X-Git-Url: https://gerrit.akraino.org/r/gitweb?a=blobdiff_plain;f=site_type%2Fsriov%2Fairship-treasuremap%2Fsite%2Fairship-seaworthy%2Fsoftware%2Fcharts%2Fkubernetes%2Fcontainer-networking%2Fetcd.yaml;fp=site_type%2Fsriov%2Fairship-treasuremap%2Fsite%2Fairship-seaworthy%2Fsoftware%2Fcharts%2Fkubernetes%2Fcontainer-networking%2Fetcd.yaml;h=3e547eb505369da333da54652ed68e3d25cd41a7;hb=c88cf93ab1508f0dd1ec862fc02634604ca9c94d;hp=0000000000000000000000000000000000000000;hpb=65e9ce265e221f060686a69efce51f982c1833b0;p=yaml_builds.git

diff --git a/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/kubernetes/container-networking/etcd.yaml b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/kubernetes/container-networking/etcd.yaml
new file mode 100644
index 0000000..3e547eb
--- /dev/null
+++ b/site_type/sriov/airship-treasuremap/site/airship-seaworthy/software/charts/kubernetes/container-networking/etcd.yaml
@@ -0,0 +1,159 @@
+---
+# The purpose of this file is to build the list of calico etcd nodes and the
+# calico etcd certs for those nodes in the environment.
+schema: armada/Chart/v1
+metadata:
+  schema: metadata/Document/v1
+  name: kubernetes-calico-etcd
+  layeringDefinition:
+    abstract: false
+    layer: site
+    parentSelector:
+      name: kubernetes-calico-etcd-global
+    actions:
+      - method: merge
+        path: .
+  storagePolicy: cleartext
+  substitutions:
+    # Generate a list of control plane nodes (i.e. genesis node + master node
+    # list) on which calico etcd will run and will need certs. It is assumed
+    # that Airship sites will have 4 control plane nodes, so this should not need to
+    # change for a new site.
+    - src:
+        schema: pegleg/CommonAddresses/v1
+        name: common-addresses
+        path: .genesis.hostname
+      dest:
+        path: .values.nodes[0].name
+    - src:
+        schema: pegleg/CommonAddresses/v1
+        name: common-addresses
+        path: .masters[0].hostname
+      dest:
+        path: .values.nodes[1].name
+    - src:
+        schema: pegleg/CommonAddresses/v1
+        name: common-addresses
+        path: .masters[1].hostname
+      dest:
+        path: .values.nodes[2].name
+    - src:
+        schema: pegleg/CommonAddresses/v1
+        name: common-addresses
+        path: .masters[2].hostname
+      dest:
+        path: .values.nodes[3].name
+
+    # Certificate substitutions for the node names assembled on the above list.
+    # NEWSITE-CHANGEME: Per above, the number of substitutions should not need
+    # to change with a standard Airship deployment. However, the names of each
+    # deckhand certficiate should be updated with the correct hostnames for your
+    # environment. The ordering is important (Genesis is index 0, then master
+    # nodes in the order they are specified in common-addresses).
+
+    # Genesis hostname - cab23-r720-11
+    - src:
+        schema: deckhand/Certificate/v1
+        name: calico-etcd-cab23-r720-11
+        path: .
+      dest:
+        path: .values.nodes[0].tls.client.cert
+    - src:
+        schema: deckhand/CertificateKey/v1
+        name: calico-etcd-cab23-r720-11
+        path: .
+      dest:
+        path: .values.nodes[0].tls.client.key
+    - src:
+        schema: deckhand/Certificate/v1
+        name: calico-etcd-cab23-r720-11-peer
+        path: .
+      dest:
+        path: .values.nodes[0].tls.peer.cert
+    - src:
+        schema: deckhand/CertificateKey/v1
+        name: calico-etcd-cab23-r720-11-peer
+        path: .
+      dest:
+        path: .values.nodes[0].tls.peer.key
+
+    # master node 1 hostname - cab23-r720-12
+    - src:
+        schema: deckhand/Certificate/v1
+        name: calico-etcd-cab23-r720-12
+        path: .
+      dest:
+        path: .values.nodes[1].tls.client.cert
+    - src:
+        schema: deckhand/CertificateKey/v1
+        name: calico-etcd-cab23-r720-12
+        path: .
+      dest:
+        path: .values.nodes[1].tls.client.key
+    - src:
+        schema: deckhand/Certificate/v1
+        name: calico-etcd-cab23-r720-12-peer
+        path: .
+      dest:
+        path: .values.nodes[1].tls.peer.cert
+    - src:
+        schema: deckhand/CertificateKey/v1
+        name: calico-etcd-cab23-r720-12-peer
+        path: .
+      dest:
+        path: .values.nodes[1].tls.peer.key
+
+    # master node 2 hostname - cab23-r720-13
+    - src:
+        schema: deckhand/Certificate/v1
+        name: calico-etcd-cab23-r720-13
+        path: .
+      dest:
+        path: .values.nodes[2].tls.client.cert
+    - src:
+        schema: deckhand/CertificateKey/v1
+        name: calico-etcd-cab23-r720-13
+        path: .
+      dest:
+        path: .values.nodes[2].tls.client.key
+    - src:
+        schema: deckhand/Certificate/v1
+        name: calico-etcd-cab23-r720-13-peer
+        path: .
+      dest:
+        path: .values.nodes[2].tls.peer.cert
+    - src:
+        schema: deckhand/CertificateKey/v1
+        name: calico-etcd-cab23-r720-13-peer
+        path: .
+      dest:
+        path: .values.nodes[2].tls.peer.key
+
+    # master node 3 hostname - cab23-r720-14
+    - src:
+        schema: deckhand/Certificate/v1
+        name: calico-etcd-cab23-r720-14
+        path: .
+      dest:
+        path: .values.nodes[3].tls.client.cert
+    - src:
+        schema: deckhand/CertificateKey/v1
+        name: calico-etcd-cab23-r720-14
+        path: .
+      dest:
+        path: .values.nodes[3].tls.client.key
+    - src:
+        schema: deckhand/Certificate/v1
+        name: calico-etcd-cab23-r720-14-peer
+        path: .
+      dest:
+        path: .values.nodes[3].tls.peer.cert
+    - src:
+        schema: deckhand/CertificateKey/v1
+        name: calico-etcd-cab23-r720-14-peer
+        path: $
+      dest:
+        path: .values.nodes[3].tls.peer.key
+
+data: {}
+...