classes/cluster/k8s-ha-calico/kubernetes/control.yml - salt-models/mcp-virtual-lab - Gitiles

 classes:
 - service.etcd.server.cluster
 - service.kubernetes.control.cluster
 - system.haproxy.proxy.listen.kubernetes.apiserver
 - system.keepalived.cluster.instance.kube_api_server_vip
 - system.linux.system.repo.docker_legacy
 - system.salt.minion.cert.etcd_server
 - system.kubernetes.master.cluster
 - system.kubernetes.master.auth.rbac
 - system.kubernetes.control.roles.cluster-admin
 - cluster.k8s-ha-calico.kubernetes.compute
 - cluster.k8s-ha-calico
 parameters:
   _param:
     keepalived_k8s_apiserver_vip_interface: ${_param:primary_interface}
     keepalived_k8s_apiserver_vip_address: ${_param:kubernetes_control_address}
     keepalived_k8s_apiserver_vip_password: password
   etcd:
     server:
       bind:
         host: ${_param:deploy_address}
       source:
         engine: docker_hybrid
       ssl:
         enabled: true
       setup:
         calico:
           key: /calico/v1/ipam/v4/pool/${_param:calico_private_network}-${_param:calico_private_netmask}
           value: '{"masquerade":true,"cidr":"${_param:calico_private_network}/${_param:calico_private_netmask}"}'
   kubernetes:
     common:
       addons:
         dashboard:
           enabled: ${_param:kubernetes_dashboard}
           image: ${_param:kubernetes_dashboard_image}
         helm:
           enabled: ${_param:kubernetes_helm_enabled}
         calico_policy:
           enabled: ${_param:kubernetes_calico_policy_enabled}
         netchecker:
           enabled: ${_param:kubernetes_netchecker_enabled}
           agent_probeurls: ${_param:kubernetes_netchecker_agent_probeurls}
         dns:
           enabled: ${_param:kubernetes_dns}
           kubedns_image: ${_param:kubernetes_kubedns_image}
           dnsmasq_image: ${_param:kubernetes_dnsmasq_image}
           sidecar_image: ${_param:kubernetes_sidecar_image}
           autoscaler:
             image: ${_param:kubernetes_dns_autoscaler_image}
         coredns:
           enabled: ${_param:kubernetes_coredns_enabled}
         externaldns:
           enabled: ${_param:kubernetes_externaldns_enabled}
           image: ${_param:kubernetes_externaldns_image}
           provider: ${_param:kubernetes_externaldns_provider}
         metallb:
           enabled: ${_param:kubernetes_metallb_enabled}
           addresses:
           - ${_param:kubernetes_metallb_addresses_pool}
     master:
       kubelet:
         address: ${_param:single_address}
         fail_on_swap: ${_param:kubelet_fail_on_swap}
       etcd:
         ssl:
           enabled: true
       network:
         calico:
           enabled: true
           etcd:
             ssl:
               enabled: true
       namespace:
         netchecker:
           enabled: true
	classes:
	- service.etcd.server.cluster
	- service.kubernetes.control.cluster
	- system.haproxy.proxy.listen.kubernetes.apiserver
	- system.keepalived.cluster.instance.kube_api_server_vip
	- system.linux.system.repo.docker_legacy
	- system.salt.minion.cert.etcd_server
	- system.kubernetes.master.cluster
	- system.kubernetes.master.auth.rbac
	- system.kubernetes.control.roles.cluster-admin
	- cluster.k8s-ha-calico.kubernetes.compute
	- cluster.k8s-ha-calico
	parameters:
	_param:
	keepalived_k8s_apiserver_vip_interface: ${_param:primary_interface}
	keepalived_k8s_apiserver_vip_address: ${_param:kubernetes_control_address}
	keepalived_k8s_apiserver_vip_password: password
	etcd:
	server:
	bind:
	host: ${_param:deploy_address}
	source:
	engine: docker_hybrid
	ssl:
	enabled: true
	setup:
	calico:
	key: /calico/v1/ipam/v4/pool/${_param:calico_private_network}-${_param:calico_private_netmask}
	value: '{"masquerade":true,"cidr":"${_param:calico_private_network}/${_param:calico_private_netmask}"}'
	kubernetes:
	common:
	addons:
	dashboard:
	enabled: ${_param:kubernetes_dashboard}
	image: ${_param:kubernetes_dashboard_image}
	helm:
	enabled: ${_param:kubernetes_helm_enabled}
	calico_policy:
	enabled: ${_param:kubernetes_calico_policy_enabled}
	netchecker:
	enabled: ${_param:kubernetes_netchecker_enabled}
	agent_probeurls: ${_param:kubernetes_netchecker_agent_probeurls}
	dns:
	enabled: ${_param:kubernetes_dns}
	kubedns_image: ${_param:kubernetes_kubedns_image}
	dnsmasq_image: ${_param:kubernetes_dnsmasq_image}
	sidecar_image: ${_param:kubernetes_sidecar_image}
	autoscaler:
	image: ${_param:kubernetes_dns_autoscaler_image}
	coredns:
	enabled: ${_param:kubernetes_coredns_enabled}
	externaldns:
	enabled: ${_param:kubernetes_externaldns_enabled}
	image: ${_param:kubernetes_externaldns_image}
	provider: ${_param:kubernetes_externaldns_provider}
	metallb:
	enabled: ${_param:kubernetes_metallb_enabled}
	addresses:
	- ${_param:kubernetes_metallb_addresses_pool}
	master:
	kubelet:
	address: ${_param:single_address}
	fail_on_swap: ${_param:kubelet_fail_on_swap}
	etcd:
	ssl:
	enabled: true
	network:
	calico:
	enabled: true
	etcd:
	ssl:
	enabled: true
	namespace:
	netchecker:
	enabled: true