--- ############################################################################## # Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); you may # # not use this file except in compliance with the License. # # # # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # # # Unless required by applicable law or agreed to in writing, software # # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # # See the License for the specific language governing permissions and # # limitations under the License. # ############################################################################## schema: armada/Chart/v1 metadata: schema: metadata/Document/v1 name: kubernetes-etcd layeringDefinition: abstract: false layer: site parentSelector: name: kubernetes-etcd-global actions: - method: merge path: . storagePolicy: cleartext substitutions: # Chart source - src: schema: pegleg/SoftwareVersions/v1 name: software-versions path: .charts.kubernetes.etcd dest: path: .source # Images - src: schema: pegleg/SoftwareVersions/v1 name: software-versions path: .images.kubernetes.etcd dest: path: .values.images.tags # IP addresses - src: schema: pegleg/CommonAddresses/v1 name: common-addresses path: .kubernetes.etcd_service_ip dest: path: .values.service.ip - src: schema: pegleg/CommonAddresses/v1 name: common-addresses path: .kubernetes.etcd_service_ip dest: path: .values.anchor.etcdctl_endpoint # CAs - src: schema: deckhand/CertificateAuthority/v1 name: kubernetes-etcd path: . dest: path: .values.secrets.tls.client.ca - src: schema: deckhand/CertificateAuthority/v1 name: kubernetes-etcd-peer path: . dest: path: .values.secrets.tls.peer.ca - src: schema: deckhand/Certificate/v1 name: kubernetes-etcd-anchor path: . dest: path: .values.secrets.anchor.tls.cert - src: schema: deckhand/CertificateKey/v1 name: kubernetes-etcd-anchor path: . dest: path: .values.secrets.anchor.tls.key # Node names {% set count = [0] %} {% for server in yaml.masters %} - src: schema: pegleg/CommonAddresses/v1 name: common-addresses path: .masters[{{count[0]}}].hostname dest: path: .values.nodes[{{count[0]}}].name {% if count.append(count.pop() + 1) %}{% endif %} {% endfor %} - src: schema: pegleg/CommonAddresses/v1 name: common-addresses path: .genesis.hostname dest: path: .values.nodes[{{count[0]}}].name # Server certs {% set count = [0] %} {% for server in yaml.masters %} - src: schema: deckhand/Certificate/v1 name: kubernetes-etcd-{{server.name}} path: . dest: path: .values.nodes[{{count[0]}}].tls.client.cert - src: schema: deckhand/CertificateKey/v1 name: kubernetes-etcd-{{server.name}} path: . dest: path: .values.nodes[{{count[0]}}].tls.client.key - src: schema: deckhand/Certificate/v1 name: kubernetes-etcd-{{server.name}}-peer path: . dest: path: .values.nodes[{{count[0]}}].tls.peer.cert - src: schema: deckhand/CertificateKey/v1 name: kubernetes-etcd-{{server.name}}-peer path: . dest: path: .values.nodes[{{count[0]}}].tls.peer.key {% if count.append(count.pop() + 1) %}{% endif %} {% endfor %} # Genesis node - src: schema: deckhand/Certificate/v1 name: kubernetes-etcd-genesis path: . dest: path: .values.nodes[{{count[0]}}].tls.client.cert - src: schema: deckhand/CertificateKey/v1 name: kubernetes-etcd-genesis path: . dest: path: .values.nodes[{{count[0]}}].tls.client.key - src: schema: deckhand/Certificate/v1 name: kubernetes-etcd-genesis-peer path: . dest: path: .values.nodes[{{count[0]}}].tls.peer.cert - src: schema: deckhand/CertificateKey/v1 name: kubernetes-etcd-genesis-peer path: $ dest: path: .values.nodes[{{count[0]}}].tls.peer.key data: {} ...