site_type/sriov/templates/software/charts/kubernetes/container-networking/etcd.j2

   1 ---
   2 ##############################################################################
   3 # Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.        #
   4 #                                                                            #
   5 # Licensed under the Apache License, Version 2.0 (the "License"); you may    #
   6 # not use this file except in compliance with the License.                   #
   7 #                                                                            #
   8 # You may obtain a copy of the License at                                    #
   9 #       http://www.apache.org/licenses/LICENSE-2.0                           #
  10 #                                                                            #
  11 # Unless required by applicable law or agreed to in writing, software        #
  12 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT  #
  13 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.           #
  14 # See the License for the specific language governing permissions and        #
  15 # limitations under the License.                                             #
  16 ##############################################################################
  17
  18 schema: armada/Chart/v1
  19 metadata:
  20   schema: metadata/Document/v1
  21   name: kubernetes-calico-etcd
  22   layeringDefinition:
  23     abstract: false
  24     layer: site
  25     parentSelector:
  26         name: kubernetes-calico-etcd-global
  27     actions:
  28         - method: merge
  29           path: .
  30   storagePolicy: cleartext
  31   substitutions:
  32
  33     # Chart source
  34     - src:
  35         schema: pegleg/SoftwareVersions/v1
  36         name: software-versions
  37         path: .charts.kubernetes.calico.etcd
  38       dest:
  39         path: .source
  40
  41     # Image versions
  42     - src:
  43         schema: pegleg/SoftwareVersions/v1
  44         name: software-versions
  45         path: .images.calico.etcd
  46       dest:
  47         path: .values.images.tags
  48
  49     # IP addresses
  50     - src:
  51         schema: pegleg/CommonAddresses/v1
  52         name: common-addresses
  53         path: .calico.etcd.service_ip
  54       dest:
  55         path: .values.service.ip
  56     - src:
  57         schema: pegleg/CommonAddresses/v1
  58         name: common-addresses
  59         path: .calico.etcd.service_ip
  60       dest:
  61         path: .values.anchor.etcdctl_endpoint
  62
  63     # CAs
  64     - src:
  65         schema: deckhand/CertificateAuthority/v1
  66         name: calico-etcd
  67         path: .
  68       dest:
  69         path: .values.secrets.tls.client.ca
  70     - src:
  71         schema: deckhand/CertificateAuthority/v1
  72         name: calico-etcd-peer
  73         path: .
  74       dest:
  75         path: .values.secrets.tls.peer.ca
  76
  77     # Anchor client cert
  78     - src:
  79         schema: deckhand/Certificate/v1
  80         name: calico-etcd-anchor
  81         path: .
  82       dest:
  83         path: .values.secrets.anchor.tls.cert
  84     - src:
  85         schema: deckhand/CertificateKey/v1
  86         name: calico-etcd-anchor
  87         path: .
  88       dest:
  89         path: .values.secrets.anchor.tls.key
  90
  91     # Node names
  92 {% set count = [0] %}
  93 {% for server in yaml.masters %}
  94     - src:
  95         schema: pegleg/CommonAddresses/v1
  96         name: common-addresses
  97         path: .masters[{{count[0]}}].hostname
  98       dest:
  99         path: .values.nodes[{{count[0]}}].name
 100       {% if count.append(count.pop() + 1) %}{% endif %}
 101 {% endfor %}
 102     - src:
 103         schema: pegleg/CommonAddresses/v1
 104         name: common-addresses
 105         path: .genesis.hostname
 106       dest:
 107         path: .values.nodes[{{count[0]}}].name
 108
 109     # Server certs
 110 {% set count = [0] %}
 111 {% for server in yaml.masters %}
 112     - src:
 113         schema: deckhand/Certificate/v1
 114         name: calico-etcd-{{server.name}}
 115         path: .
 116       dest:
 117         path: .values.nodes[{{count[0]}}].tls.client.cert
 118     - src:
 119         schema: deckhand/CertificateKey/v1
 120         name: calico-etcd-{{server.name}}
 121         path: .
 122       dest:
 123         path: .values.nodes[{{count[0]}}].tls.client.key
 124     - src:
 125         schema: deckhand/Certificate/v1
 126         name: calico-etcd-{{server.name}}-peer
 127         path: .
 128       dest:
 129         path: .values.nodes[{{count[0]}}].tls.peer.cert
 130     - src:
 131         schema: deckhand/CertificateKey/v1
 132         name: calico-etcd-{{server.name}}-peer
 133         path: .
 134       dest:
 135         path: .values.nodes[{{count[0]}}].tls.peer.key
 136         {% if count.append(count.pop() + 1) %}{% endif %}
 137 {% endfor %}
 138
 139     # NOTE(mb874d): Be sure we generate these certs for genesis.
 140     - src:
 141         schema: deckhand/Certificate/v1
 142         name: calico-etcd-{{yaml.genesis.name}}
 143         path: .
 144       dest:
 145         path: .values.nodes[{{count[0]}}].tls.client.cert
 146     - src:
 147         schema: deckhand/CertificateKey/v1
 148         name: calico-etcd-{{yaml.genesis.name}}
 149         path: .
 150       dest:
 151         path: .values.nodes[{{count[0]}}].tls.client.key
 152     - src:
 153         schema: deckhand/Certificate/v1
 154         name: calico-etcd-{{yaml.genesis.name}}-peer
 155         path: .
 156       dest:
 157         path: .values.nodes[{{count[0]}}].tls.peer.cert
 158     - src:
 159         schema: deckhand/CertificateKey/v1
 160         name: calico-etcd-{{yaml.genesis.name}}-peer
 161         path: .
 162       dest:
 163         path: .values.nodes[{{count[0]}}].tls.peer.key
 164
 165 data:
 166   values:
 167     manifests:
 168       test_etcd_health: false
 169 ...