQHvHoSqnYuyRS3bhWzmUUpXk8GpCws5w+1mwuB74J4ngK9ALo5CWisnoaAEDuuWvwPJVCrb6ofbkEj66Wz2BIU2Kt+GpvlV8IR79VYm2XQ8K7sk6Yv2/kT/eAHa5xvrzWieFAbXcxeaT92yrKGLkkVuUepu0T8iN+gbacusPRCVXVYKCqJ8t3erqlw3qheL6Q63xb19FMLptsAPClG4KJLSnMtss60pWiP2TaUhvgF1NH0QCQq2SjGjhRSkgzJV9YdRBccRe7TAKLUHcYy/oStMPuv3GaN7C5WhldPcN4bO16ziVCZfKA6yBGW/ezLMd9nk8dnzk3XsIHtCMCeqXiUDPVLFCHY0ekxorcKlppSgZTKB1EBi2xIf14v2ACZA8AKlXrBJ++DXQTL566pffvVMWHwVJX2FJ1X1vtmny4leIs1LOA19DZWkyHF48fM6U7clFwY6WfMXzTdl3oFepcxpOdyLoGa+wvQ9bfpUQNAYP4mQW0gJadPctXxkS1Oi+mYHSDMxrWzAKtbOLA8StQWXvg8LGs9yxcd6KZWufbz1uMTg7WIDcJadG/z3qc5ZEUoVZNbbHOEMnEFVzDgEfeB8+cwtfAkwPAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQSsM2NFbe2higpR4dySelE4AQoyqyRowuyTxaSZ0lZELn3A==]
|
||||
- ENC[PKCS7,MIIC3AYJKoZIhvcNAQcDoIICzTCCAskCAQAxggKEMIICgAIBADBoMFAxCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVTVU5FVDEOMAwGA1UECwwFRVlBTUwxITAfBgNVBAMMGGxiMS5tYXRyaXgudGVzdC5zdW5ldC5zZQIUPX0gRG82aZiAotUfxSI1PCZufhUwDQYJKoZIhvcNAQEBBQAEggIAD3dP3VZajW3lYO5xOQHNNFweEWKcQLunkXRE5eSL88DGNUje7pjATH3bfj7g693Acxy3o/7gmH4kqF6O695I44qf31x2P05HlgzKrIzIx1h8DlSpJEAAF1l3yq8EFkpuT50Bs006lMfb7UmSfEiKtbpqVTWryYf49tevZ/g9xoGE6r1g1Ym31syT7zt2bYkl0T/1TfBg/t9JuQBBawKZifMDKgB+w4ZWvmbuN5n9kIlxqCQupJom8IWSyc9umIQ4Q32NQmTRN7DYOPbGUFAunZ3aGJHvx5xBiy9lh8aswA3odugGU8v8yYqe0ivs1Hu3JV/f/U2pGHeE9t1wQ0QjA1ES+3oexdzJZYpI44q4udxstRhwnZFkFtj7+m7yDUJSDP8eB9UJzdhx63LxxcsNPCFnsUEM7vIr4oL1ZTe86PG7ZljA6v2P+uQmWAUs18PbB1Y4dIAnKewd4d0EyhPz3c4yV4S9dgP1zt0EM9GRj6bCRKSFOnd59vaFOAOKCYZeiNajwNI+Mk2QVagR6NFzgneHRay5quv6yRmNP9Fkmsgc7rtckS03uGCx2sNnfZKZsa6lGc9xekkjKPbTkOjvKa+L+VKc/PTxpTGGroAuDfY5ck68IECQORrqo2irOOM2+Z+BeultL1iwKOVLz5QVY1gVXHKuuXL6z8rcXzEEN9AwPAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQIxx9tE+wzDqf5i+RWvZo/YAQv0GytVs5YW6BHziK0n7+MQ==]
|
||||
- ENC[PKCS7,MIIC3AYJKoZIhvcNAQcDoIICzTCCAskCAQAxggKEMIICgAIBADBoMFAxCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVTVU5FVDEOMAwGA1UECwwFRVlBTUwxITAfBgNVBAMMGGxiMS5tYXRyaXgudGVzdC5zdW5ldC5zZQIUPX0gRG82aZiAotUfxSI1PCZufhUwDQYJKoZIhvcNAQEBBQAEggIAOxSw9yfoFWKbVqPzlozmv99ZmgANjPZtvtIDgKz/sx1xf6k1rIptL+iidO/+hOse6RG1+BBjvioFg+D0gWOeBfFFy1iU21VqFzdJpxJiLAbFQ81pJUTwbfglQIV+zFA73J7aJTERhYb3CG1mx6MZJLwxhTQojWoXP8fZjEa8s7BZpIHtVzBzwz4ynlQ3L/VrC8kIOLu93qtmKcz97fMKGmm0cqrC/BkF0fA487Uco+CBqlRurkc3MB/QrrbNkKEI5JK/OtLWg7wRXiW1oN8AS7iKNBl7Ic23JlFyQbW4XF7mhuPLyOlMNZEXu/7FrvPyK+Te+8YIKi8Q9Zj1ZpW5HNqIMX2Lqc3qyr/Cj+12ztgu9nQdUQmGOQAn7GEYvFoRIZXyIR/FGSI+iuG0R0+fTWh5v2wiHX9fop/U3xKcQq9oCp0kJ9hP59nf/JcFRH1b36+lQhk6PvAZvfsh5JONbOAxxKLhhrliC18PDhiddEmXY1gkqUPTQ+N9Yc+4rSzKQnVNTjP0gT9yOY2Kc6pUzW8Kp76qzewoWWUTdo71DpmmvPGpHUCqGvAPzjkbVB+iiZVKlpR1K/0YRYY0AOipAqY9L50RncPqoGwZ+5qgJ3zVjPhUdmJu2lysOxpZeRZNH4wfG047ISF1IIyLNmCVhOcX8CqVwdpSO/f37yhGzUUwPAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQcyXQqNfMcDEwrWJRMnF1oIAQBXHWNrsRXMG677xMSWMF8g==]
|
||||
- ENC[PKCS7,MIIC3AYJKoZIhvcNAQcDoIICzTCCAskCAQAxggKEMIICgAIBADBoMFAxCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVTVU5FVDEOMAwGA1UECwwFRVlBTUwxITAfBgNVBAMMGGxiMS5tYXRyaXgudGVzdC5zdW5ldC5zZQIUPX0gRG82aZiAotUfxSI1PCZufhUwDQYJKoZIhvcNAQEBBQAEggIAMNalG6516+YJ2Zv52jjHNmI57u3oV51+MSNlbflGHTkTzEXUnJMoVuQjvpPLFYd4g6X68YBeP7kng4CBURtadpi6YfM9R9L2u/Bf5cKCNS/HfqjjzOCeaVoMhrDfvLBMh7flfJCliqwj6vd/hBTs9teDj8DIoUNm3huQRWR/jgZsgtwGVVLR0AcOk07qNqEZNPCxiq5sFnXSZhLHJfJVdptafwLqZ57TsDJFQTlOOK+M2hFo3+WK3i8a4RliZLu+19UgnIvtZzCNb/7T3BUhe5S4zCNransFIg67iCQ1Ip5K4R6u/vE2BlG7zEMH8XJQ6ikWgX4k/hKO/nc26YhTupuQXst8GPiFjKxebnK+E6xL2EfbQIiZC966SbbfPhlIs4UqAltQFkSsdgwdMbUBVWj5LvSjmPZHzFX1e0RqXoOySRJ4TU9TVE/cLKouajWuY439ZeIjcOUSnb6dudqgsEfSJ4j+pBhvxfwr4ygFOAe8QkOGQ0OWyRdfuyWfbHD/9/ga0RG2UGHHhWPJtRerB2njaoreraF2+XyMwDFmqPQK+ShFcykKzofb2QnbLP8Z96sw1MGVayb2d+5tmql34C/tKEj1TkFNhK1ArwvMGPYKKHlqPkqQ/pyHRey2tOuFcVBLNhQNPSBiEZGEDsOuNtF+aA9Eq21JhOPyxvQ2WOQwPAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQTJhq8Kp07/r3JsT8o71ZWIAQx7n/2dClmK3GK+9FTrHyNQ==]
|
||||
|
|
3
mgmt1.matrix.sunet.se/README
Normal file
3
mgmt1.matrix.sunet.se/README
Normal file
|
@ -0,0 +1,3 @@
|
|||
|
||||
The system documentation is in the docs directory of the multiverse repository.
|
||||
|
64
tools/createuser.sh
Executable file
64
tools/createuser.sh
Executable file
|
@ -0,0 +1,64 @@
|
|||
#!/bin/bash
|
||||
|
||||
CLUSTER="matrixtest"
|
||||
|
||||
|
||||
function usage() {
|
||||
echo "Usage: ${0#*/} <username> [group1,group2,...]"
|
||||
echo "If no group is given the default one is user"
|
||||
}
|
||||
|
||||
|
||||
if [[ ! "${1}" =~ ^[a-z0-9]+$ ]]; then
|
||||
usage
|
||||
exit 1
|
||||
fi
|
||||
|
||||
|
||||
if [[ -z "${2}" ]]; then
|
||||
groups=( 'user' )
|
||||
elif [[ "${2}" =~ ^[-_a-z1-9]+(,[-_a-z1-9]+)*$ ]]; then
|
||||
groups=( ${2//,/ } )
|
||||
else
|
||||
echo -e "[Error] Fail to validate grouplist\nWe will exit"
|
||||
exit 2
|
||||
fi
|
||||
|
||||
basepath=${HOME}/ssl/kube/${CLUSTER}/${1}
|
||||
|
||||
echo "Generate key and certificate request"
|
||||
mkdir -p "${basepath}"
|
||||
openssl genrsa -out ${basepath}/${1}.key 4096
|
||||
subj="/CN=${1}"
|
||||
for group in "${groups[@]}"; do
|
||||
subj+="/O=${group}"
|
||||
done
|
||||
echo "subj: ${subj}"
|
||||
openssl req -new -key "${basepath}/${1}.key" -out "${basepath}/${1}.csr" -subj "${subj}"
|
||||
|
||||
cat <<EOF > "${basepath}/req-${1}.yaml"
|
||||
apiVersion: certificates.k8s.io/v1
|
||||
kind: CertificateSigningRequest
|
||||
metadata:
|
||||
name: ${1}-req
|
||||
spec:
|
||||
request: $(cat ${basepath}/${1}.csr | base64 | tr -d "\n")
|
||||
signerName: kubernetes.io/kube-apiserver-client
|
||||
expirationSeconds: $((86400*3650)) # 10 years
|
||||
usages:
|
||||
- client auth
|
||||
EOF
|
||||
status=0
|
||||
kubectl apply -f "${basepath}/req-${1}.yaml" || { status=1; echo "Failed to submit cerificate request to cluster" ;}
|
||||
kubectl certificate approve ${1}-req || { status=1; echo "Failed to approve cerificate request by cluster ca";}
|
||||
[[ "${status}" == "1" ]] && exit 1
|
||||
|
||||
# Retrieving signed cert
|
||||
kubectl get "csr/${1}-req" -o jsonpath='{.status.certificate}' | base64 -d > "${basepath}/${1}.crt" || { status=1;echo "[Error] Failed to extract certificate from request status";}
|
||||
[[ "${status}" == "1" ]] && exit 1
|
||||
kubectl delete "csr/${1}-req"
|
||||
|
||||
echo -e "\nRun these commands to create or update the user/context in .kube/config"
|
||||
echo -e "\nkubectl config set-credentials ${1} --client-certificate=${basepath}/${1}.crt --client-key=${basepath}/${1}.key"
|
||||
echo "kubectl config set-context <contextname> --cluster=<clustername> --namespace=default --user=${1}"
|
||||
|
Loading…
Add table
Reference in a new issue