treasuremap/global/software/charts/ucp/drydock/maas.yaml

201 lines
4.8 KiB
YAML

---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: ucp-maas-global
labels:
name: ucp-maas-global
layeringDefinition:
abstract: true
layer: global
storagePolicy: cleartext
substitutions:
# Chart source
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.maas
dest:
path: .source
# Images
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .images.ucp.maas
dest:
path: .values.images.tags
# MaaS Config
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .dns.upstream_servers_joined
dest:
path: .values.conf.maas.dns.dns_servers
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .ntp.servers_joined
dest:
path: .values.conf.maas.ntp.ntp_servers
- src:
schema: deckhand/Passphrase/v1
name: maas-region-key
path: .
dest:
path: .values.secrets.maas_region.value
# Endpoint substitutions
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.postgresql
dest:
path: .values.endpoints.maas_db
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.maas_region
dest:
path: .values.endpoints.maas_region
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.maas_ingress
dest:
path: .values.endpoints.maas_ingress
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.physicalprovisioner
dest:
path: .values.endpoints.physicalprovisioner
# Account and credential substitutions
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.postgres.admin
dest:
path: .values.endpoints.maas_db.auth.admin
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.maas.postgres
dest:
path: .values.endpoints.maas_db.auth.user
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.maas.postgres.database
dest:
path: .values.endpoints.maas_db.path
pattern: DB_NAME
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.maas.admin
dest:
path: .values.endpoints.maas_region.auth.admin
# Secrets
- dest:
path: .values.endpoints.maas_region.auth.admin.password
src:
schema: deckhand/Passphrase/v1
name: ucp_maas_admin_password
path: .
- dest:
path: .values.endpoints.maas_db.auth.admin.password
src:
schema: deckhand/Passphrase/v1
name: ucp_postgres_admin_password
path: .
- dest:
path: .values.endpoints.maas_db.auth.user.password
src:
schema: deckhand/Passphrase/v1
name: ucp_maas_postgres_password
path: .
data:
chart_name: maas
release: maas
namespace: ucp
wait:
timeout: 1800
labels:
release_group: airship-maas
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: airship-maas
values:
pod:
replicas:
region: 1
rack: 1
labels:
rack:
node_selector_key: maas-control-plane
node_selector_value: enabled
region:
node_selector_key: maas-control-plane
node_selector_value: enabled
network:
proxy:
node_port:
enabled: true
jobs:
import_boot_resources:
timeout: 1800
conf:
cache:
enabled: true
maas:
credentials:
secret:
namespace: ucp
proxy:
# Use MAAS Built-in proxy. This supports environments where
# the PXE interface can not reach the internet.
# Also improves efficiency due to caching via MAAS.
proxy_enabled: 'true'
ntp:
use_external_only: 'true'
disable_ntpd_region: true
disable_ntpd_rack: true
dns:
require_dnssec: 'no'
dependencies:
- maas-htk
...
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: maas-htk
layeringDefinition:
abstract: false
layer: global
storagePolicy: cleartext
substitutions:
- src:
schema: pegleg/SoftwareVersions/v1
name: software-versions
path: .charts.ucp.maas-htk
dest:
path: .source
data:
chart_name: maas-htk
release: maas-htk
namespace: maas-htk
values: {}
dependencies: []
...