| classes: |
| - service.etcd.server.cluster |
| - service.kubernetes.control.cluster |
| - system.haproxy.proxy.listen.kubernetes.apiserver |
| - system.keepalived.cluster.instance.kube_api_server_vip |
| - system.linux.system.repo.docker_legacy |
| - system.salt.minion.cert.etcd_server |
| - system.kubernetes.master.cluster |
| - system.kubernetes.master.auth.rbac |
| - system.kubernetes.control.roles.cluster-admin |
| - system.kubernetes.control.roles.genie-pod-patch |
| - cluster.k8s-ha-calico-flannel-virtlet.kubernetes.compute |
| - cluster.k8s-ha-calico-flannel-virtlet |
| parameters: |
| _param: |
| keepalived_k8s_apiserver_vip_interface: ${_param:primary_interface} |
| keepalived_k8s_apiserver_vip_address: ${_param:kubernetes_control_address} |
| keepalived_k8s_apiserver_vip_password: password |
| etcd: |
| server: |
| bind: |
| host: ${_param:deploy_address} |
| source: |
| engine: docker_hybrid |
| ssl: |
| enabled: true |
| setup: |
| calico: |
| key: /calico/v1/ipam/v4/pool/${_param:calico_private_network}-${_param:calico_private_netmask} |
| value: '{"masquerade":true,"cidr":"${_param:calico_private_network}/${_param:calico_private_netmask}"}' |
| kubernetes: |
| common: |
| addons: |
| dashboard: |
| enabled: ${_param:kubernetes_dashboard} |
| image: ${_param:kubernetes_dashboard_image} |
| helm: |
| enabled: ${_param:kubernetes_helm_enabled} |
| calico_policy: |
| enabled: ${_param:kubernetes_calico_policy_enabled} |
| netchecker: |
| enabled: ${_param:kubernetes_netchecker_enabled} |
| agent_probeurls: ${_param:kubernetes_netchecker_agent_probeurls} |
| dns: |
| enabled: ${_param:kubernetes_dns} |
| kubedns_image: ${_param:kubernetes_kubedns_image} |
| dnsmasq_image: ${_param:kubernetes_dnsmasq_image} |
| sidecar_image: ${_param:kubernetes_sidecar_image} |
| autoscaler: |
| image: ${_param:kubernetes_dns_autoscaler_image} |
| coredns: |
| enabled: ${_param:kubernetes_coredns_enabled} |
| externaldns: |
| enabled: ${_param:kubernetes_externaldns_enabled} |
| image: ${_param:kubernetes_externaldns_image} |
| provider: ${_param:kubernetes_externaldns_provider} |
| metallb: |
| enabled: ${_param:kubernetes_metallb_enabled} |
| addresses: |
| - ${_param:kubernetes_metallb_addresses_pool} |
| master: |
| kubelet: |
| address: ${_param:single_address} |
| fail_on_swap: ${_param:kubelet_fail_on_swap} |
| etcd: |
| ssl: |
| enabled: true |
| network: |
| genie: |
| enabled: true |
| default_plugin: calico |
| image: ${_param:kubernetes_genie_image} |
| flannel: |
| enabled: true |
| private_ip_range: 10.20.0.0/16 |
| calico: |
| enabled: true |
| etcd: |
| ssl: |
| enabled: true |
| namespace: |
| netchecker: |
| enabled: true |