--- /dev/null
+---
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: kubernetes-apiserver
+ layeringDefinition:
+ abstract: false
+ layer: global
+ storagePolicy: cleartext
+ substitutions:
+ # Chart source
+ - src:
+ schema: pegleg/SoftwareVersions/v1
+ name: software-versions
+ path: .charts.kubernetes.apiserver
+ dest:
+ path: .source
+
+ # Images
+ - src:
+ schema: pegleg/SoftwareVersions/v1
+ name: software-versions
+ path: .images.kubernetes.apiserver
+ dest:
+ path: .values.images.tags
+
+ # IP addresses
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .kubernetes.api_service_ip
+ dest:
+ path: .values.network.kubernetes_service_ip
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .kubernetes.pod_cidr
+ dest:
+ path: .values.network.pod_cidr
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .kubernetes.service_cidr
+ dest:
+ path: .values.command_prefix[1]
+ pattern: SERVICE_CIDR
+
+ # Kubernetes Port Range
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .kubernetes.service_node_port_range
+ dest:
+ path: .values.command_prefix[2]
+ pattern: SERVICE_NODE_PORT_RANGE
+
+ # CA
+ - src:
+ schema: deckhand/CertificateAuthority/v1
+ name: kubernetes
+ path: .
+ dest:
+ path: .values.secrets.tls.ca
+
+ # Certificates
+ - src:
+ schema: deckhand/Certificate/v1
+ name: apiserver
+ path: .
+ dest:
+ path: .values.secrets.tls.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: apiserver
+ path: .
+ dest:
+ path: .values.secrets.tls.key
+ - src:
+ schema: deckhand/CertificateAuthority/v1
+ name: kubernetes-etcd
+ path: .
+ dest:
+ path: .values.secrets.etcd.tls.ca
+ - src:
+ schema: deckhand/Certificate/v1
+ name: apiserver-etcd
+ path: .
+ dest:
+ path: .values.secrets.etcd.tls.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: apiserver-etcd
+ path: .
+ dest:
+ path: .values.secrets.etcd.tls.key
+ - src:
+ schema: deckhand/PublicKey/v1
+ name: service-account
+ path: .
+ dest:
+ path: .values.secrets.service_account.public_key
+
+data:
+ chart_name: apiserver
+ release: kubernetes-apiserver
+ namespace: kube-system
+ protected:
+ continue_processing: true
+ wait:
+ timeout: 600
+ labels:
+ release_group: airship-kubernetes-apiserver
+ upgrade:
+ no_hooks: false
+ pre:
+ delete:
+ - type: job
+ labels:
+ release_group: airship-kubernetes-apiserver
+ values:
+ apiserver:
+ etcd:
+ endpoints: https://127.0.0.1:2378
+ command_prefix:
+ - /apiserver
+ - --service-cluster-ip-range=SERVICE_CIDR
+ - --service-node-port-range=SERVICE_NODE_PORT_RANGE
+ - --authorization-mode=Node,RBAC
+ - --admission-control=NamespaceLifecycle,LimitRanger,ServiceAccount,PersistentVolumeLabel,DefaultStorageClass,ResourceQuota,DefaultTolerationSeconds
+ - --endpoint-reconciler-type=lease
+ dependencies:
+ - kubernetes-apiserver-htk
+---
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: kubernetes-apiserver-htk
+ layeringDefinition:
+ abstract: false
+ layer: global
+ storagePolicy: cleartext
+ substitutions:
+ - src:
+ schema: pegleg/SoftwareVersions/v1
+ name: software-versions
+ path: .charts.kubernetes.apiserver-htk
+ dest:
+ path: .source
+data:
+ chart_name: kubernetes-apiserver-htk
+ release: kubernetes-apiserver-htk
+ namespace: kubernetes-apiserver-htk
+ values: {}
+ dependencies: []
+...