"Fossies" - the Fresh Open Source Software Archive

Member "magnum-8.2.0/magnum/drivers/k8s_fedora_atomic_v1/templates/kubemaster.yaml" (6 Dec 2019, 24701 Bytes) of package /linux/misc/openstack/magnum-8.2.0.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Ansible YAML source code syntax highlighting (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file. See also the latest Fossies "Diffs" side-by-side code changes report for "kubemaster.yaml": 8.1.0_vs_8.2.0.

    1 heat_template_version: 2014-10-16
    2 
    3 description: >
    4   This is a nested stack that defines a single Kubernetes master, This stack is
    5   included by an ResourceGroup resource in the parent template
    6   (kubecluster.yaml).
    7 
    8 parameters:
    9 
   10   name:
   11     type: string
   12     description: server name
   13 
   14   server_image:
   15     type: string
   16     description: glance image used to boot the server
   17 
   18   master_flavor:
   19     type: string
   20     description: flavor to use when booting the server
   21 
   22   ssh_key_name:
   23     type: string
   24     description: name of ssh key to be provisioned on our server
   25 
   26   external_network:
   27     type: string
   28     description: uuid of a network to use for floating ip addresses
   29 
   30   portal_network_cidr:
   31     type: string
   32     description: >
   33       address range used by kubernetes for service portals
   34 
   35   kube_allow_priv:
   36     type: string
   37     description: >
   38       whether or not kubernetes should permit privileged containers.
   39     constraints:
   40       - allowed_values: ["true", "false"]
   41 
   42   etcd_volume_size:
   43     type: number
   44     description: >
   45       size of a cinder volume to allocate for etcd storage
   46 
   47   docker_volume_size:
   48     type: number
   49     description: >
   50       size of a cinder volume to allocate to docker for container/image
   51       storage
   52 
   53   docker_volume_type:
   54     type: string
   55     description: >
   56       type of a cinder volume to allocate to docker for container/image
   57       storage
   58 
   59   docker_storage_driver:
   60     type: string
   61     description: docker storage driver name
   62     default: "devicemapper"
   63 
   64   cgroup_driver:
   65     type: string
   66     description: >
   67       cgroup driver name that kubelet should use, ideally the same as
   68       the docker cgroup driver.
   69     default: "cgroupfs"
   70 
   71   volume_driver:
   72     type: string
   73     description: volume driver to use for container storage
   74 
   75   region_name:
   76     type: string
   77     description: A logically separate section of the cluster
   78 
   79   flannel_network_cidr:
   80     type: string
   81     description: network range for flannel overlay network
   82 
   83   flannel_network_subnetlen:
   84     type: number
   85     description: size of subnet assigned to each master
   86 
   87   flannel_backend:
   88     type: string
   89     description: >
   90       specify the backend for flannel, default udp backend
   91     constraints:
   92       - allowed_values: ["udp", "vxlan", "host-gw"]
   93 
   94   system_pods_initial_delay:
   95     type: number
   96     description: >
   97       health check, time to wait for system pods (podmaster, scheduler) to boot
   98       (in seconds)
   99     default: 30
  100 
  101   system_pods_timeout:
  102     type: number
  103     description: >
  104       health check, timeout for system pods (podmaster, scheduler) to answer.
  105       (in seconds)
  106     default: 5
  107 
  108   admission_control_list:
  109     type: string
  110     description: >
  111       List of admission control plugins to activate
  112 
  113   discovery_url:
  114     type: string
  115     description: >
  116       Discovery URL used for bootstrapping the etcd cluster.
  117 
  118   tls_disabled:
  119     type: boolean
  120     description: whether or not to enable TLS
  121 
  122   traefik_ingress_controller_tag:
  123     type: string
  124     description: tag of the traefik containers to be used.
  125 
  126   kube_dashboard_enabled:
  127     type: boolean
  128     description: whether or not to disable kubernetes dashboard
  129 
  130   influx_grafana_dashboard_enabled:
  131     type: boolean
  132     description: Enable influxdb with grafana dashboard for data from heapster
  133 
  134   verify_ca:
  135     type: boolean
  136     description: whether or not to validate certificate authority
  137 
  138   kubernetes_port:
  139     type: number
  140     description: >
  141       The port which are used by kube-apiserver to provide Kubernetes
  142       service.
  143 
  144   cluster_uuid:
  145     type: string
  146     description: identifier for the cluster this template is generating
  147 
  148   magnum_url:
  149     type: string
  150     description: endpoint to retrieve TLS certs from
  151 
  152   prometheus_monitoring:
  153     type: boolean
  154     description: >
  155       whether or not to have prometheus and grafana deployed
  156 
  157   grafana_admin_passwd:
  158     type: string
  159     hidden: true
  160     description: >
  161       admin user password for the Grafana monitoring interface
  162 
  163   api_public_address:
  164     type: string
  165     description: Public IP address of the Kubernetes master server.
  166     default: ""
  167 
  168   api_private_address:
  169     type: string
  170     description: Private IP address of the Kubernetes master server.
  171     default: ""
  172 
  173   fixed_network:
  174     type: string
  175     description: Network from which to allocate fixed addresses.
  176 
  177   fixed_subnet:
  178     type: string
  179     description: Subnet from which to allocate fixed addresses.
  180 
  181   network_driver:
  182     type: string
  183     description: network driver to use for instantiating container networks
  184 
  185   secgroup_kube_master_id:
  186     type: string
  187     description: ID of the security group for kubernetes master.
  188 
  189   api_pool_id:
  190     type: string
  191     description: ID of the load balancer pool of k8s API server.
  192 
  193   etcd_pool_id:
  194     type: string
  195     description: ID of the load balancer pool of etcd server.
  196 
  197   auth_url:
  198     type: string
  199     description: >
  200       url for kubernetes to authenticate
  201 
  202   username:
  203     type: string
  204     description: >
  205       user account
  206 
  207   password:
  208     type: string
  209     description: >
  210       user password
  211 
  212   http_proxy:
  213     type: string
  214     description: http proxy address for docker
  215 
  216   https_proxy:
  217     type: string
  218     description: https proxy address for docker
  219 
  220   no_proxy:
  221     type: string
  222     description: no proxies for docker
  223 
  224   kube_tag:
  225     type: string
  226     description: tag of the k8s containers used to provision the kubernetes cluster
  227 
  228   cloud_provider_tag:
  229     type: string
  230     description:
  231       tag of the kubernetes/cloud-provider-openstack
  232       https://hub.docker.com/r/k8scloudprovider/openstack-cloud-controller-manager/tags/
  233 
  234   cloud_provider_enabled:
  235     type: boolean
  236     description: Enable or disable the openstack kubernetes cloud provider
  237 
  238   etcd_tag:
  239     type: string
  240     description: tag of the etcd system container
  241 
  242   flannel_tag:
  243     type: string
  244     description: tag of the flannel system containers
  245 
  246   flannel_cni_tag:
  247     type: string
  248     description: tag of the flannel cni container
  249 
  250   kube_version:
  251     type: string
  252     description: version of kubernetes used for kubernetes cluster
  253 
  254   kube_dashboard_version:
  255     type: string
  256     description: version of kubernetes dashboard used for kubernetes cluster
  257 
  258   trustee_user_id:
  259     type: string
  260     description: user id of the trustee
  261 
  262   trustee_password:
  263     type: string
  264     description: password of the trustee
  265     hidden: true
  266 
  267   trust_id:
  268     type: string
  269     description: id of the trust which is used by the trustee
  270     hidden: true
  271 
  272   insecure_registry_url:
  273     type: string
  274     description: insecure registry url
  275 
  276   container_infra_prefix:
  277     type: string
  278     description: >
  279       prefix of container images used in the cluster, kubernetes components,
  280       kubernetes-dashboard, coredns etc
  281 
  282   etcd_lb_vip:
  283     type: string
  284     description: >
  285       etcd lb vip private used to generate certs on master.
  286     default: ""
  287 
  288   dns_service_ip:
  289     type: string
  290     description: >
  291       address used by Kubernetes DNS service
  292 
  293   dns_cluster_domain:
  294     type: string
  295     description: >
  296       domain name for cluster DNS
  297 
  298   openstack_ca:
  299     type: string
  300     description: The OpenStack CA certificate to install on the node.
  301 
  302   nodes_server_group_id:
  303     type: string
  304     description: ID of the server group for kubernetes cluster nodes.
  305 
  306   availability_zone:
  307     type: string
  308     description: >
  309       availability zone for master and nodes
  310     default: ""
  311 
  312   ca_key:
  313     type: string
  314     description: key of internal ca for the kube certificate api manager
  315     hidden: true
  316 
  317   cert_manager_api:
  318     type: boolean
  319     description: true if the kubernetes cert api manager should be enabled
  320     default: false
  321 
  322   calico_tag:
  323     type: string
  324     description: tag of the calico containers used to provision the calico node
  325 
  326   calico_cni_tag:
  327     type: string
  328     description: tag of the cni used to provision the calico node
  329 
  330   calico_kube_controllers_tag:
  331     type: string
  332     description: tag of the kube_controllers used to provision the calico node
  333 
  334   calico_ipv4pool:
  335     type: string
  336     description: Configure the IP pool from which Pod IPs will be chosen
  337 
  338   pods_network_cidr:
  339     type: string
  340     description: Configure the IP pool/range from which pod IPs will be chosen
  341 
  342   ingress_controller:
  343     type: string
  344     description: >
  345       ingress controller backend to use
  346 
  347   ingress_controller_role:
  348     type: string
  349     description: >
  350       node role where the ingress controller should run
  351 
  352   octavia_ingress_controller_tag:
  353     type: string
  354     description: Octavia ingress controller docker image tag.
  355 
  356   kubelet_options:
  357     type: string
  358     description: >
  359       additional options to be passed to the kubelet
  360 
  361   kubeapi_options:
  362     type: string
  363     description: >
  364       additional options to be passed to the api
  365 
  366   kubecontroller_options:
  367     type: string
  368     description: >
  369       additional options to be passed to the controller manager
  370 
  371   kubeproxy_options:
  372     type: string
  373     description: >
  374       additional options to be passed to the kube proxy
  375 
  376   kubescheduler_options:
  377     type: string
  378     description: >
  379       additional options to be passed to the scheduler
  380 
  381   octavia_enabled:
  382     type: boolean
  383     description: >
  384       whether or not to use Octavia for LoadBalancer type service.
  385     default: False
  386 
  387   kube_service_account_key:
  388     type: string
  389     hidden: true
  390     description: >
  391       The signed cert will be used to verify the k8s service account tokens
  392       during authentication.
  393 
  394   kube_service_account_private_key:
  395     type: string
  396     hidden: true
  397     description: >
  398       The private key will be used to sign generated k8s service account
  399       tokens.
  400 
  401   prometheus_tag:
  402     type: string
  403     description: tag of prometheus container
  404 
  405   grafana_tag:
  406     type: string
  407     description: tag of grafana container
  408 
  409   heat_container_agent_tag:
  410     type: string
  411     description: tag of the heat_container_agent system container
  412 
  413   keystone_auth_enabled:
  414     type: boolean
  415     description: >
  416       true if the keystone authN and authZ should be enabled
  417     default:
  418       false
  419 
  420   k8s_keystone_auth_tag:
  421     type: string
  422     description: tag of the k8s_keystone_auth container
  423 
  424   monitoring_enabled:
  425     type: boolean
  426     description: Enable or disable prometheus-operator monitoring solution.
  427     default: false
  428 
  429   project_id:
  430     type: string
  431     description: >
  432       project id of current project
  433 
  434   tiller_enabled:
  435     type: string
  436     description: Whether to enable tiller or not
  437 
  438   tiller_tag:
  439     type: string
  440     description: tag of tiller container
  441 
  442   tiller_namespace:
  443     type: string
  444     description: namespace where tiller will be installed
  445 
  446   auto_healing_enabled:
  447     type: boolean
  448     description: >
  449       true if the auto healing feature should be enabled
  450 
  451   auto_scaling_enabled:
  452     type: boolean
  453     description: >
  454       true if the auto scaling feature should be enabled
  455 
  456   node_problem_detector_tag:
  457     type: string
  458     description: tag of the node problem detector container
  459 
  460   draino_tag:
  461     type: string
  462     description: tag of the draino container
  463 
  464   autoscaler_tag:
  465     type: string
  466     description: tag of the autoscaler container
  467 
  468   min_node_count:
  469     type: number
  470     description: >
  471       minimum node count of cluster workers when doing scale down
  472 
  473   max_node_count:
  474     type: number
  475     description: >
  476       maximum node count of cluster workers when doing scale up
  477 
  478   nginx_ingress_controller_tag:
  479     type: string
  480     description: nginx ingress controller docker image tag
  481 
  482 resources:
  483   ######################################################################
  484   #
  485   # resource that exposes the IPs of either the kube master or the API
  486   # LBaaS pool depending on whether LBaaS is enabled for the cluster.
  487   #
  488 
  489   api_address_switch:
  490     type: Magnum::ApiGatewaySwitcher
  491     properties:
  492       pool_public_ip: {get_param: api_public_address}
  493       pool_private_ip: {get_param: api_private_address}
  494       master_public_ip: {get_attr: [kube_master_floating, floating_ip_address]}
  495       master_private_ip: {get_attr: [kube_master_eth0, fixed_ips, 0, ip_address]}
  496 
  497   ######################################################################
  498   #
  499   # software configs.  these are components that are combined into
  500   # a multipart MIME user-data archive.
  501   #
  502 
  503   write_heat_params:
  504     type: OS::Heat::SoftwareConfig
  505     properties:
  506       group: ungrouped
  507       config:
  508         str_replace:
  509           template: {get_file: ../../common/templates/kubernetes/fragments/write-heat-params-master.yaml}
  510           params:
  511             "$INSTANCE_NAME": {get_param: name}
  512             "$PROMETHEUS_MONITORING": {get_param: prometheus_monitoring}
  513             "$KUBE_API_PUBLIC_ADDRESS": {get_attr: [api_address_switch, public_ip]}
  514             "$KUBE_API_PRIVATE_ADDRESS": {get_attr: [api_address_switch, private_ip]}
  515             "$KUBE_API_PORT": {get_param: kubernetes_port}
  516             "$KUBE_NODE_PUBLIC_IP": {get_attr: [kube_master_floating, floating_ip_address]}
  517             "$KUBE_NODE_IP": {get_attr: [kube_master_eth0, fixed_ips, 0, ip_address]}
  518             "$KUBE_ALLOW_PRIV": {get_param: kube_allow_priv}
  519             "$ETCD_VOLUME": {get_resource: etcd_volume}
  520             "$ETCD_VOLUME_SIZE": {get_param: etcd_volume_size}
  521             "$DOCKER_VOLUME": {get_resource: docker_volume}
  522             "$DOCKER_VOLUME_SIZE": {get_param: docker_volume_size}
  523             "$DOCKER_STORAGE_DRIVER": {get_param: docker_storage_driver}
  524             "$CGROUP_DRIVER": {get_param: cgroup_driver}
  525             "$NETWORK_DRIVER": {get_param: network_driver}
  526             "$FLANNEL_NETWORK_CIDR": {get_param: flannel_network_cidr}
  527             "$FLANNEL_NETWORK_SUBNETLEN": {get_param: flannel_network_subnetlen}
  528             "$FLANNEL_BACKEND": {get_param: flannel_backend}
  529             "$SYSTEM_PODS_INITIAL_DELAY": {get_param: system_pods_initial_delay}
  530             "$SYSTEM_PODS_TIMEOUT": {get_param: system_pods_timeout}
  531             "$PODS_NETWORK_CIDR": {get_param: pods_network_cidr}
  532             "$PORTAL_NETWORK_CIDR": {get_param: portal_network_cidr}
  533             "$ADMISSION_CONTROL_LIST": {get_param: admission_control_list}
  534             "$ETCD_DISCOVERY_URL": {get_param: discovery_url}
  535             "$AUTH_URL": {get_param: auth_url}
  536             "$USERNAME": {get_param: username}
  537             "$PASSWORD": {get_param: password}
  538             "$CLUSTER_SUBNET": {get_param: fixed_subnet}
  539             "$TLS_DISABLED": {get_param: tls_disabled}
  540             "$TRAEFIK_INGRESS_CONTROLLER_TAG": {get_param: traefik_ingress_controller_tag}
  541             "$KUBE_DASHBOARD_ENABLED": {get_param: kube_dashboard_enabled}
  542             "$INFLUX_GRAFANA_DASHBOARD_ENABLED": {get_param: influx_grafana_dashboard_enabled}
  543             "$VERIFY_CA": {get_param: verify_ca}
  544             "$CLUSTER_UUID": {get_param: cluster_uuid}
  545             "$MAGNUM_URL": {get_param: magnum_url}
  546             "$VOLUME_DRIVER": {get_param: volume_driver}
  547             "$REGION_NAME": {get_param: region_name}
  548             "$HTTP_PROXY": {get_param: http_proxy}
  549             "$HTTPS_PROXY": {get_param: https_proxy}
  550             "$NO_PROXY": {get_param: no_proxy}
  551             "$KUBE_TAG": {get_param: kube_tag}
  552             "$CLOUD_PROVIDER_TAG": {get_param: cloud_provider_tag}
  553             "$CLOUD_PROVIDER_ENABLED": {get_param: cloud_provider_enabled}
  554             "$ETCD_TAG": {get_param: etcd_tag}
  555             "$FLANNEL_TAG": {get_param: flannel_tag}
  556             "$FLANNEL_CNI_TAG": {get_param: flannel_cni_tag}
  557             "$KUBE_VERSION": {get_param: kube_version}
  558             "$KUBE_DASHBOARD_VERSION": {get_param: kube_dashboard_version}
  559             "$TRUSTEE_USER_ID": {get_param: trustee_user_id}
  560             "$TRUSTEE_PASSWORD": {get_param: trustee_password}
  561             "$TRUST_ID": {get_param: trust_id}
  562             "$INSECURE_REGISTRY_URL": {get_param: insecure_registry_url}
  563             "$CONTAINER_INFRA_PREFIX": {get_param: container_infra_prefix}
  564             "$ETCD_LB_VIP": {get_param: etcd_lb_vip}
  565             "$DNS_SERVICE_IP": {get_param: dns_service_ip}
  566             "$DNS_CLUSTER_DOMAIN": {get_param: dns_cluster_domain}
  567             "$CERT_MANAGER_API": {get_param: cert_manager_api}
  568             "$CA_KEY": {get_param: ca_key}
  569             "$CALICO_TAG": {get_param: calico_tag}
  570             "$CALICO_CNI_TAG": {get_param: calico_cni_tag}
  571             "$CALICO_KUBE_CONTROLLERS_TAG": {get_param: calico_kube_controllers_tag}
  572             "$CALICO_IPV4POOL": {get_param: calico_ipv4pool}
  573             "$INGRESS_CONTROLLER": {get_param: ingress_controller}
  574             "$INGRESS_CONTROLLER_ROLE": {get_param: ingress_controller_role}
  575             "$OCTAVIA_INGRESS_CONTROLLER_TAG": {get_param: octavia_ingress_controller_tag}
  576             "$KUBELET_OPTIONS": {get_param: kubelet_options}
  577             "$KUBEAPI_OPTIONS": {get_param: kubeapi_options}
  578             "$KUBECONTROLLER_OPTIONS": {get_param: kubecontroller_options}
  579             "$KUBEPROXY_OPTIONS": {get_param: kubeproxy_options}
  580             "$KUBESCHEDULER_OPTIONS": {get_param: kubescheduler_options}
  581             "$OCTAVIA_ENABLED": {get_param: octavia_enabled}
  582             "$KUBE_SERVICE_ACCOUNT_KEY": {get_param: kube_service_account_key}
  583             "$KUBE_SERVICE_ACCOUNT_PRIVATE_KEY": {get_param: kube_service_account_private_key}
  584             "$PROMETHEUS_TAG": {get_param: prometheus_tag}
  585             "$GRAFANA_TAG": {get_param: grafana_tag}
  586             "$HEAT_CONTAINER_AGENT_TAG": {get_param: heat_container_agent_tag}
  587             "$KEYSTONE_AUTH_ENABLED": {get_param: keystone_auth_enabled}
  588             "$K8S_KEYSTONE_AUTH_TAG": {get_param: k8s_keystone_auth_tag}
  589             "$MONITORING_ENABLED": {get_param: monitoring_enabled}
  590             "$PROJECT_ID": {get_param: project_id}
  591             "$EXTERNAL_NETWORK_ID": {get_param: external_network}
  592             "$TILLER_ENABLED": {get_param: tiller_enabled}
  593             "$TILLER_TAG": {get_param: tiller_tag}
  594             "$TILLER_NAMESPACE": {get_param: tiller_namespace}
  595             "$NODE_PROBLEM_DETECTOR_TAG": {get_param: node_problem_detector_tag}
  596             "$AUTO_HEALING_ENABLED": {get_param: auto_healing_enabled}
  597             "$AUTO_SCALING_ENABLED": {get_param: auto_scaling_enabled}
  598             "$DRAINO_TAG": {get_param: draino_tag}
  599             "$AUTOSCALER_TAG": {get_param: autoscaler_tag}
  600             "$MIN_NODE_COUNT": {get_param: min_node_count}
  601             "$MAX_NODE_COUNT": {get_param: max_node_count}
  602             "$NGINX_INGRESS_CONTROLLER_TAG": {get_param: nginx_ingress_controller_tag}
  603 
  604   install_openstack_ca:
  605     type: OS::Heat::SoftwareConfig
  606     properties:
  607       group: ungrouped
  608       config:
  609         str_replace:
  610           params:
  611             $OPENSTACK_CA: {get_param: openstack_ca}
  612           template: {get_file: ../../common/templates/fragments/atomic-install-openstack-ca.sh}
  613 
  614   make_cert:
  615     type: OS::Heat::SoftwareConfig
  616     properties:
  617       group: ungrouped
  618       config: {get_file: ../../common/templates/kubernetes/fragments/make-cert.sh}
  619 
  620   configure_docker_storage:
  621     type: OS::Heat::SoftwareConfig
  622     properties:
  623       group: ungrouped
  624       config:
  625         str_replace:
  626           params:
  627             $configure_docker_storage_driver: {get_file: ../../common/templates/fragments/configure_docker_storage_driver_atomic.sh}
  628           template: {get_file: ../../common/templates/fragments/configure-docker-storage.sh}
  629 
  630   configure_etcd:
  631     type: OS::Heat::SoftwareConfig
  632     properties:
  633       group: ungrouped
  634       config: {get_file: ../../common/templates/kubernetes/fragments/configure-etcd.sh}
  635 
  636   write_kube_os_config:
  637     type: OS::Heat::SoftwareConfig
  638     properties:
  639       group: ungrouped
  640       config: {get_file: ../../common/templates/kubernetes/fragments/write-kube-os-config.sh}
  641 
  642   configure_kubernetes:
  643     type: OS::Heat::SoftwareConfig
  644     properties:
  645       group: ungrouped
  646       config: {get_file: ../../common/templates/kubernetes/fragments/configure-kubernetes-master.sh}
  647 
  648   enable_services:
  649     type: OS::Heat::SoftwareConfig
  650     properties:
  651       group: ungrouped
  652       config: {get_file: ../../common/templates/kubernetes/fragments/enable-services-master.sh}
  653 
  654   disable_selinux:
  655     type: OS::Heat::SoftwareConfig
  656     properties:
  657       group: ungrouped
  658       config: {get_file: ../../common/templates/kubernetes/fragments/disable-selinux.sh}
  659 
  660   add_proxy:
  661     type: OS::Heat::SoftwareConfig
  662     properties:
  663       group: ungrouped
  664       config: {get_file: ../../common/templates/kubernetes/fragments/add-proxy.sh}
  665 
  666   start_container_agent:
  667     type: OS::Heat::SoftwareConfig
  668     properties:
  669       group: ungrouped
  670       config: {get_file: ../../common/templates/kubernetes/fragments/start-container-agent.sh}
  671 
  672   kube_master_init:
  673     type: OS::Heat::MultipartMime
  674     properties:
  675       parts:
  676         - config: {get_resource: install_openstack_ca}
  677         - config: {get_resource: disable_selinux}
  678         - config: {get_resource: write_heat_params}
  679         - config: {get_resource: configure_etcd}
  680         - config: {get_resource: write_kube_os_config}
  681         - config: {get_resource: configure_docker_storage}
  682         - config: {get_resource: configure_kubernetes}
  683         - config: {get_resource: make_cert}
  684         - config: {get_resource: add_proxy}
  685         - config: {get_resource: start_container_agent}
  686         - config: {get_resource: enable_services}
  687 
  688   ######################################################################
  689   #
  690   # a single kubernetes master.
  691   #
  692 
  693   # do NOT use "_" (underscore) in the Nova server name
  694   # it creates a mismatch between the generated Nova name and its hostname
  695   # which can lead to weird problems
  696   kube-master:
  697     type: OS::Nova::Server
  698     properties:
  699       name: {get_param: name}
  700       image: {get_param: server_image}
  701       flavor: {get_param: master_flavor}
  702       key_name: {get_param: ssh_key_name}
  703       user_data_format: SOFTWARE_CONFIG
  704       software_config_transport: POLL_SERVER_HEAT
  705       user_data: {get_resource: kube_master_init}
  706       networks:
  707         - port: {get_resource: kube_master_eth0}
  708       scheduler_hints: { group: { get_param: nodes_server_group_id }}
  709       availability_zone: {get_param: availability_zone}
  710 
  711   kube_master_eth0:
  712     type: OS::Neutron::Port
  713     properties:
  714       network: {get_param: fixed_network}
  715       security_groups:
  716         - {get_param: secgroup_kube_master_id}
  717       fixed_ips:
  718         - subnet: {get_param: fixed_subnet}
  719       allowed_address_pairs:
  720         - ip_address: {get_param: pods_network_cidr}
  721       replacement_policy: AUTO
  722 
  723   kube_master_floating:
  724     type: Magnum::Optional::KubeMaster::Neutron::FloatingIP
  725     properties:
  726       floating_network: {get_param: external_network}
  727       port_id: {get_resource: kube_master_eth0}
  728 
  729   api_pool_member:
  730     type: Magnum::Optional::Neutron::LBaaS::PoolMember
  731     properties:
  732       pool: {get_param: api_pool_id}
  733       address: {get_attr: [kube_master_eth0, fixed_ips, 0, ip_address]}
  734       subnet: { get_param: fixed_subnet }
  735       protocol_port: {get_param: kubernetes_port}
  736 
  737   etcd_pool_member:
  738     type: Magnum::Optional::Neutron::LBaaS::PoolMember
  739     properties:
  740       pool: {get_param: etcd_pool_id}
  741       address: {get_attr: [kube_master_eth0, fixed_ips, 0, ip_address]}
  742       subnet: { get_param: fixed_subnet }
  743       protocol_port: 2379
  744 
  745   ######################################################################
  746   #
  747   # etcd storage.  This allocates a cinder volume and attaches it
  748   # to the master.
  749   #
  750 
  751   etcd_volume:
  752     type: Magnum::Optional::Etcd::Volume
  753     properties:
  754       size: {get_param: etcd_volume_size}
  755 
  756   etcd_volume_attach:
  757     type: Magnum::Optional::Etcd::VolumeAttachment
  758     properties:
  759       instance_uuid: {get_resource: kube-master}
  760       volume_id: {get_resource: etcd_volume}
  761       mountpoint: /dev/vdc
  762 
  763   ######################################################################
  764   #
  765   # docker storage.  This allocates a cinder volume and attaches it
  766   # to the minion.
  767   #
  768 
  769   docker_volume:
  770     type: Magnum::Optional::Cinder::Volume
  771     properties:
  772       size: {get_param: docker_volume_size}
  773       volume_type: {get_param: docker_volume_type}
  774 
  775   docker_volume_attach:
  776     type: Magnum::Optional::Cinder::VolumeAttachment
  777     properties:
  778       instance_uuid: {get_resource: kube-master}
  779       volume_id: {get_resource: docker_volume}
  780       mountpoint: /dev/vdb
  781 
  782 outputs:
  783 
  784   OS::stack_id:
  785     value: { get_resource: kube-master }
  786 
  787   kube_master_ip:
  788     value: {get_attr: [kube_master_eth0, fixed_ips, 0, ip_address]}
  789     description: >
  790       This is the "private" IP address of the Kubernetes master node.
  791 
  792   kube_master_external_ip:
  793     value: {get_attr: [kube_master_floating, floating_ip_address]}
  794     description: >
  795       This is the "public" IP address of the Kubernetes master node.