----
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: kubernetes-apiserver
- layeringDefinition:
- abstract: false
- layer: global
- storagePolicy: cleartext
- substitutions:
- # Chart source
- - src:
- schema: pegleg/SoftwareVersions/v1
- name: software-versions
- path: .charts.kubernetes.apiserver
- dest:
- path: .source
-
- # Images
- - src:
- schema: pegleg/SoftwareVersions/v1
- name: software-versions
- path: .images.kubernetes.apiserver
- dest:
- path: .values.images.tags
-
- # IP addresses
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .kubernetes.api_service_ip
- dest:
- path: .values.network.kubernetes_service_ip
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .kubernetes.pod_cidr
- dest:
- path: .values.network.pod_cidr
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .kubernetes.service_cidr
- dest:
- path: .values.command_prefix[1]
- pattern: SERVICE_CIDR
-
- # Kubernetes Port Range
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .kubernetes.service_node_port_range
- dest:
- path: .values.command_prefix[2]
- pattern: SERVICE_NODE_PORT_RANGE
-
- # CA
- - src:
- schema: deckhand/CertificateAuthority/v1
- name: kubernetes
- path: .
- dest:
- path: .values.secrets.tls.ca
-
- # Certificates
- - src:
- schema: deckhand/Certificate/v1
- name: apiserver
- path: .
- dest:
- path: .values.secrets.tls.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: apiserver
- path: .
- dest:
- path: .values.secrets.tls.key
- - src:
- schema: deckhand/CertificateAuthority/v1
- name: kubernetes-etcd
- path: .
- dest:
- path: .values.secrets.etcd.tls.ca
- - src:
- schema: deckhand/Certificate/v1
- name: apiserver-etcd
- path: .
- dest:
- path: .values.secrets.etcd.tls.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: apiserver-etcd
- path: .
- dest:
- path: .values.secrets.etcd.tls.key
- - src:
- schema: deckhand/PublicKey/v1
- name: service-account
- path: .
- dest:
- path: .values.secrets.service_account.public_key
-
-data:
- chart_name: apiserver
- release: kubernetes-apiserver
- namespace: kube-system
- protected:
- continue_processing: true
- wait:
- timeout: 600
- labels:
- release_group: airship-kubernetes-apiserver
- upgrade:
- no_hooks: false
- pre:
- delete:
- - type: job
- labels:
- release_group: airship-kubernetes-apiserver
- values:
- apiserver:
- etcd:
- endpoints: https://127.0.0.1:2378
- command_prefix:
- - /apiserver
- - --service-cluster-ip-range=SERVICE_CIDR
- - --service-node-port-range=SERVICE_NODE_PORT_RANGE
- - --authorization-mode=Node,RBAC
- - --admission-control=NamespaceLifecycle,LimitRanger,ServiceAccount,PersistentVolumeLabel,DefaultStorageClass,ResourceQuota,DefaultTolerationSeconds
- - --endpoint-reconciler-type=lease
- dependencies:
- - kubernetes-apiserver-htk
----
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: kubernetes-apiserver-htk
- layeringDefinition:
- abstract: false
- layer: global
- storagePolicy: cleartext
- substitutions:
- - src:
- schema: pegleg/SoftwareVersions/v1
- name: software-versions
- path: .charts.kubernetes.apiserver-htk
- dest:
- path: .source
-data:
- chart_name: kubernetes-apiserver-htk
- release: kubernetes-apiserver-htk
- namespace: kubernetes-apiserver-htk
- values: {}
- dependencies: []
-...