airship/promenade
Code Issues Proposed changes
promenade/examples/basic/armada-resources.yaml
Mark Burnett b09c69a18a Add initial Makefile 
This add target a target for building and linting charts.

Change-Id: Ie349436d8bf50929e26ed43cc53fdc599a2acd9d
2017-10-31 12:46:23 -05:00

983 lines
21 KiB
YAML
Raw Blame History

---
schema: armada/ChartGroup/v1
metadata:
schema: metadata/Document/v1
name: kubernetes-proxy
layeringDefinition:
abstract: false
layer: site
data:
description: Kubernetes proxy
sequenced: true
chart_group:
- kubernetes-proxy
---
schema: armada/ChartGroup/v1
metadata:
schema: metadata/Document/v1
name: container-networking
layeringDefinition:
abstract: false
layer: site
data:
description: Container networking via Calico
sequenced: true
chart_group:
- calico-etcd
- calico
---
schema: armada/ChartGroup/v1
metadata:
schema: metadata/Document/v1
name: dns
layeringDefinition:
abstract: false
layer: site
data:
description: Cluster DNS
chart_group:
- coredns
---
schema: armada/ChartGroup/v1
metadata:
schema: metadata/Document/v1
name: kubernetes-rbac
layeringDefinition:
abstract: false
layer: site
data:
description: Role Based Access Control configuration for Kubernetes
sequenced: true
chart_group:
- kubernetes-rbac
---
schema: armada/ChartGroup/v1
metadata:
schema: metadata/Document/v1
name: kubernetes
layeringDefinition:
abstract: false
layer: site
data:
description: Kubernetes components
chart_group:
- kubernetes-etcd
- kubernetes-apiserver
- kubernetes-controller-manager
- kubernetes-scheduler
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: helm-toolkit
data:
chart_name: helm-toolkit
release: helm-toolkit
namespace: helm-toolkit
timeout: 600
upgrade:
no_hooks: true
values: {}
source:
type: git
location: https://git.openstack.org/openstack/openstack-helm-infra
subpath: helm-toolkit
reference: master
dependencies: []
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: kubernetes-proxy
layeringDefinition:
abstract: false
layer: site
substitutions:
-
src:
schema: deckhand/CertificateAuthority/v1
name: kubernetes
path: $
dest:
path: '$.values.tls.ca'
-
src:
schema: deckhand/Certificate/v1
name: proxy
path: $
dest:
path: '$.values.tls.cert'
-
src:
schema: deckhand/CertificateKey/v1
name: proxy
path: $
dest:
path: '$.values.tls.key'
data:
chart_name: proxy
release: kubernetes-proxy
namespace: kube-system
timeout: 600
upgrade:
no_hooks: true
values:
tls:
ca: placeholder
cert: placeholder
key: placeholder
images:
proxy: gcr.io/google_containers/hyperkube-amd64:v1.8.0
network:
kubernetes_netloc: apiserver.kubernetes.promenade:6443
pod_cidr: 10.97.0.0/16
source:
type: local
location: /etc/genesis/armada/assets/charts
subpath: proxy
dependencies: []
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: calico-etcd
layeringDefinition:
abstract: false
layer: site
substitutions:
-
src:
schema: deckhand/CertificateAuthority/v1
name: calico-etcd
path: $
dest:
path: '$.values.tls.client.ca'
-
src:
schema: deckhand/CertificateAuthority/v1
name: calico-etcd-peer
path: $
dest:
path: '$.values.tls.peer.ca'
-
src:
schema: deckhand/Certificate/v1
name: calico-etcd-anchor
path: $
dest:
path: '$.values.anchor.tls.cert'
-
src:
schema: deckhand/CertificateKey/v1
name: calico-etcd-anchor
path: $
dest:
path: '$.values.anchor.tls.key'
-
src:
schema: deckhand/Certificate/v1
name: calico-etcd-n0
path: $
dest:
path: '$.values.nodes[0].tls.client.cert'
-
src:
schema: deckhand/CertificateKey/v1
name: calico-etcd-n0
path: $
dest:
path: '$.values.nodes[0].tls.client.key'
-
src:
schema: deckhand/Certificate/v1
name: calico-etcd-n0-peer
path: $
dest:
path: '$.values.nodes[0].tls.peer.cert'
-
src:
schema: deckhand/CertificateKey/v1
name: calico-etcd-n0-peer
path: $
dest:
path: '$.values.nodes[0].tls.peer.key'
-
src:
schema: deckhand/Certificate/v1
name: calico-etcd-n1
path: $
dest:
path: '$.values.nodes[1].tls.client.cert'
-
src:
schema: deckhand/CertificateKey/v1
name: calico-etcd-n1
path: $
dest:
path: '$.values.nodes[1].tls.client.key'
-
src:
schema: deckhand/Certificate/v1
name: calico-etcd-n1-peer
path: $
dest:
path: '$.values.nodes[1].tls.peer.cert'
-
src:
schema: deckhand/CertificateKey/v1
name: calico-etcd-n1-peer
path: $
dest:
path: '$.values.nodes[1].tls.peer.key'
-
src:
schema: deckhand/Certificate/v1
name: calico-etcd-n2
path: $
dest:
path: '$.values.nodes[2].tls.client.cert'
-
src:
schema: deckhand/CertificateKey/v1
name: calico-etcd-n2
path: $
dest:
path: '$.values.nodes[2].tls.client.key'
-
src:
schema: deckhand/Certificate/v1
name: calico-etcd-n2-peer
path: $
dest:
path: '$.values.nodes[2].tls.peer.cert'
-
src:
schema: deckhand/CertificateKey/v1
name: calico-etcd-n2-peer
path: $
dest:
path: '$.values.nodes[2].tls.peer.key'
-
src:
schema: deckhand/Certificate/v1
name: calico-etcd-n3
path: $
dest:
path: '$.values.nodes[3].tls.client.cert'
-
src:
schema: deckhand/CertificateKey/v1
name: calico-etcd-n3
path: $
dest:
path: '$.values.nodes[3].tls.client.key'
-
src:
schema: deckhand/Certificate/v1
name: calico-etcd-n3-peer
path: $
dest:
path: '$.values.nodes[3].tls.peer.cert'
-
src:
schema: deckhand/CertificateKey/v1
name: calico-etcd-n3-peer
path: $
dest:
path: '$.values.nodes[3].tls.peer.key'
data:
chart_name: etcd
release: calico-etcd
namespace: kube-system
timeout: 600
upgrade:
no_hooks: true
values:
anchor:
etcdctl_endpoint: 10.96.232.136
node_selector:
key: calico-etcd
value: enabled
tls:
cert: placeholder
key: placeholder
etcd:
host_data_path: /var/lib/etcd/calico
host_etc_path: /etc/etcd/calico
bootstrapping:
enabled: true
host_directory: /var/lib/anchor
filename: calico-etcd-bootstrap
images:
etcd: quay.io/coreos/etcd:v3.0.17
etcdctl: quay.io/coreos/etcd:v3.0.17
nodes:
- name: n0
tls:
client:
cert: placeholder
key: placeholder
peer:
cert: placeholder
key: placeholder
- name: n1
tls:
client:
cert: placeholder
key: placeholder
peer:
cert: placeholder
key: placeholder
- name: n2
tls:
client:
cert: placeholder
key: placeholder
peer:
cert: placeholder
key: placeholder
# n3 is here to demonstrate movability of the cluster
- name: n3
tls:
client:
cert: placeholder
key: placeholder
peer:
cert: placeholder
key: placeholder
service:
name: calico-etcd
ip: 10.96.232.136
client:
port: 6666
target_port: 6666
peer:
port: 6667
target_port: 6667
tls:
client:
ca: placeholder
peer:
ca: placeholder
source:
type: local
location: /etc/genesis/armada/assets/charts
subpath: etcd
dependencies:
- helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: calico
layeringDefinition:
abstract: false
layer: site
substitutions:
-
src:
schema: deckhand/CertificateAuthority/v1
name: calico-etcd
path: $
dest:
path: '$.values.etcd.tls.ca'
-
src:
schema: deckhand/Certificate/v1
name: calico-node
path: $
dest:
path: '$.values.etcd.tls.cert'
-
src:
schema: deckhand/CertificateKey/v1
name: calico-node
path: $
dest:
path: '$.values.etcd.tls.key'
data:
chart_name: calico
release: calico
namespace: kube-system
timeout: 600
upgrade:
no_hooks: true
values:
calico:
ip_autodetection_method: interface=ens3
pod_ip_cidr: 10.97.0.0/16
ctl:
install_on_host: true
etcd:
service:
ip: 10.96.232.136
port: 6666
tls:
ca: placeholder
cert: placeholder
key: placeholder
images:
cni: quay.io/calico/cni:v1.11.0
ctl: quay.io/calico/ctl:v1.6.1
node: quay.io/calico/node:v2.6.1
policy_controller: quay.io/calico/kube-controllers:v1.0.0
source:
type: local
location: /etc/genesis/armada/assets/charts
subpath: calico
dependencies: []
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: coredns
layeringDefinition:
abstract: false
layer: site
substitutions:
-
src:
schema: deckhand/CertificateAuthority/v1
name: kubernetes
path: $
dest:
path: '$.values.tls.ca'
-
src:
schema: deckhand/Certificate/v1
name: coredns
path: $
dest:
path: '$.values.tls.cert'
-
src:
schema: deckhand/CertificateKey/v1
name: coredns
path: $
dest:
path: '$.values.tls.key'
data:
chart_name: coredns
release: coredns
namespace: kube-system
timeout: 600
upgrade:
no_hooks: true
values:
coredns:
kubernetes_zones:
- cluster.local
- 10.96.0.0/16
- 10.97.0.0/16
upstream_nameservers:
- 8.8.8.8
- 8.8.4.4
zones:
- name: promenade
services:
- bind_name: apiserver.kubernetes
service:
name: kubernetes-apiserver
namespace: kube-system
- bind_name: etcd.kubernetes
service:
name: kubernetes-etcd
namespace: kube-system
- bind_name: etcd.calico
service:
name: calico-etcd
namespace: kube-system
images:
anchor: gcr.io/google_containers/hyperkube-amd64:v1.8.0
coredns: coredns/coredns:0.9.9
tls:
ca: placeholder
cert: placeholder
key: placeholder
network:
kubernetes_netloc: apiserver.kubernetes.promenade:6443
source:
type: local
location: /etc/genesis/armada/assets/charts
subpath: coredns
dependencies:
- helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: kubernetes-apiserver
layeringDefinition:
abstract: false
layer: site
substitutions:
-
src:
schema: deckhand/CertificateAuthority/v1
name: kubernetes
path: $
dest:
path: $.values.tls.ca
-
src:
schema: deckhand/Certificate/v1
name: apiserver
path: $
dest:
path: $.values.tls.cert
-
src:
schema: deckhand/CertificateKey/v1
name: apiserver
path: $
dest:
path: $.values.tls.key
-
src:
schema: deckhand/CertificateAuthority/v1
name: kubernetes-etcd
path: $
dest:
path: $.values.apiserver.etcd.tls.ca
-
src:
schema: deckhand/Certificate/v1
name: apiserver-etcd
path: $
dest:
path: $.values.apiserver.etcd.tls.cert
-
src:
schema: deckhand/CertificateKey/v1
name: apiserver-etcd
path: $
dest:
path: $.values.apiserver.etcd.tls.key
-
src:
schema: deckhand/PublicKey/v1
name: service-account
path: $
dest:
path: $.values.service_account.public_key
data:
chart_name: apiserver
release: kubernetes-apiserver
namespace: kube-system
timeout: 600
upgrade:
no_hooks: true
values:
apiserver:
etcd:
endpoints: https://etcd.kubernetes.promenade:2379
tls:
ca: placeholder
cert: placeholder
key: placeholder
images:
anchor: gcr.io/google_containers/hyperkube-amd64:v1.8.0
apiserver: gcr.io/google_containers/hyperkube-amd64:v1.8.0
service_account:
public_key: placeholder
tls:
ca: placeholder
cert: placeholder
key: placeholder
network:
kubernetes_service_ip: 10.96.0.1
pod_cidr: 10.97.0.0/16
service_cidr: 10.96.0.0/16
source:
type: local
location: /etc/genesis/armada/assets/charts
subpath: apiserver
dependencies:
- helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: kubernetes-controller-manager
layeringDefinition:
abstract: false
layer: site
substitutions:
-
src:
schema: deckhand/CertificateAuthority/v1
name: kubernetes
path: $
dest:
path: $.values.tls.ca
-
src:
schema: deckhand/Certificate/v1
name: controller-manager
path: $
dest:
path: $.values.tls.cert
-
src:
schema: deckhand/CertificateKey/v1
name: controller-manager
path: $
dest:
path: $.values.tls.key
-
src:
schema: deckhand/PrivateKey/v1
name: service-account
path: $
dest:
path: $.values.service_account.private_key
data:
chart_name: controller_manager
release: kubernetes-controller-manager
namespace: kube-system
timeout: 600
upgrade:
no_hooks: true
values:
images:
anchor: gcr.io/google_containers/hyperkube-amd64:v1.8.0
controller_manager: gcr.io/google_containers/hyperkube-amd64:v1.8.0
service_account:
private_key: placeholder
tls:
ca: placeholder
cert: placeholder
key: placeholder
network:
kubernetes_netloc: apiserver.kubernetes.promenade:6443
pod_cidr: 10.97.0.0/16
service_cidr: 10.96.0.0/16
source:
type: local
location: /etc/genesis/armada/assets/charts
subpath: controller_manager
dependencies:
- helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: kubernetes-scheduler
layeringDefinition:
abstract: false
layer: site
substitutions:
-
src:
schema: deckhand/CertificateAuthority/v1
name: kubernetes
path: $
dest:
path: $.values.tls.ca
-
src:
schema: deckhand/Certificate/v1
name: scheduler
path: $
dest:
path: $.values.tls.cert
-
src:
schema: deckhand/CertificateKey/v1
name: scheduler
path: $
dest:
path: $.values.tls.key
data:
chart_name: scheduler
release: kubernetes-scheduler
namespace: kube-system
timeout: 600
upgrade:
no_hooks: true
values:
tls:
ca: placeholder
cert: placeholder
key: placeholder
network:
kubernetes_netloc: apiserver.kubernetes.promenade:6443
images:
anchor: gcr.io/google_containers/hyperkube-amd64:v1.8.0
scheduler: gcr.io/google_containers/hyperkube-amd64:v1.8.0
source:
type: local
location: /etc/genesis/armada/assets/charts
subpath: scheduler
dependencies:
- helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: kubernetes-etcd
layeringDefinition:
abstract: false
layer: site
substitutions:
-
src:
schema: deckhand/CertificateAuthority/v1
name: kubernetes-etcd
path: $
dest:
path: '$.values.tls.client.ca'
-
src:
schema: deckhand/CertificateAuthority/v1
name: kubernetes-etcd-peer
path: $
dest:
path: '$.values.tls.peer.ca'
-
src:
schema: deckhand/Certificate/v1
name: kubernetes-etcd-anchor
path: $
dest:
path: '$.values.anchor.tls.cert'
-
src:
schema: deckhand/CertificateKey/v1
name: kubernetes-etcd-anchor
path: $
dest:
path: '$.values.anchor.tls.key'
-
src:
schema: deckhand/Certificate/v1
name: kubernetes-etcd-n0
path: $
dest:
path: '$.values.nodes[0].tls.client.cert'
-
src:
schema: deckhand/CertificateKey/v1
name: kubernetes-etcd-n0
path: $
dest:
path: '$.values.nodes[0].tls.client.key'
-
src:
schema: deckhand/Certificate/v1
name: kubernetes-etcd-n0-peer
path: $
dest:
path: '$.values.nodes[0].tls.peer.cert'
-
src:
schema: deckhand/CertificateKey/v1
name: kubernetes-etcd-n0-peer
path: $
dest:
path: '$.values.nodes[0].tls.peer.key'
-
src:
schema: deckhand/Certificate/v1
name: kubernetes-etcd-n1
path: $
dest:
path: '$.values.nodes[1].tls.client.cert'
-
src:
schema: deckhand/CertificateKey/v1
name: kubernetes-etcd-n1
path: $
dest:
path: '$.values.nodes[1].tls.client.key'
-
src:
schema: deckhand/Certificate/v1
name: kubernetes-etcd-n1-peer
path: $
dest:
path: '$.values.nodes[1].tls.peer.cert'
-
src:
schema: deckhand/CertificateKey/v1
name: kubernetes-etcd-n1-peer
path: $
dest:
path: '$.values.nodes[1].tls.peer.key'
-
src:
schema: deckhand/Certificate/v1
name: kubernetes-etcd-n2
path: $
dest:
path: '$.values.nodes[2].tls.client.cert'
-
src:
schema: deckhand/CertificateKey/v1
name: kubernetes-etcd-n2
path: $
dest:
path: '$.values.nodes[2].tls.client.key'
-
src:
schema: deckhand/Certificate/v1
name: kubernetes-etcd-n2-peer
path: $
dest:
path: '$.values.nodes[2].tls.peer.cert'
-
src:
schema: deckhand/CertificateKey/v1
name: kubernetes-etcd-n2-peer
path: $
dest:
path: '$.values.nodes[2].tls.peer.key'
-
src:
schema: deckhand/Certificate/v1
name: kubernetes-etcd-n3
path: $
dest:
path: '$.values.nodes[3].tls.client.cert'
-
src:
schema: deckhand/CertificateKey/v1
name: kubernetes-etcd-n3
path: $
dest:
path: '$.values.nodes[3].tls.client.key'
-
src:
schema: deckhand/Certificate/v1
name: kubernetes-etcd-n3-peer
path: $
dest:
path: '$.values.nodes[3].tls.peer.cert'
-
src:
schema: deckhand/CertificateKey/v1
name: kubernetes-etcd-n3-peer
path: $
dest:
path: '$.values.nodes[3].tls.peer.key'
data:
chart_name: etcd
release: kubernetes-etcd
namespace: kube-system
timeout: 600
upgrade:
no_hooks: true
values:
anchor:
etcdctl_endpoint: 10.96.0.2
node_selector:
key: kubernetes-etcd
value: enabled
tls:
cert: placeholder
key: placeholder
etcd:
host_data_path: /var/lib/etcd/kubernetes
host_etc_path: /etc/etcd/kubernetes
images:
etcd: quay.io/coreos/etcd:v3.0.17
etcdctl: quay.io/coreos/etcd:v3.0.17
nodes:
- name: n0
tls:
client:
cert: placeholder
key: placeholder
peer:
cert: placeholder
key: placeholder
- name: n1
tls:
client:
cert: placeholder
key: placeholder
peer:
cert: placeholder
key: placeholder
- name: n2
tls:
client:
cert: placeholder
key: placeholder
peer:
cert: placeholder
key: placeholder
- name: n3
tls:
client:
cert: placeholder
key: placeholder
peer:
cert: placeholder
key: placeholder
service:
name: kubernetes-etcd
ip: 10.96.0.2
client:
port: 2379
target_port: 2379
peer:
port: 2380
target_port: 2380
tls:
client:
ca: placeholder
peer:
ca: placeholder
source:
type: local
location: /etc/genesis/armada/assets/charts
subpath: etcd
dependencies:
- helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: kubernetes-rbac
layeringDefinition:
abstract: false
layer: site
data:
chart_name: rbac
release: rbac
namespace: kube-system
timeout: 600
values: {}
upgrade:
no_hooks: true
source:
type: local
location: /etc/genesis/armada/assets/charts
subpath: rbac
dependencies: []
...
View Git Blame Copy Permalink