### - Minor changes in template (e.g. new optional attributes or
### changes in possible values, value ranges or default values)
### - Backwards compatible
-version: 2.0.0
+version: 2.0.5
### Cloud name can consist of lower case letters, digits and dash (-).
### Name must start and end with a letter or a digit.
### python -c "from passlib.hash import sha512_crypt; import getpass; print sha512_crypt.using(rounds=5000).hash(getpass.getpass())"
admin_user_password: <VALUE>
+ # Authorized public keys for the admin user
+ #admin_user_authorized_keys: []
+
### User details for the initial user (gets user_management_admin role)
initial_user_name: <VALUE>
initial_user_password: <VALUE>
#routes:
# - {to: 192.168.12.0/22, via: 192.168.12.65}
+ ### Optional.
+ ### This network is used as the underlay network for inter-cluster
+ ### communication within CaaS. Setting this network can expose CaaS cluster
+ ### services to this network.
+ ### If unspecified, infra_internal used as a fallback option.
+ #caas_oam:
+ ### Optional network mtu
+ ### If not defined default value is used.
+ #mtu: <VALUE>
+
+ ### Network domains
+ #network_domains:
+ ### User defined name for network domain
+ #rack-1:
+ ### Network address in CIDR format
+ #cidr: <VALUE>
+
+ ### Optional vlan id
+ #vlan: <VALUE>
+
+ ### IP address of the gateway for default route.
+ ### If unspecified, the subnet's first IP address assumed.
+ #gateway: <VALUE>
+
+ ### Range for IPs
+ #ip_range_start: <VALUE>
+ #ip_range_end: <VALUE>
+
+ ### Optional static routes
+ #routes:
+ # - {to: <CIDR>, via: <IP>}
+
### Provider networks
### Provider network to physical interface mapping is done
### in the network profile configuration
### the Docker bridge CIDRs of all host via this parameter.
#docker0_cidr: "172.17.0.1/16"
+ ### This parameter is used to set the overlay CIDR of the default network for containers, so pods can comminucate
+ ### over this subnet and Kubernetes services are available here also.
+ ### The parameter can be used to make sure the CIDR of this network does not overlap with any customer
+ ### specific provider network's
+ #oam_cidr: "10.244.0.0/16"
+
### Mandatory parameter. All the infrastructure's HTTP servers are secured with TLS.
### The certificates of the servers are created in infrastructure deployment time, and are signed by an externally provided CA certificate.
### This CA certificate can be configured by setting its encrypted format into this configuration parameter.
encrypted_ca_key: '["<ENCRYPTED_CA_KEY>"]'
### This parameter defines the DNS domain served by the REC DNS server for example
- ### in-cluster Kubernetes Services all belongs to this domain DNS queries.
+ ### in-cluster Kubernetes Services all belongs to this domain DNS queries.
### Outside of this domain are either rejected, or forwarded to a configured upstream DNS server (if, any).
### The default value is: rec.io
#dns_domain: "<VALUE>"
+ ### Tenant networks.
+ ### This list contains all provider networks dedicated to be used by CaaS tenant users.
+ ### These provider networks needs to binded homogenously to all CaaS hosts and the
+ ### provider network type must be caas.
+ ### SR-IOV provider networks also supported.
+ #tenant_networks: ["tenant_net1", "tenant_net2"]
+
### Storage configuration
storage:
#backends:
### Provider network physical interface.
### Either Ethernet or bonding interface.
#<interface_name1>:
+ ### Optional provider network type.
+ ###
+ ### Supported types:
+ ### caas:
+ ### Containers as a Service (CaaS) provider network
+ ### Notes:
+ ### CaaS bond interfaces are configured as a Linux bond interfaces.
+ #type: <caas>
+
### Provider networks on this interface.
### Provider networks must be defined also in the networking:
### provider_networks: configuration.
### details.
### Default: false
#trusted: [true|false]
+
+ ### Optional provider network type
+ ### - caas: configure as CaaS SR-IOV cluster network
+ ### Default: caas
+ #type: <caas>
### Use above structure for all the SR-IOV provider networks in
### this profile
#<provider_network_name2>
### Host CPU allocations.
### Any host CPUs that are not allocated for some specific purpose
### here will be automatically assigned by the system:
- ### - All remaining CPUs are allocated for the host platform.
+ ### - If the node contains 'caas' in its service_profiles remaining
+ ### CPUs are allocated for CaaS CPU pools. Remainder CaaS CPU CPUs
+ ### allocated for default container execution.
+ ### - Any CPUs that don't fall into the above categories are allocated
+ ### for the host platform.
### Optional. Allocate CPUs for the host platform.
### The configured counts determine the number of full CPU cores to
#numa0: <COUNT>
#numa1: <COUNT>
+ ### Optional. Performance tuning.
+ ### Valid values are low_latency and standard (default).
+ ### Note that low_latency mode will turn off power saving, etc
+ #tuning: <low_latency|standard>
+
+ ### Optional. Create CPU pools in CaaS CPU manager.
+ ### Type of this parameter is dictionary, consisting of the following attributes:
+ ### - exclusive_pool_percentage
+ ### - shared_pool_percentage
+ ### Attributes are optional, but at least one of them shall be defined
+ ### if caas_cpu_pools is defined. The sum of values can't exceed 100.
+ ### Minimum allocation is 1 CPU, which means anything greater than 0
+ ### ensures 1 CPU allocation.
+ #caas_cpu_pools:
+ #exclusive_pool_percentage: <VALUE>
+ #shared_pool_percentage: <VALUE>
+
### Storage profiles
storage_profiles:
### The storage_profiles section name is part of mandatory configuration.
### This parameter contains the name for the created LVM volume.
#lv_name: <VALUE>
- ### Mandatory
- ### This parameter contains the directory where to mount
- ### the backend of this profile.
- #mount_dir: <VALUE>
-
- ### Optional
- ### This parameter contains the mount options used to mount
- ### the backend. The format must be a valid fstab format.
- ### By default it is empty.
- #mount_options: <VALUE>
-
host_os:
### The value of this parameter is used to protect the entire GRUB 2 menu structure of all the infrastructure nodes.
### The configured value should be a properly salted PBKDF2 (Password-Based Key Derivation Function 2) hash.
address: <VALUE>
user: <VALUE>
password: <VALUE>
-
+ # Optional: the IPMI privilege level to request.
+ # Typical values include 'USER', 'OPERATOR', 'ADMINISTRATOR'
+ # default is 'ADMINISTRATOR' if unspecified.
+ # priv_level: <VALUE>
### Optional parameter needed for virtual deployment to identify the
### nodes the mac address for the provisioning interface
#mgmt_mac: [<VALUE1>, <VALUE2>, ...]
Code Review / ta / config-manager.git / blobdiff