templates/aic-clcp-manifests/software/charts/kubernetes/container-networking/etcd.j2

   1 ---
   2 ##############################################################################
   3 # Copyright © 2018 AT&T Intellectual Property. All rights reserved.          #
   4 #                                                                            #
   5 # Licensed under the Apache License, Version 2.0 (the "License"); you may    #
   6 # not use this file except in compliance with the License.                   #
   7 #                                                                            #
   8 # You may obtain a copy of the License at                                    #
   9 #       http://www.apache.org/licenses/LICENSE-2.0                           #
  10 #                                                                            #
  11 # Unless required by applicable law or agreed to in writing, software        #
  12 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT  #
  13 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.           #
  14 # See the License for the specific language governing permissions and        #
  15 # limitations under the License.                                             #
  16 ##############################################################################
  17
  18 schema: armada/Chart/v1
  19 metadata:
  20   schema: metadata/Document/v1
  21   name: kubernetes-calico-etcd
  22   layeringDefinition:
  23     abstract: false
  24     layer: site
  25     parentSelector:
  26         name: kubernetes-calico-etcd-global
  27     actions:
  28         - method: merge
  29           path: .
  30   storagePolicy: cleartext
  31   substitutions:
  32     # Node names
  33 {% set count = [0] %}
  34 {% for server in yaml.masters %}
  35     -
  36       src:
  37         schema: pegleg/CommonAddresses/v1
  38         name: common-addresses
  39         path: .masters[{{count[0]}}].hostname
  40       dest:
  41         path: .values.nodes[{{count[0]}}].name
  42       {% if count.append(count.pop() + 1) %}{% endif %}
  43 {% endfor %}
  44 {% for server in yaml.workers %}
  45     -
  46       src:
  47         schema: pegleg/CommonAddresses/v1
  48         name: common-addresses
  49         path: .masters[{{count[0]}}].hostname
  50       dest:
  51         path: .values.nodes[{{count[0]}}].name
  52       {% if count.append(count.pop() + 1) %}{% endif %}
  53 {% endfor %}
  54     -
  55       src:
  56         schema: pegleg/CommonAddresses/v1
  57         name: common-addresses
  58         path: .genesis.hostname
  59       dest:
  60         path: .values.nodes[{{count[0]}}].name
  61 {% set count = [0] %}
  62 {% for server in yaml.masters %}
  63    # Server certs
  64     -
  65       src:
  66         schema: deckhand/Certificate/v1
  67         name: calico-etcd-{{server.name}}
  68         path: .
  69       dest:
  70         path: .values.nodes[{{count[0]}}].tls.client.cert
  71     -
  72       src:
  73         schema: deckhand/CertificateKey/v1
  74         name: calico-etcd-{{server.name}}
  75         path: .
  76       dest:
  77         path: .values.nodes[{{count[0]}}].tls.client.key
  78     -
  79       src:
  80         schema: deckhand/Certificate/v1
  81         name: calico-etcd-{{server.name}}-peer
  82         path: .
  83       dest:
  84         path: .values.nodes[{{count[0]}}].tls.peer.cert
  85     -
  86       src:
  87         schema: deckhand/CertificateKey/v1
  88         name: calico-etcd-{{server.name}}-peer
  89         path: .
  90       dest:
  91         path: .values.nodes[{{count[0]}}].tls.peer.key
  92         {% if count.append(count.pop() + 1) %}{% endif %}
  93 {% endfor %}
  94 {% for server in yaml.workers %}
  95    # Server certs
  96     -
  97       src:
  98         schema: deckhand/Certificate/v1
  99         name: calico-etcd-{{server.name}}
 100         path: .
 101       dest:
 102         path: .values.nodes[{{count[0]}}].tls.client.cert
 103     -
 104       src:
 105         schema: deckhand/CertificateKey/v1
 106         name: calico-etcd-{{server.name}}
 107         path: .
 108       dest:
 109         path: .values.nodes[{{count[0]}}].tls.client.key
 110     -
 111       src:
 112         schema: deckhand/Certificate/v1
 113         name: calico-etcd-{{server.name}}-peer
 114         path: .
 115       dest:
 116         path: .values.nodes[{{count[0]}}].tls.peer.cert
 117     -
 118       src:
 119         schema: deckhand/CertificateKey/v1
 120         name: calico-etcd-{{server.name}}-peer
 121         path: .
 122       dest:
 123         path: .values.nodes[{{count[0]}}].tls.peer.key
 124         {% if count.append(count.pop() + 1) %}{% endif %}
 125 {% endfor %}
 126
 127     # NOTE(mb874d): Be sure we generate these certs for genesis.
 128     -
 129       src:
 130         schema: deckhand/Certificate/v1
 131         name: calico-etcd-{{yaml.genesis.name}}
 132         path: .
 133       dest:
 134         path: .values.nodes[{{count[0]}}].tls.client.cert
 135     -
 136       src:
 137         schema: deckhand/CertificateKey/v1
 138         name: calico-etcd-{{yaml.genesis.name}}
 139         path: .
 140       dest:
 141         path: .values.nodes[{{count[0]}}].tls.client.key
 142     -
 143       src:
 144         schema: deckhand/Certificate/v1
 145         name: calico-etcd-{{yaml.genesis.name}}-peer
 146         path: .
 147       dest:
 148         path: .values.nodes[{{count[0]}}].tls.peer.cert
 149     -
 150       src:
 151         schema: deckhand/CertificateKey/v1
 152         name: calico-etcd-{{yaml.genesis.name}}-peer
 153         path: .
 154       dest:
 155         path: .values.nodes[{{count[0]}}].tls.peer.key
 156
 157 data: {}
 158 ...