---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
path: .
storagePolicy: cleartext
substitutions:
- # Node names
-{% set count = [0] %}
-{% for server in yaml.masters %}
- -
- src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .masters[{{count[0]}}].hostname
+
+ # Chart source
+ - src:
+ schema: pegleg/SoftwareVersions/v1
+ name: software-versions
+ path: .charts.kubernetes.calico.etcd
dest:
- path: .values.nodes[{{count[0]}}].name
- {% if count.append(count.pop() + 1) %}{% endif %}
-{% endfor %}
-{% for server in yaml.workers %}
- -
- src:
+ path: .source
+
+ # Image versions
+ - src:
+ schema: pegleg/SoftwareVersions/v1
+ name: software-versions
+ path: .images.calico.etcd
+ dest:
+ path: .values.images.tags
+
+ # IP addresses
+ - src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
- path: .masters[{{count[0]}}].hostname
+ path: .calico.etcd.service_ip
dest:
- path: .values.nodes[{{count[0]}}].name
- {% if count.append(count.pop() + 1) %}{% endif %}
-{% endfor %}
- -
- src:
+ path: .values.service.ip
+ - src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
- path: .genesis.hostname
+ path: .calico.etcd.service_ip
dest:
- path: .values.nodes[{{count[0]}}].name
-{% set count = [0] %}
-{% for server in yaml.masters %}
- # Server certs
- -
- src:
- schema: deckhand/Certificate/v1
- name: calico-etcd-{{server.name}}
+ path: .values.anchor.etcdctl_endpoint
+
+ # CAs
+ - src:
+ schema: deckhand/CertificateAuthority/v1
+ name: calico-etcd
path: .
dest:
- path: .values.nodes[{{count[0]}}].tls.client.cert
- -
- src:
- schema: deckhand/CertificateKey/v1
- name: calico-etcd-{{server.name}}
+ path: .values.secrets.tls.client.ca
+ - src:
+ schema: deckhand/CertificateAuthority/v1
+ name: calico-etcd-peer
path: .
dest:
- path: .values.nodes[{{count[0]}}].tls.client.key
- -
- src:
+ path: .values.secrets.tls.peer.ca
+
+ # Anchor client cert
+ - src:
schema: deckhand/Certificate/v1
- name: calico-etcd-{{server.name}}-peer
+ name: calico-etcd-anchor
path: .
dest:
- path: .values.nodes[{{count[0]}}].tls.peer.cert
- -
- src:
+ path: .values.secrets.anchor.tls.cert
+ - src:
schema: deckhand/CertificateKey/v1
- name: calico-etcd-{{server.name}}-peer
+ name: calico-etcd-anchor
path: .
dest:
- path: .values.nodes[{{count[0]}}].tls.peer.key
- {% if count.append(count.pop() + 1) %}{% endif %}
+ path: .values.secrets.anchor.tls.key
+
+ # Node names
+{% set count = [0] %}
+{% for server in yaml.masters %}
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .masters[{{count[0]}}].hostname
+ dest:
+ path: .values.nodes[{{count[0]}}].name
+ {% if count.append(count.pop() + 1) %}{% endif %}
{% endfor %}
-{% for server in yaml.workers %}
- # Server certs
- -
- src:
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .genesis.hostname
+ dest:
+ path: .values.nodes[{{count[0]}}].name
+
+ # Server certs
+{% set count = [0] %}
+{% for server in yaml.masters %}
+ - src:
schema: deckhand/Certificate/v1
name: calico-etcd-{{server.name}}
path: .
dest:
path: .values.nodes[{{count[0]}}].tls.client.cert
- -
- src:
+ - src:
schema: deckhand/CertificateKey/v1
name: calico-etcd-{{server.name}}
path: .
dest:
path: .values.nodes[{{count[0]}}].tls.client.key
- -
- src:
+ - src:
schema: deckhand/Certificate/v1
name: calico-etcd-{{server.name}}-peer
path: .
dest:
path: .values.nodes[{{count[0]}}].tls.peer.cert
- -
- src:
+ - src:
schema: deckhand/CertificateKey/v1
name: calico-etcd-{{server.name}}-peer
path: .
{% endfor %}
# NOTE(mb874d): Be sure we generate these certs for genesis.
- -
- src:
+ - src:
schema: deckhand/Certificate/v1
name: calico-etcd-{{yaml.genesis.name}}
path: .
dest:
path: .values.nodes[{{count[0]}}].tls.client.cert
- -
- src:
+ - src:
schema: deckhand/CertificateKey/v1
name: calico-etcd-{{yaml.genesis.name}}
path: .
dest:
path: .values.nodes[{{count[0]}}].tls.client.key
- -
- src:
+ - src:
schema: deckhand/Certificate/v1
name: calico-etcd-{{yaml.genesis.name}}-peer
path: .
dest:
path: .values.nodes[{{count[0]}}].tls.peer.cert
- -
- src:
+ - src:
schema: deckhand/CertificateKey/v1
name: calico-etcd-{{yaml.genesis.name}}-peer
path: .
dest:
path: .values.nodes[{{count[0]}}].tls.peer.key
-data: {}
+data:
+ values:
+ manifests:
+ test_etcd_health: false
...