diff options
Diffstat (limited to 'kud/ci')
-rw-r--r-- | kud/ci/k8s-cluster.yml | 83 | ||||
-rwxr-xr-x | kud/ci/kud-installer.sh | 1 |
2 files changed, 84 insertions, 0 deletions
diff --git a/kud/ci/k8s-cluster.yml b/kud/ci/k8s-cluster.yml new file mode 100644 index 00000000..8191d4b4 --- /dev/null +++ b/kud/ci/k8s-cluster.yml @@ -0,0 +1,83 @@ +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# Copyright (c) 2018 +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +# Kubernetes configuration dirs and system namespace. +# Those are where all the additional config stuff goes +# kubernetes normally puts in /srv/kubernetes. +# This puts them in a sane location and namespace. +# Editing those values will almost surely break something. +system_namespace: kube-system + +docker_version: 'latest' + +# Logging directory (sysvinit systems) +kube_log_dir: "/var/log/kubernetes" + +kube_api_anonymous_auth: true + +# Users to create for basic auth in Kubernetes API via HTTP +# Optionally add groups for user +kube_api_pwd: "secret" +kube_users: + kube: + pass: "{{kube_api_pwd}}" + role: admin + groups: + - system:masters + +## It is possible to activate / deactivate selected authentication methods (basic auth, static token auth) +#kube_oidc_auth: false +kube_basic_auth: true +kube_token_auth: true + +# Choose network plugin (calico, contiv, weave or flannel) +# Can also be set to 'cloud', which lets the cloud provider setup appropriate routing +kube_network_plugin: flannel + +# Make a copy of kubeconfig (admin.conf) on the host that runs Ansible to inventory/artifacts +kubeconfig_localhost: true +# Copy kubectl binary on the host that runs Ansible to inventory/artifacts +kubectl_localhost: true +# Disable nodelocal dns cache +enable_nodelocaldns: false +# Enable MountPropagation gate feature +local_volumes_enabled: true +local_volume_provisioner_enabled: true + +## Change this to use another Kubernetes version, e.g. a current beta release +kube_version: v1.16.9 + +# Helm deployment +helm_enabled: true + +# Kube-proxy proxyMode configuration. +# NOTE: Ipvs is based on netfilter hook function, but uses hash table as the underlying data structure and +# works in the kernel space +# https://kubernetes.io/docs/concepts/services-networking/service/#proxy-mode-ipvs +#kube_proxy_mode: ipvs + +# Download container images only once then push to cluster nodes in batches +download_run_once: False + +# Where the binaries will be downloaded. +# Note: ensure that you've enough disk space (about 1G) +local_release_dir: "/tmp/releases" +download_cache_dir: "/tmp/kubespray_cache" +retry_stagger: 10 + +#Set download_localhost: True to make localhost the download delegate. This can be useful if +#cluster nodes cannot access external addresses. To use this requires that docker is installed +#and running on the ansible master and that the current user is either in the docker group or +#can do passwordless sudo, to be able to access docker. +download_localhost: False + +# Subnet for cluster IPs +kube_service_addresses: 10.244.0.0/18 +# Subnet for Pod IPs +kube_pods_subnet: 10.244.64.0/18 diff --git a/kud/ci/kud-installer.sh b/kud/ci/kud-installer.sh index 73c1628b..956a15a6 100755 --- a/kud/ci/kud-installer.sh +++ b/kud/ci/kud-installer.sh @@ -9,5 +9,6 @@ set -x -e -o pipefail curr_dir="$(readlink -f "$(dirname "${BASH_SOURCE[0]}")")" +cp ${curr_dir}/k8s-cluster.yml ${curr_dir}/../hosting_providers/vagrant/inventory/group_vars/k8s-cluster.yml cd ${curr_dir}/../hosting_providers/baremetal ./aio.sh |