aboutsummaryrefslogtreecommitdiffstats
path: root/kud/ci/k8s-cluster.yml
diff options
context:
space:
mode:
Diffstat (limited to 'kud/ci/k8s-cluster.yml')
-rw-r--r--kud/ci/k8s-cluster.yml83
1 files changed, 83 insertions, 0 deletions
diff --git a/kud/ci/k8s-cluster.yml b/kud/ci/k8s-cluster.yml
new file mode 100644
index 00000000..8191d4b4
--- /dev/null
+++ b/kud/ci/k8s-cluster.yml
@@ -0,0 +1,83 @@
+# SPDX-license-identifier: Apache-2.0
+##############################################################################
+# Copyright (c) 2018
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+
+# Kubernetes configuration dirs and system namespace.
+# Those are where all the additional config stuff goes
+# kubernetes normally puts in /srv/kubernetes.
+# This puts them in a sane location and namespace.
+# Editing those values will almost surely break something.
+system_namespace: kube-system
+
+docker_version: 'latest'
+
+# Logging directory (sysvinit systems)
+kube_log_dir: "/var/log/kubernetes"
+
+kube_api_anonymous_auth: true
+
+# Users to create for basic auth in Kubernetes API via HTTP
+# Optionally add groups for user
+kube_api_pwd: "secret"
+kube_users:
+ kube:
+ pass: "{{kube_api_pwd}}"
+ role: admin
+ groups:
+ - system:masters
+
+## It is possible to activate / deactivate selected authentication methods (basic auth, static token auth)
+#kube_oidc_auth: false
+kube_basic_auth: true
+kube_token_auth: true
+
+# Choose network plugin (calico, contiv, weave or flannel)
+# Can also be set to 'cloud', which lets the cloud provider setup appropriate routing
+kube_network_plugin: flannel
+
+# Make a copy of kubeconfig (admin.conf) on the host that runs Ansible to inventory/artifacts
+kubeconfig_localhost: true
+# Copy kubectl binary on the host that runs Ansible to inventory/artifacts
+kubectl_localhost: true
+# Disable nodelocal dns cache
+enable_nodelocaldns: false
+# Enable MountPropagation gate feature
+local_volumes_enabled: true
+local_volume_provisioner_enabled: true
+
+## Change this to use another Kubernetes version, e.g. a current beta release
+kube_version: v1.16.9
+
+# Helm deployment
+helm_enabled: true
+
+# Kube-proxy proxyMode configuration.
+# NOTE: Ipvs is based on netfilter hook function, but uses hash table as the underlying data structure and
+# works in the kernel space
+# https://kubernetes.io/docs/concepts/services-networking/service/#proxy-mode-ipvs
+#kube_proxy_mode: ipvs
+
+# Download container images only once then push to cluster nodes in batches
+download_run_once: False
+
+# Where the binaries will be downloaded.
+# Note: ensure that you've enough disk space (about 1G)
+local_release_dir: "/tmp/releases"
+download_cache_dir: "/tmp/kubespray_cache"
+retry_stagger: 10
+
+#Set download_localhost: True to make localhost the download delegate. This can be useful if
+#cluster nodes cannot access external addresses. To use this requires that docker is installed
+#and running on the ansible master and that the current user is either in the docker group or
+#can do passwordless sudo, to be able to access docker.
+download_localhost: False
+
+# Subnet for cluster IPs
+kube_service_addresses: 10.244.0.0/18
+# Subnet for Pod IPs
+kube_pods_subnet: 10.244.64.0/18