Reference Airship manifests, CICD, and reference architecture.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 

158 lines
5.9 KiB

---
# The purpose of this file is to define network related paramters that are
# referenced elsewhere in the manifests for this site.
#
# TODO: Include bare metal host FQDN naming standards
# TODO: Include ingress FQDN naming standards
schema: pegleg/CommonAddresses/v1
metadata:
schema: metadata/Document/v1
name: common-addresses
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data:
calico:
# NEWSITE-CHANGEME: The interface that calico will use. Update if your
# logical bond interface name or calico VLAN have changed from the reference
# site design.
# This should be whichever
# bond and VLAN number specified in networks/physical/networks.yaml for the Calico
# network. E.g. VLAN 22 for the calico network as a member of bond0, you
# would set "interface=bond0.22" as shown here.
ip_autodetection_method: interface=bond0.22
etcd:
# etcd service IP address
service_ip: 10.96.232.136
vip:
ingress_vip: '10.23.21.20/32'
maas_vip: '10.23.20.9/32'
dns:
# Kubernetes cluster domain. Do not change. This is internal to the cluster.
cluster_domain: cluster.local
# DNS service ip
service_ip: 10.96.0.10
# List of upstream DNS forwards. Verify you can reach them from your
# environment. If so, you should not need to change them.
upstream_servers:
- 8.8.8.8
- 8.8.4.4
# Repeat the same values as above, but formatted as a common separated
# string
upstream_servers_joined: 8.8.8.8,8.8.4.4
# NEWSITE-CHANGEME: FQDN for ingress (i.e. "publicly facing" access point)
# Choose FQDN according to the ingress/public FQDN naming conventions at
# the top of this document.
ingress_domain: atlantafoundry.com
genesis:
# NEWSITE-CHANGEME: Update with the hostname for the node which will take on
# the Genesis role. Refer to the hostname naming stardards in
# networks/physical/networks.yaml
# NOTE: Ensure that the genesis node is manually configured with this
# hostname before running `genesis.sh` on the node.
hostname: cab23-r720-11
# NEWSITE-CHANGEME: Calico IP of the Genesis node. Use the "start" value for
# the calico network defined in networks/physical/networks.yaml for this IP.
ip: 10.23.22.11
bootstrap:
# NEWSITE-CHANGEME: Update with the "start" value/IP of the static range
# defined for the pxe network in networks/physical/networks.yaml
ip: 10.23.20.11
kubernetes:
# K8s API service IP
api_service_ip: 10.96.0.1
# etcd service IP
etcd_service_ip: 10.96.0.2
# k8s pod CIDR (network which pod traffic will traverse)
pod_cidr: 10.97.0.0/16
# k8s service CIDR (network which k8s API traffic will traverse)
service_cidr: 10.96.0.0/16
# misc k8s port settings
apiserver_port: 6443
haproxy_port: 6553
service_node_port_range: 30000-32767
# etcd port settings
etcd:
container_port: 2379
haproxy_port: 2378
# NEWSITE-CHANGEME: A list of nodes (apart from Genesis) which act as the
# control plane servers. Ensure that this matches the nodes with the 'masters'
# tags applied in baremetal/nodes.yaml
masters:
- hostname: cab23-r720-12
- hostname: cab23-r720-13
- hostname: cab23-r720-14
# NEWSITE-CHANGEME: Environment proxy information.
# NOTE: Reference Airship sites do not deploy behind a proxy, so this proxy section
# should be commented out.
# However if you are in a lab that requires proxy, ensure that these proxy
# settings are correct and reachable in your environment; otherwise update
# them with the correct values for your environment.
proxy:
http: ""
https: ""
no_proxy: []
node_ports:
drydock_api: 30000
maas_api: 30001
maas_proxy: 31800 # hardcoded in MAAS
ntp:
# comma separated NTP server list. Verify that these upstream NTP servers are
# reachable in your environment; otherwise update them with the correct
# values for your environment.
servers_joined: '0.ubuntu.pool.ntp.org,1.ubuntu.pool.ntp.org,2.ubuntu.pool.ntp.org,4.ubuntu.pool.ntp.org'
# NOTE: This will be updated soon
ldap:
# NEWSITE-CHANGEME: FQDN for LDAP. Update to the FQDN that is
# relevant for your type of deployment (test vs prod values, etc).
base_url: 'ldap.example.com'
# NEWSITE-CHANGEME: As above, with the protocol included to create a full URI
url: 'ldap://ldap.example.com'
# NEWSITE-CHANGEME: Update to the correct expression relevant for this
# deployment (test vs prod values, etc)
auth_path: DC=test,DC=test,DC=com?sAMAccountName?sub?memberof=CN=test,OU=Application,OU=Groups,DC=test,DC=test,DC=com
# NEWSITE-CHANGEME: Update to the correct AD group that contains the users
# relevant for this deployment (test users vs prod users/values, etc)
common_name: test
# NEWSITE-CHANGEME: Update to the correct subdomain for your type of
# deployment (test vs prod values, etc)
subdomain: test
# NEWSITE-CHANGEME: Update to the correct domain for your type of
# deployment (test vs prod values, etc)
domain: example
storage:
ceph:
# NEWSITE-CHANGEME: CIDRs for Ceph. Update to match the network CIDR
# used for the `storage` network in networks/physical/networks.yaml
public_cidr: '10.23.23.0/24'
cluster_cidr: '10.23.23.0/24'
neutron:
# NEWSITE-CHANGEME: Overlay network for VM traffic. Ensure the bond name and
# VLAN number are consistent with what's defined for the bond and the overlay
# network in networks/physical/networks.yaml
tunnel_device: 'bond0.24'
# bond which the overlay is a member of. Ensure the bond name is consistent
# with the bond assigned to the overlay network in
# networks/physical/networks.yaml
external_iface: 'bond0'
openvswitch:
# bond which the overlay is a member of. Ensure the bond name is consistent
# with the bond assigned to the overlay network in
# networks/physical/networks.yaml
external_iface: 'bond0'
...