2019-04-01 09:38:33 +00:00
|
|
|
---
|
2018-08-31 14:05:45 +00:00
|
|
|
# Kubernetes dashboard
|
|
|
|
# RBAC required. see docs/getting-started.md for access details.
|
2021-03-02 08:59:19 +00:00
|
|
|
# dashboard_enabled: false
|
2018-08-31 14:05:45 +00:00
|
|
|
|
|
|
|
# Helm deployment
|
2022-08-01 17:43:11 +00:00
|
|
|
helm_enabled: true
|
2018-08-31 14:05:45 +00:00
|
|
|
|
|
|
|
# Registry deployment
|
|
|
|
registry_enabled: false
|
2018-09-25 08:39:02 +00:00
|
|
|
# registry_namespace: kube-system
|
2018-08-31 14:05:45 +00:00
|
|
|
# registry_storage_class: ""
|
|
|
|
# registry_disk_size: "10Gi"
|
|
|
|
|
2018-11-23 08:36:21 +00:00
|
|
|
# Metrics Server deployment
|
|
|
|
metrics_server_enabled: false
|
2022-01-07 16:18:33 +00:00
|
|
|
# metrics_server_container_port: 4443
|
2018-11-23 08:36:21 +00:00
|
|
|
# metrics_server_kubelet_insecure_tls: true
|
2021-08-12 15:19:48 +00:00
|
|
|
# metrics_server_metric_resolution: 15s
|
2022-01-07 16:18:33 +00:00
|
|
|
# metrics_server_kubelet_preferred_address_types: "InternalIP,ExternalIP,Hostname"
|
2018-11-23 08:36:21 +00:00
|
|
|
|
2019-02-26 06:45:30 +00:00
|
|
|
# Rancher Local Path Provisioner
|
|
|
|
local_path_provisioner_enabled: false
|
|
|
|
# local_path_provisioner_namespace: "local-path-storage"
|
|
|
|
# local_path_provisioner_storage_class: "local-path"
|
|
|
|
# local_path_provisioner_reclaim_policy: Delete
|
|
|
|
# local_path_provisioner_claim_root: /opt/local-path-provisioner/
|
|
|
|
# local_path_provisioner_debug: false
|
|
|
|
# local_path_provisioner_image_repo: "rancher/local-path-provisioner"
|
2022-01-31 09:08:24 +00:00
|
|
|
# local_path_provisioner_image_tag: "v0.0.21"
|
2020-04-08 06:51:43 +00:00
|
|
|
# local_path_provisioner_helper_image_repo: "busybox"
|
|
|
|
# local_path_provisioner_helper_image_tag: "latest"
|
2019-02-26 06:45:30 +00:00
|
|
|
|
2018-08-31 14:05:45 +00:00
|
|
|
# Local volume provisioner deployment
|
|
|
|
local_volume_provisioner_enabled: false
|
2018-09-25 08:39:02 +00:00
|
|
|
# local_volume_provisioner_namespace: kube-system
|
2020-09-17 09:44:58 +00:00
|
|
|
# local_volume_provisioner_nodelabels:
|
|
|
|
# - kubernetes.io/hostname
|
|
|
|
# - topology.kubernetes.io/region
|
|
|
|
# - topology.kubernetes.io/zone
|
2018-10-05 12:52:25 +00:00
|
|
|
# local_volume_provisioner_storage_classes:
|
2019-01-08 23:32:39 +00:00
|
|
|
# local-storage:
|
|
|
|
# host_dir: /mnt/disks
|
|
|
|
# mount_dir: /mnt/disks
|
2019-07-16 12:27:26 +00:00
|
|
|
# volume_mode: Filesystem
|
|
|
|
# fs_type: ext4
|
2019-01-08 23:32:39 +00:00
|
|
|
# fast-disks:
|
|
|
|
# host_dir: /mnt/fast-disks
|
|
|
|
# mount_dir: /mnt/fast-disks
|
|
|
|
# block_cleaner_command:
|
|
|
|
# - "/scripts/shred.sh"
|
|
|
|
# - "2"
|
|
|
|
# volume_mode: Filesystem
|
|
|
|
# fs_type: ext4
|
2022-05-10 16:04:24 +00:00
|
|
|
# local_volume_provisioner_tolerations:
|
|
|
|
# - effect: NoSchedule
|
|
|
|
# operator: Exists
|
2018-08-31 14:05:45 +00:00
|
|
|
|
2021-09-06 11:24:29 +00:00
|
|
|
# CSI Volume Snapshot Controller deployment, set this to true if your CSI is able to manage snapshots
|
|
|
|
# currently, setting cinder_csi_enabled=true would automatically enable the snapshot controller
|
|
|
|
# Longhorn is an extenal CSI that would also require setting this to true but it is not included in kubespray
|
|
|
|
# csi_snapshot_controller_enabled: false
|
2022-01-14 20:58:26 +00:00
|
|
|
# csi snapshot namespace
|
|
|
|
# snapshot_controller_namespace: kube-system
|
2021-09-06 11:24:29 +00:00
|
|
|
|
2018-08-31 14:05:45 +00:00
|
|
|
# CephFS provisioner deployment
|
|
|
|
cephfs_provisioner_enabled: false
|
|
|
|
# cephfs_provisioner_namespace: "cephfs-provisioner"
|
|
|
|
# cephfs_provisioner_cluster: ceph
|
|
|
|
# cephfs_provisioner_monitors: "172.24.0.1:6789,172.24.0.2:6789,172.24.0.3:6789"
|
|
|
|
# cephfs_provisioner_admin_id: admin
|
|
|
|
# cephfs_provisioner_secret: secret
|
|
|
|
# cephfs_provisioner_storage_class: cephfs
|
|
|
|
# cephfs_provisioner_reclaim_policy: Delete
|
|
|
|
# cephfs_provisioner_claim_root: /volumes
|
|
|
|
# cephfs_provisioner_deterministic_names: true
|
|
|
|
|
2019-04-17 06:14:02 +00:00
|
|
|
# RBD provisioner deployment
|
|
|
|
rbd_provisioner_enabled: false
|
|
|
|
# rbd_provisioner_namespace: rbd-provisioner
|
|
|
|
# rbd_provisioner_replicas: 2
|
|
|
|
# rbd_provisioner_monitors: "172.24.0.1:6789,172.24.0.2:6789,172.24.0.3:6789"
|
|
|
|
# rbd_provisioner_pool: kube
|
|
|
|
# rbd_provisioner_admin_id: admin
|
|
|
|
# rbd_provisioner_secret_name: ceph-secret-admin
|
|
|
|
# rbd_provisioner_secret: ceph-key-admin
|
|
|
|
# rbd_provisioner_user_id: kube
|
|
|
|
# rbd_provisioner_user_secret_name: ceph-secret-user
|
|
|
|
# rbd_provisioner_user_secret: ceph-key-user
|
|
|
|
# rbd_provisioner_user_secret_namespace: rbd-provisioner
|
|
|
|
# rbd_provisioner_fs_type: ext4
|
|
|
|
# rbd_provisioner_image_format: "2"
|
|
|
|
# rbd_provisioner_image_features: layering
|
|
|
|
# rbd_provisioner_storage_class: rbd
|
|
|
|
# rbd_provisioner_reclaim_policy: Delete
|
|
|
|
|
2018-08-31 14:05:45 +00:00
|
|
|
# Nginx ingress controller deployment
|
|
|
|
ingress_nginx_enabled: false
|
|
|
|
# ingress_nginx_host_network: false
|
2019-08-07 02:24:50 +00:00
|
|
|
ingress_publish_status_address: ""
|
2018-08-31 14:05:45 +00:00
|
|
|
# ingress_nginx_nodeselector:
|
2020-04-17 12:51:06 +00:00
|
|
|
# kubernetes.io/os: "linux"
|
2018-11-27 11:30:16 +00:00
|
|
|
# ingress_nginx_tolerations:
|
2019-04-17 14:58:06 +00:00
|
|
|
# - key: "node-role.kubernetes.io/master"
|
2018-11-27 11:30:16 +00:00
|
|
|
# operator: "Equal"
|
2019-01-03 11:42:23 +00:00
|
|
|
# value: ""
|
2018-11-27 11:30:16 +00:00
|
|
|
# effect: "NoSchedule"
|
2021-01-21 16:13:03 +00:00
|
|
|
# - key: "node-role.kubernetes.io/control-plane"
|
|
|
|
# operator: "Equal"
|
|
|
|
# value: ""
|
|
|
|
# effect: "NoSchedule"
|
2018-08-31 14:05:45 +00:00
|
|
|
# ingress_nginx_namespace: "ingress-nginx"
|
|
|
|
# ingress_nginx_insecure_port: 80
|
|
|
|
# ingress_nginx_secure_port: 443
|
|
|
|
# ingress_nginx_configmap:
|
|
|
|
# map-hash-bucket-size: "128"
|
2021-01-13 16:34:36 +00:00
|
|
|
# ssl-protocols: "TLSv1.2 TLSv1.3"
|
2018-08-31 14:05:45 +00:00
|
|
|
# ingress_nginx_configmap_tcp_services:
|
|
|
|
# 9000: "default/example-go:8080"
|
|
|
|
# ingress_nginx_configmap_udp_services:
|
2019-05-07 20:20:36 +00:00
|
|
|
# 53: "kube-system/coredns:53"
|
2019-11-11 11:51:41 +00:00
|
|
|
# ingress_nginx_extra_args:
|
|
|
|
# - --default-ssl-certificate=default/foo-tls
|
2021-12-02 11:23:33 +00:00
|
|
|
# ingress_nginx_termination_grace_period_seconds: 300
|
2021-04-22 07:22:38 +00:00
|
|
|
# ingress_nginx_class: nginx
|
2018-08-31 14:05:45 +00:00
|
|
|
|
2020-03-16 09:58:35 +00:00
|
|
|
# ALB ingress controller deployment
|
|
|
|
ingress_alb_enabled: false
|
|
|
|
# alb_ingress_aws_region: "us-east-1"
|
|
|
|
# alb_ingress_restrict_scheme: "false"
|
|
|
|
# Enables logging on all outbound requests sent to the AWS API.
|
|
|
|
# If logging is desired, set to true.
|
|
|
|
# alb_ingress_aws_debug: "false"
|
|
|
|
|
2018-08-31 14:05:45 +00:00
|
|
|
# Cert manager deployment
|
2022-08-01 17:43:11 +00:00
|
|
|
cert_manager_enabled: true
|
2018-08-31 14:05:45 +00:00
|
|
|
# cert_manager_namespace: "cert-manager"
|
2022-01-11 17:14:26 +00:00
|
|
|
# cert_manager_tolerations:
|
|
|
|
# - key: node-role.kubernetes.io/master
|
|
|
|
# effect: NoSchedule
|
|
|
|
# - key: node-role.kubernetes.io/control-plane
|
|
|
|
# effect: NoSchedule
|
|
|
|
# cert_manager_affinity:
|
|
|
|
# nodeAffinity:
|
|
|
|
# preferredDuringSchedulingIgnoredDuringExecution:
|
|
|
|
# - weight: 100
|
|
|
|
# preference:
|
|
|
|
# matchExpressions:
|
|
|
|
# - key: node-role.kubernetes.io/control-plane
|
|
|
|
# operator: In
|
|
|
|
# values:
|
|
|
|
# - ""
|
|
|
|
# cert_manager_nodeselector:
|
|
|
|
# kubernetes.io/os: "linux"
|
|
|
|
|
2021-11-05 16:43:52 +00:00
|
|
|
# cert_manager_trusted_internal_ca: |
|
|
|
|
# -----BEGIN CERTIFICATE-----
|
|
|
|
# [REPLACE with your CA certificate]
|
|
|
|
# -----END CERTIFICATE-----
|
2022-01-14 20:54:26 +00:00
|
|
|
# cert_manager_leader_election_namespace: kube-system
|
2020-06-29 22:11:59 +00:00
|
|
|
|
|
|
|
# MetalLB deployment
|
|
|
|
metallb_enabled: false
|
2021-05-12 12:22:17 +00:00
|
|
|
metallb_speaker_enabled: true
|
2020-06-29 22:11:59 +00:00
|
|
|
# metallb_ip_range:
|
|
|
|
# - "10.5.0.50-10.5.0.99"
|
2021-11-16 13:06:27 +00:00
|
|
|
# metallb_pool_name: "loadbalanced"
|
2022-06-13 16:40:12 +00:00
|
|
|
# metallb_auto_assign: true
|
2021-03-08 15:57:42 +00:00
|
|
|
# metallb_speaker_nodeselector:
|
|
|
|
# kubernetes.io/os: "linux"
|
|
|
|
# metallb_controller_nodeselector:
|
|
|
|
# kubernetes.io/os: "linux"
|
|
|
|
# metallb_speaker_tolerations:
|
|
|
|
# - key: "node-role.kubernetes.io/master"
|
|
|
|
# operator: "Equal"
|
|
|
|
# value: ""
|
|
|
|
# effect: "NoSchedule"
|
|
|
|
# - key: "node-role.kubernetes.io/control-plane"
|
|
|
|
# operator: "Equal"
|
|
|
|
# value: ""
|
|
|
|
# effect: "NoSchedule"
|
|
|
|
# metallb_controller_tolerations:
|
|
|
|
# - key: "node-role.kubernetes.io/master"
|
|
|
|
# operator: "Equal"
|
|
|
|
# value: ""
|
|
|
|
# effect: "NoSchedule"
|
|
|
|
# - key: "node-role.kubernetes.io/control-plane"
|
|
|
|
# operator: "Equal"
|
|
|
|
# value: ""
|
|
|
|
# effect: "NoSchedule"
|
2022-03-03 16:49:48 +00:00
|
|
|
# metallb_version: v0.12.1
|
2020-06-29 22:11:59 +00:00
|
|
|
# metallb_protocol: "layer2"
|
|
|
|
# metallb_port: "7472"
|
2021-09-01 10:00:59 +00:00
|
|
|
# metallb_memberlist_port: "7946"
|
2020-06-29 22:11:59 +00:00
|
|
|
# metallb_additional_address_pools:
|
|
|
|
# kube_service_pool:
|
|
|
|
# ip_range:
|
|
|
|
# - "10.5.1.50-10.5.1.99"
|
|
|
|
# protocol: "layer2"
|
|
|
|
# auto_assign: false
|
2020-08-05 08:52:40 +00:00
|
|
|
# metallb_protocol: "bgp"
|
|
|
|
# metallb_peers:
|
|
|
|
# - peer_address: 192.0.2.1
|
|
|
|
# peer_asn: 64512
|
|
|
|
# my_asn: 4200000000
|
|
|
|
# - peer_address: 192.0.2.2
|
|
|
|
# peer_asn: 64513
|
|
|
|
# my_asn: 4200000000
|
2021-05-03 14:16:03 +00:00
|
|
|
|
2021-11-07 10:22:51 +00:00
|
|
|
|
|
|
|
argocd_enabled: false
|
2022-07-05 15:22:47 +00:00
|
|
|
# argocd_version: v2.4.3
|
2021-11-07 10:22:51 +00:00
|
|
|
# argocd_namespace: argocd
|
|
|
|
# Default password:
|
2022-07-05 15:22:47 +00:00
|
|
|
# - https://argo-cd.readthedocs.io/en/stable/getting_started/#4-login-using-the-cli
|
2021-11-07 10:22:51 +00:00
|
|
|
# ---
|
|
|
|
# The initial password is autogenerated to be the pod name of the Argo CD API server. This can be retrieved with the command:
|
|
|
|
# kubectl get pods -n argocd -l app.kubernetes.io/name=argocd-server -o name | cut -d'/' -f 2
|
|
|
|
# ---
|
|
|
|
# Use the following var to set admin password
|
|
|
|
# argocd_admin_password: "password"
|
|
|
|
|
2021-05-03 14:16:03 +00:00
|
|
|
# The plugin manager for kubectl
|
|
|
|
krew_enabled: false
|
|
|
|
krew_root_dir: "/usr/local/krew"
|