791e49c519
- Add support for optionally mounting a private key for the maas user to access remote hosts via ssh (e.g. virsh) - Add libvirt-bin to the rack controller Change-Id: I18efb6a6947a5a5f91800bf6494b7d9d15d8aaf2
334 lines
9.4 KiB
YAML
334 lines
9.4 KiB
YAML
# Copyright 2017 The Openstack-Helm Authors.
|
|
# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
# Default values for maas.
|
|
# This is a YAML-formatted file.
|
|
# Declare variables to be passed into your templates.
|
|
|
|
dependencies:
|
|
rack_controller:
|
|
jobs:
|
|
- maas-db-sync
|
|
services:
|
|
- service: maas_region_ui
|
|
endpoint: internal
|
|
region_controller:
|
|
jobs:
|
|
- maas-db-sync
|
|
services:
|
|
- service: maas_db
|
|
endpoint: internal
|
|
db_init:
|
|
services:
|
|
- service: maas_db
|
|
endpoint: internal
|
|
db_sync:
|
|
jobs:
|
|
- maas-db-init
|
|
bootstrap_admin_user:
|
|
jobs:
|
|
- maas-db-sync
|
|
services:
|
|
- service: maas_region_ui
|
|
endpoint: internal
|
|
- service: maas_db
|
|
endpoint: internal
|
|
import_resources:
|
|
jobs:
|
|
- maas-db-sync
|
|
services:
|
|
- service: maas_region_ui
|
|
endpoint: internal
|
|
- service: maas_db
|
|
endpoint: internal
|
|
export_api_key:
|
|
jobs:
|
|
- maas-db-sync
|
|
services:
|
|
- service: maas_region_ui
|
|
endpoint: internal
|
|
- service: maas_db
|
|
endpoint: internal
|
|
|
|
manifests:
|
|
region_statefulset: true
|
|
rack_deployment: true
|
|
test_maas_api: true
|
|
secret_ssh_key: false
|
|
|
|
images:
|
|
tags:
|
|
db_init: docker.io/postgres:9.5
|
|
db_sync: quay.io/attcomdev/maas-region-controller:latest
|
|
maas_rack: quay.io/attcomdev/maas-rack-controller:latest
|
|
maas_region: quay.io/attcomdev/maas-region-controller:latest
|
|
bootstrap: quay.io/attcomdev/maas-region-controller:latest
|
|
export_api_key: quay.io/attcomdev/maas-region-controller:latest
|
|
maas_cache: quay.io/attcomdev/sstream-cache:latest
|
|
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.2.1
|
|
pull_policy: IfNotPresent
|
|
|
|
jobs:
|
|
import_boot_resources:
|
|
try_limit: 1
|
|
retry_timer: 10
|
|
#default timeout: 15 minutes
|
|
timeout: 900
|
|
|
|
labels:
|
|
rack:
|
|
node_selector_key: ucp-control-plane
|
|
node_selector_value: enabled
|
|
region:
|
|
node_selector_key: ucp-control-plane
|
|
node_selector_value: enabled
|
|
|
|
network:
|
|
proxy:
|
|
node_port:
|
|
enabled: true
|
|
port: 31800
|
|
gui:
|
|
node_port:
|
|
enabled: true
|
|
port: 31900
|
|
port:
|
|
region_container: 80
|
|
service_gui: 80
|
|
service_gui_target: 80
|
|
service_proxy: 8000
|
|
service_proxy_target: 8000
|
|
db_service: 5432
|
|
db_service_target: 5432
|
|
|
|
conf:
|
|
ssh:
|
|
# A SSH private key strings to mount
|
|
# to allow MaaS access virsh over SSH
|
|
# The corresponding public key should be
|
|
# added to a authorized_keys file to a user
|
|
# in the libvirt group on the hypervisors
|
|
private_key: null
|
|
bind:
|
|
override:
|
|
append:
|
|
curtin:
|
|
override: true
|
|
drydock:
|
|
bootaction_url: null
|
|
cache:
|
|
enabled: false
|
|
maas:
|
|
override:
|
|
append:
|
|
http_boot: true
|
|
url:
|
|
maas_url: null
|
|
ntp:
|
|
# These options allow you to mock out the ntpd binary within the container
|
|
# by overwriting it with a script that simply sleeps - this is useful in
|
|
# environments where you do not wish these privileged containers to try and
|
|
# run ntpd that may conflict with the baremetal host
|
|
disable_ntpd_region: false
|
|
disable_ntpd_rack: false
|
|
# Use external only points region and rack serves and deployed nodes directly
|
|
# at external NTP servers. Otherwise we have nodes -> rack -> region -> external
|
|
use_external_only: false
|
|
ntp_servers: null
|
|
dns:
|
|
require_dnssec: no
|
|
# These are upstream servers
|
|
dns_servers: null
|
|
proxy:
|
|
# Whether deploying nodes should use MaaS region as an APT proxy
|
|
proxy_enabled: false
|
|
# Whether MaaS region should utilize an external proxy for accessing repos
|
|
peer_proxy_enabled: false
|
|
# An external proxy server to use
|
|
proxy_server: null
|
|
images:
|
|
default_os: 'ubuntu'
|
|
default_image: 'xenial'
|
|
default_kernel: 'ga-16.04'
|
|
credentials:
|
|
secret:
|
|
namespace: maas
|
|
name: maas-api-key
|
|
drivers: null
|
|
#### If you populates drivers, it will replace the 3rd party driver
|
|
#### info that comes with MaaS. see structure below if it is needed
|
|
# - blacklist: string # a kernel module to blacklist from loading if needed
|
|
# comment: string # free form comment
|
|
# key_binary: | # The GPG key for the repo holding the package, base64 encoded, non-ascii armored
|
|
# mQENBFRtGAgBCADlSku65P14hVdx9E/W0n6MwuB3WGqmsyKNoa3HezFdMjWERldINNUdi8O28cZ6
|
|
# j2+Hi9L1HeQIQ9+7FHpR3JyQePBJtRX8WSEusfRtML98opDhJxKm8Jyxb7aTvCwdNHz3yxADINkM
|
|
# tOj5oRm7VCr8XHkG7YU27ELs8B+BXWvjO21oSosiFurnhT+H3hQsYXfYA55aa21q0qX+L5dFJSNd
|
|
# zZVo7m9ybioVv2R5+PfBvdaSxCnmOpcGXFaKAsqVHeTW0pd3sdkin1rkbhOBaU5lFBt2ZiMtKpKH
|
|
# pT8TZnqHpFHFbgi8j2ARJj4IDct2OGILddUIZSFyue6WE2hpV5c/ABEBAAG0OEhld2xldHQtUGFj
|
|
# a2FyZCBDb21wYW55IFJTQSAoSFAgQ29kZXNpZ25pbmcgU2VydmljZSkgLSAxiQE+BBMBAgAoBQJU
|
|
# bRgIAhsDBQkSzAMABgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRD63Y1ksSdeo6BJCADOfIPP
|
|
# LPpIOnFK9jH4t8lLUd+RyMc+alA3uTDPUJa/ZHa6DHfh42iaPYVEV8OG0tnbMlHmwvsZ5c1/MRMw
|
|
# 1UbxCvD88P2qM4SUrUjQUlSCms2GLGvFftFXBiOJQ7/yBc9o+yoSvwPrrTxSCk4+Sqm0IfVXVzCh
|
|
# DM9dM9YPY2Vzjd+LUaYC3X+eSuggUDO0TmJLJd7tZdF9fVXq3lr63BZ5PY98MTCuOoeSMDa9FIUQ
|
|
# f6vn6UUJMDSRZ9OzhpNJOKR+ShVRwDK6My8gtVIW1EAW2w3VQWI2UNF07aLeO8UG6nTNWA23+OuZ
|
|
# kUdgQovjcq01caSefgOkmiQOx6d74CAkuQENBFRtGAgBCAC35eBfUIpnTdF5lpIBWOsWGKwNZEg1
|
|
# f5GRCc3qv2Cd0dpcDPFDiE6Oa0OjtnyzhBXWEQXfckWh53tIl5Sjhoy4Gh7z7vZEgmuw1L+ILy0Q
|
|
# 00SqMpZFZaXNn4cnkc4wy5XG1bs81ij4Xp8Gkk9oRDJfCxv6ztW7++uhmU/2w4iqJghJRZwjMKl7
|
|
# hGis8cx6vP5UCr7K7nnJqHVeO/z82ooE6XgxHHeGrLNPrzebO74PQ5iV/F5Dq9DFwYk61JaoJ9mA
|
|
# R9CKn+CDtTTCkbdv7yQKFxXQSludHInRBfuBeM28djOddZF9XCBL3n+KYWC9Mjf0SCyqiUKA/f3P
|
|
# c6KaTqCZABEBAAGJASUEGAECAA8FAlRtGAgCGwwFCRLMAwAACgkQ+t2NZLEnXqM0/gf/VwQY9rVG
|
|
# X0ZEoEAto+naRi2wLxae8AJ+JTwChaybyOFtIblM4PnG3rUmQCqFM18PNcfeSiX+dd8CuXOI/voI
|
|
# hwcfM7HP4hPTykmquHgEHp5t+/gA4+iRYDZvHthURmBzFUl4NS9AhOT7V1udUkn1lAORFc8/bcu1
|
|
# yiFIhaQRT3MtOzp+qvThPrspXAgpfOwqjSkPR2YdvvZeqWAs77k2RZQc2aknaMgjWaPLb+V8mBmg
|
|
# zRO1RDvShu8hsREaKYVMHyAeKhEYC+lX2bNCImQIs/TqhYo5sn0I5+sbpmFNwtF1gP7AF9DjcFfJ
|
|
# ruvNnfrWpNvn7vuBH6g//Qk5ZnBpwg==
|
|
# modaliases: # list of strings with modalias patterns that denote a need for this driver
|
|
# - string
|
|
# module: string # the name of the kernel module to load
|
|
# package: string # the name of the debian package containing the kernel module
|
|
# repository: string # URL to the debian repo containing the package
|
|
####
|
|
|
|
secrets:
|
|
maas_db:
|
|
admin: maas-db-admin
|
|
user: maas-db-user
|
|
maas_users:
|
|
admin: maas-admin
|
|
maas_region:
|
|
name: maas-region-secret
|
|
value: 3858f62230ac3c915f300c664312c63f
|
|
ssh_key: ssh-private-key
|
|
|
|
pod:
|
|
affinity:
|
|
anti:
|
|
type:
|
|
default: preferredDuringSchedulingIgnoredDuringExecution
|
|
topologyKey:
|
|
default: kubernetes.io/hostname
|
|
mounts:
|
|
maas_rack:
|
|
init_container: []
|
|
maas_rack:
|
|
maas_region:
|
|
init_container: []
|
|
maas_region:
|
|
export_api_key:
|
|
init_container: []
|
|
export_api_key:
|
|
replicas:
|
|
rack: 1
|
|
region: 1
|
|
resources:
|
|
enabled: false
|
|
test:
|
|
limits:
|
|
memory: "128Mi"
|
|
cpu: "500m"
|
|
requests:
|
|
memory: "128Mi"
|
|
cpu: "500m"
|
|
maas_rack:
|
|
limits:
|
|
memory: "128Mi"
|
|
cpu: "500m"
|
|
requests:
|
|
memory: "128Mi"
|
|
cpu: "500m"
|
|
maas_region:
|
|
limits:
|
|
memory: "128Mi"
|
|
cpu: "500m"
|
|
requests:
|
|
memory: "128Mi"
|
|
cpu: "500m"
|
|
jobs:
|
|
db_init:
|
|
requests:
|
|
memory: "128Mi"
|
|
cpu: "100m"
|
|
limits:
|
|
memory: "1024Mi"
|
|
cpu: "2000m"
|
|
db_sync:
|
|
requests:
|
|
memory: "128Mi"
|
|
cpu: "100m"
|
|
limits:
|
|
memory: "1024Mi"
|
|
cpu: "2000m"
|
|
bootstrap_admin_user:
|
|
requests:
|
|
memory: "128Mi"
|
|
cpu: "100m"
|
|
limits:
|
|
memory: "1024Mi"
|
|
cpu: "2000m"
|
|
import_resources:
|
|
requests:
|
|
memory: "128Mi"
|
|
cpu: "100m"
|
|
limits:
|
|
memory: "1024Mi"
|
|
cpu: "2000m"
|
|
export_api_key:
|
|
requests:
|
|
memory: "128Mi"
|
|
cpu: "100m"
|
|
limits:
|
|
memory: "1024Mi"
|
|
cpu: "2000m"
|
|
|
|
endpoints:
|
|
cluster_domain_suffix: cluster.local
|
|
maas_db:
|
|
auth:
|
|
admin:
|
|
username: postgres
|
|
password: password
|
|
user:
|
|
username: maas
|
|
password: password
|
|
database: maasdb
|
|
path: maasdb
|
|
hosts:
|
|
default: postgresql
|
|
port:
|
|
postgresql:
|
|
default: 5432
|
|
host_fqdn_override:
|
|
default: null
|
|
maas_region_ui:
|
|
name: maas-region-ui
|
|
auth:
|
|
admin:
|
|
username: admin
|
|
password: admin
|
|
email: none@none
|
|
hosts:
|
|
default: maas-region-ui
|
|
public: maas
|
|
path:
|
|
default: /MAAS
|
|
scheme:
|
|
default: 'http'
|
|
port:
|
|
region_ui:
|
|
default: 80
|
|
public: 80
|
|
host_fqdn_override:
|
|
default: null
|