From eda7f7cdd7ea6fd56da27cec4d9ba5d1b45779c2 Mon Sep 17 00:00:00 2001 From: Bertrand THOMAS Date: Thu, 10 Aug 2023 12:14:52 +0200 Subject: [PATCH] Create Rancher cluster template chart (#24) * Initiate rancher-cluster-templates chart * Copied files from official examples repo * Chart improvement Remove duplicate code * Add all empty providers even if empty * Start updating all configs * Review all configs * Fix lint issues * Validation started on Azure * Make azure cluster creation work --- .gitignore | 2 + README.md | 1 + .../rancher-cluster-templates/CONTRIBUTING.md | 37 ++ charts/rancher-cluster-templates/Chart.yaml | 13 + charts/rancher-cluster-templates/README.md | 58 ++ .../rancher-cluster-templates/docs/azure.md | 22 + .../examples/values_aws.yaml | 37 ++ .../examples/values_azure.yaml | 44 ++ .../examples/values_cloudscale.yaml | 13 + .../examples/values_digitalocean.yaml | 20 + .../examples/values_equinix.yaml | 12 + .../examples/values_exoscale.yaml | 12 + .../examples/values_harvester.yaml | 20 + .../examples/values_linode.yaml | 12 + .../examples/values_nutanix.yaml | 12 + .../examples/values_openstack.yaml | 12 + .../examples/values_outscale.yaml | 12 + .../examples/values_vsphere.yaml | 19 + .../rancher-cluster-templates/questions.yaml | 563 ++++++++++++++++++ .../templates/_helpers.tpl | 0 .../templates/amazonec2config.yaml | 117 ++++ .../templates/azureconfig.yaml | 59 ++ .../templates/cloudscaleconfig.yaml | 43 ++ .../templates/cluster.yaml | 180 ++++++ .../templates/clusterroletemplatebinding.yaml | 11 + .../templates/digitaloceanconfig.yaml | 31 + .../templates/exoscaleconfig.yaml | 31 + .../templates/harvesterconfig.yaml | 38 ++ .../templates/linodeconfig.yaml | 33 + .../templates/managedcharts.yaml | 50 ++ .../templates/nutanixconfig.yaml | 36 ++ .../templates/openstackconfig.yaml | 60 ++ .../templates/outscaleconfig.yaml | 37 ++ .../templates/packetconfig.yaml | 49 ++ .../templates/vsphereconfig.yaml | 63 ++ charts/rancher-cluster-templates/values.yaml | 77 +++ 36 files changed, 1836 insertions(+) create mode 100644 charts/rancher-cluster-templates/CONTRIBUTING.md create mode 100644 charts/rancher-cluster-templates/Chart.yaml create mode 100644 charts/rancher-cluster-templates/README.md create mode 100644 charts/rancher-cluster-templates/docs/azure.md create mode 100644 charts/rancher-cluster-templates/examples/values_aws.yaml create mode 100644 charts/rancher-cluster-templates/examples/values_azure.yaml create mode 100644 charts/rancher-cluster-templates/examples/values_cloudscale.yaml create mode 100644 charts/rancher-cluster-templates/examples/values_digitalocean.yaml create mode 100644 charts/rancher-cluster-templates/examples/values_equinix.yaml create mode 100644 charts/rancher-cluster-templates/examples/values_exoscale.yaml create mode 100644 charts/rancher-cluster-templates/examples/values_harvester.yaml create mode 100644 charts/rancher-cluster-templates/examples/values_linode.yaml create mode 100644 charts/rancher-cluster-templates/examples/values_nutanix.yaml create mode 100644 charts/rancher-cluster-templates/examples/values_openstack.yaml create mode 100644 charts/rancher-cluster-templates/examples/values_outscale.yaml create mode 100644 charts/rancher-cluster-templates/examples/values_vsphere.yaml create mode 100644 charts/rancher-cluster-templates/questions.yaml create mode 100644 charts/rancher-cluster-templates/templates/_helpers.tpl create mode 100644 charts/rancher-cluster-templates/templates/amazonec2config.yaml create mode 100644 charts/rancher-cluster-templates/templates/azureconfig.yaml create mode 100644 charts/rancher-cluster-templates/templates/cloudscaleconfig.yaml create mode 100644 charts/rancher-cluster-templates/templates/cluster.yaml create mode 100644 charts/rancher-cluster-templates/templates/clusterroletemplatebinding.yaml create mode 100644 charts/rancher-cluster-templates/templates/digitaloceanconfig.yaml create mode 100644 charts/rancher-cluster-templates/templates/exoscaleconfig.yaml create mode 100644 charts/rancher-cluster-templates/templates/harvesterconfig.yaml create mode 100644 charts/rancher-cluster-templates/templates/linodeconfig.yaml create mode 100644 charts/rancher-cluster-templates/templates/managedcharts.yaml create mode 100644 charts/rancher-cluster-templates/templates/nutanixconfig.yaml create mode 100644 charts/rancher-cluster-templates/templates/openstackconfig.yaml create mode 100644 charts/rancher-cluster-templates/templates/outscaleconfig.yaml create mode 100644 charts/rancher-cluster-templates/templates/packetconfig.yaml create mode 100644 charts/rancher-cluster-templates/templates/vsphereconfig.yaml create mode 100644 charts/rancher-cluster-templates/values.yaml diff --git a/.gitignore b/.gitignore index ee30dc8..fc5800a 100644 --- a/.gitignore +++ b/.gitignore @@ -3,4 +3,6 @@ # local temporary files temp*.yaml +temp.sh /charts/temp/ +values_mine.yaml diff --git a/README.md b/README.md index 712af4c..7878670 100644 --- a/README.md +++ b/README.md @@ -49,6 +49,7 @@ Helm charts to ease the deployment of containers on Kubernetes clusters and get * [Traefik](charts/traefik/README.md) 🗸 * Management * [Rancher](charts/rancher/README.md) 🗸 + * [Rancher Cluster Templates](charts/rancher-cluster-templates/README.md) 🗸 * Observability * [Elastic Stack](charts/elastic-stack/README.md) * [OpenTelemetry Collector](charts/opentelemetry-collector/README.md) 🗸 diff --git a/charts/rancher-cluster-templates/CONTRIBUTING.md b/charts/rancher-cluster-templates/CONTRIBUTING.md new file mode 100644 index 0000000..cd1c154 --- /dev/null +++ b/charts/rancher-cluster-templates/CONTRIBUTING.md @@ -0,0 +1,37 @@ +# Contribution guide + +## How to check the manifest code quality + +```bash +# checks code style +helm lint + +# checks the Kubernetes objects generated from the chart on a specific case defined in values_mine.yaml +helm template my-cluster . -f values.yaml -f values_mine.yaml --namespace fleet-default > temp.yaml +``` + +## How to deploy the chart from the sources + +💡 This commands must be run on the Kubernetes cluster hosting Rancher (called `local` by default). + +### Example with a cluster on Azure + +```bash +# copies the example +cp examples/values_azure.yaml values_mine.yaml +resourcekey=$(openssl rand -hex 6) +sed -i "s/CLUSTER_NAME/az-rke2-$resourcekey/g" values_mine.yaml +sed -i "s/AZURE_PREFIX/$USER-$resourcekey/g" values_mine.yaml +sed -i "s/CLOUD_CREDENTIAL_SECRET//g" values_mine.yaml + +# runs the installation with Helm +helm upgrade --install rke2-azure-cluster01 . -f values.yaml -f values_mine.yaml --namespace fleet-default + +# removes the installation +helm uninstall rke2-azure-cluster01 -n fleet-default +``` + +## How to troubleshoot + +* Follow the steps from the start by looking at the machine-provision job (in fleet-default namespace) +* In case of issue with remaining Kubernetes resources even after helm uninstall, force delete the machine diff --git a/charts/rancher-cluster-templates/Chart.yaml b/charts/rancher-cluster-templates/Chart.yaml new file mode 100644 index 0000000..345ddd4 --- /dev/null +++ b/charts/rancher-cluster-templates/Chart.yaml @@ -0,0 +1,13 @@ +apiVersion: v2 +name: rancher-cluster-templates +description: Helm chart for managing Rancher cluster templates +type: application +version: "0.1.0" +appVersion: "0.1.0" +annotations: + catalog.cattle.io/type: cluster-template + catalog.cattle.io/namespace: fleet-default +maintainers: + - name: devpro + email: bertrand@devpro.fr +home: https://github.com/devpro/helm-charts/tree/main/charts/rancher-cluster-templates diff --git a/charts/rancher-cluster-templates/README.md b/charts/rancher-cluster-templates/README.md new file mode 100644 index 0000000..31f80cc --- /dev/null +++ b/charts/rancher-cluster-templates/README.md @@ -0,0 +1,58 @@ +# Helm chart for Kratos + +This Helm chart will create a Kubernetes cluster from Rancher through [Cluster Templates](https://ranchermanager.docs.rancher.com/how-to-guides/new-user-guides/manage-clusters/manage-cluster-templates). + +## Usage + +### Quickstart + +```bash +# makes sure adds devpro Helm repository has been added +helm repo add devpro https://devpro.github.io/helm-charts +helm repo update + +# double checks you are connected to the Kubernetes cluster hosting Rancher +kubectl get nodes + +# installs the chart with default parameters +helm upgrade --install my-cluster rancher-cluster-templates -f values.yaml --namespace fleet-default + +# removes the installation +helm uninstall my-cluster -n fleet-default +``` + +## Configuration + +### Infrastructure providers + +Provider | Examples | Templates | Node Driver +--------------------------------------|----------------------------------------------------------|---------------------------------------------------------|---------------- +**Amazon Web Services (AWS)** | [values_aws](examples/values_aws.yaml) | [amazonec2config](templates/amazonec2config.yaml) | `Amazon EC2` +**Azure** | [values_azure](examples/values_azure.yaml) | [azureconfig](templates/azureconfig.yaml) | `Azure` +**CloudScale** | [values_cloudscale](examples/values_cloudscale.yaml) | [cloudscaleconfig](templates/cloudscaleconfig.yaml) | `Cloudscale` +**Digitial Ocean** | [values_digitalocean](examples/values_digitalocean.yaml) | [digitaloceanconfig](templates/digitaloceanconfig.yaml) | `DigitalOcean` +**Exoscale** | [values_digitalocean](examples/values_digitalocean.yaml) | [digitaloceanconfig](templates/digitaloceanconfig.yaml) | `Exoscale` +**Equinix Metal (previously Packet)** | [values_equinix](examples/values_equinix.yaml) | [packetconfig](templates/packetconfig.yaml) | `Equinix Metal` +**Harvester** | [values_harvester](examples/values_harvester.yaml) | [harvesterconfig](templates/harvesterconfig.yaml) | `Harvester` +**Linode** | [values_linode](examples/values_linode.yaml) | [linodeconfig](templates/linodeconfig.yaml) | `Linode` +**Nutanix** | [values_nutanix](examples/values_nutanix.yaml) | [nutanixconfig](templates/nutanixconfig.yaml) | `Nutanix` +**OpenStack** | [values_openstack](examples/values_openstack.yaml) | [openstackconfig](templates/openstackconfig.yaml) | `OpenStack` +**Outscale** | [values_aws](examples/values_outscale.yaml) | [outscaleconfig](templates/outscaleconfig.yaml) | `Outscale` +**VMware vSphere** | [values_vsphere](examples/values_vsphere.yaml) | [vsphereconfig](templates/vsphereconfig.yaml) | `vSphere` + +## Contributing + +Follow the [guide](CONTRIBUTING.md). + +### Going further + +* [Azure](docs/azure.md) +* GitOps approach + * [ArgoCD](https://github.com/devpro/helm-charts#from-argocd) + * [Fleet](https://github.com/devpro/helm-charts#from-fleet) +* [Rancher Apps](https://github.com/devpro/helm-charts#from-rancher) + +## Inspirations + +* [bloriot/rancher-cluster-templates](https://github.com/bloriot/rancher-cluster-templates) +* [rancher/cluster-template-examples](https://github.com/rancher/cluster-template-examples) diff --git a/charts/rancher-cluster-templates/docs/azure.md b/charts/rancher-cluster-templates/docs/azure.md new file mode 100644 index 0000000..69b6f86 --- /dev/null +++ b/charts/rancher-cluster-templates/docs/azure.md @@ -0,0 +1,22 @@ +# Azure Cloud + +## Design + +* [Availability sets overview](https://learn.microsoft.com/en-us/azure/virtual-machines/availability-set-overview) + +## Configuration + +* Find image reference (ref. [Find Azure Marketplace image information using the Azure CLI](https://learn.microsoft.com/en-us/azure/virtual-machines/linux/cli-ps-findimage)) + +```bash +# displays popular images +az vm image list --output table + +# lists Ubuntu 20.04 images +az vm image list --all --publisher="Canonical" --sku="20_04-lts-gen2" +``` + +## Troubleshooting + +* Open Monitor in Azure Portal, and look in Activity log for operations in error + * Click on the operation to see the detail of the error diff --git a/charts/rancher-cluster-templates/examples/values_aws.yaml b/charts/rancher-cluster-templates/examples/values_aws.yaml new file mode 100644 index 0000000..f3b45e6 --- /dev/null +++ b/charts/rancher-cluster-templates/examples/values_aws.yaml @@ -0,0 +1,37 @@ +cloudprovider: aws + +cloudCredentialSecretName: aws + +nodepools: +- etcd: true + controlplane: true + worker: true + labels: {} + taints: {} + quantity: 1 + paused: false + name: nodepool-1 + deviceName: "/dev/sda1" + encryptEbsVolume: false + endpoint: "" + iamInstanceProfile: "" + insecureTransport: false + instanceType: t3a.medium + region: us-west-2 + createSecurityGroup: true + keypairName: "" + securityGroupReadonly: false + sshKeyContents: "" + subnetId: "" + monitoring: false + privateAddressOnly: false + requestSpotInstance: false + retries: 5 + rootSize: 16 + spotPrice: 0.5 + sshUser: ubuntu + volumeType: gp2 + useEbsOptimizedInstance: false + usePrivateAddress: false + userdata: "" + zone: a diff --git a/charts/rancher-cluster-templates/examples/values_azure.yaml b/charts/rancher-cluster-templates/examples/values_azure.yaml new file mode 100644 index 0000000..6acf2be --- /dev/null +++ b/charts/rancher-cluster-templates/examples/values_azure.yaml @@ -0,0 +1,44 @@ +cluster: + name: CLUSTER_NAME + +cloudprovider: azure +cloudCredentialSecretName: CLOUD_CREDENTIAL_SECRET # Cloud Credential for Azure (example: cattle-global-data:) +# agentEnvs: [] + +# clusterMembers: +# - principalName: "local://u-z8zl5" +# roleTemplateName: "cluster-member" + +nodepools: +- etcd: true + controlplane: true + worker: true + labels: {} + annotations: {} + quantity: 1 + paused: false + name: nodepool-1 + # displayName: "" + # rollingUpdate: + # maxUnavailable: "5" + # maxSurge: "1" + # machineDeploymentLabels: {} + # machineDeploymentAnnotations: {} + availabilitySet: "avs-AZURE_PREFIX" + environment: AzurePublicCloud + image: "Canonical:0001-com-ubuntu-server-focal:20_04-lts-gen2:20.04.202307240" + managedDisks: true + nsg: "nsg-AZURE_PREFIX" + region: westus + openPort: + - 6443/tcp # Kubernetes API + - 2379/tcp # etcd client port + - 2380/tcp # etcd peer port + - 10250/tcp # kubelet + resourceGroup: "rg-AZURE_PREFIX" + size: Standard_DS2_v2 + sshUser: azureuser + storageType: Standard_LRS + subnet: rke2 + subnetPrefix: "192.168.0.0/16" + vnet: "vnet-AZURE_PREFIX" diff --git a/charts/rancher-cluster-templates/examples/values_cloudscale.yaml b/charts/rancher-cluster-templates/examples/values_cloudscale.yaml new file mode 100644 index 0000000..3d544d9 --- /dev/null +++ b/charts/rancher-cluster-templates/examples/values_cloudscale.yaml @@ -0,0 +1,13 @@ +cloudprovider: cloudscale + +cloudCredentialSecretName: cloudscale + +nodepools: +- etcd: true + controlplane: true + worker: true + labels: {} + taints: {} + quantity: 1 + paused: false + name: nodepool-1 diff --git a/charts/rancher-cluster-templates/examples/values_digitalocean.yaml b/charts/rancher-cluster-templates/examples/values_digitalocean.yaml new file mode 100644 index 0000000..706d351 --- /dev/null +++ b/charts/rancher-cluster-templates/examples/values_digitalocean.yaml @@ -0,0 +1,20 @@ +cloudprovider: digitalocean + +cloudCredentialSecretName: digitalocean + +nodepools: +- etcd: true + controlplane: true + worker: true + labels: {} + taints: {} + quantity: 1 + name: nodepool-1 + image: ubuntu-20-04-x64 + ipv6: false + monitoring: false + privateNetworking: false + region: sfo3 + size: s-4vcpu-8gb + sshPort: 22 + sshUser: root diff --git a/charts/rancher-cluster-templates/examples/values_equinix.yaml b/charts/rancher-cluster-templates/examples/values_equinix.yaml new file mode 100644 index 0000000..4cf6ebd --- /dev/null +++ b/charts/rancher-cluster-templates/examples/values_equinix.yaml @@ -0,0 +1,12 @@ +cloudprovider: equinix + +cloudCredentialSecretName: equinix + +nodepools: +- etcd: true + controlplane: true + worker: true + labels: {} + taints: {} + quantity: 1 + name: nodepool-1 diff --git a/charts/rancher-cluster-templates/examples/values_exoscale.yaml b/charts/rancher-cluster-templates/examples/values_exoscale.yaml new file mode 100644 index 0000000..3253c91 --- /dev/null +++ b/charts/rancher-cluster-templates/examples/values_exoscale.yaml @@ -0,0 +1,12 @@ +cloudprovider: exoscale + +cloudCredentialSecretName: exoscale + +nodepools: +- etcd: true + controlplane: true + worker: true + labels: {} + taints: {} + quantity: 1 + name: nodepool-1 diff --git a/charts/rancher-cluster-templates/examples/values_harvester.yaml b/charts/rancher-cluster-templates/examples/values_harvester.yaml new file mode 100644 index 0000000..e0301fb --- /dev/null +++ b/charts/rancher-cluster-templates/examples/values_harvester.yaml @@ -0,0 +1,20 @@ +cloudprovider: harvester + +cloudCredentialSecretName: harvester + +nodepools: +- etcd: true + controlplane: true + worker: true + labels: {} + taints: {} + quantity: 1 + name: harvester-nodepool-1 + diskSize: 40 + diskBus: virtio + cpuCount: 4 + memorySize: 8 + networkName: default/network-name-1 + imageName: default/image-rand + vmNamespace: default + sshUser: ubuntu diff --git a/charts/rancher-cluster-templates/examples/values_linode.yaml b/charts/rancher-cluster-templates/examples/values_linode.yaml new file mode 100644 index 0000000..7a4b0aa --- /dev/null +++ b/charts/rancher-cluster-templates/examples/values_linode.yaml @@ -0,0 +1,12 @@ +cloudprovider: linode + +cloudCredentialSecretName: linode + +nodepools: +- etcd: true + controlplane: true + worker: true + labels: {} + taints: {} + quantity: 1 + name: nodepool-1 diff --git a/charts/rancher-cluster-templates/examples/values_nutanix.yaml b/charts/rancher-cluster-templates/examples/values_nutanix.yaml new file mode 100644 index 0000000..16e24ac --- /dev/null +++ b/charts/rancher-cluster-templates/examples/values_nutanix.yaml @@ -0,0 +1,12 @@ +cloudprovider: nutanix + +cloudCredentialSecretName: nutanix + +nodepools: +- etcd: true + controlplane: true + worker: true + labels: {} + taints: {} + quantity: 1 + name: nodepool-1 diff --git a/charts/rancher-cluster-templates/examples/values_openstack.yaml b/charts/rancher-cluster-templates/examples/values_openstack.yaml new file mode 100644 index 0000000..f2b2e7d --- /dev/null +++ b/charts/rancher-cluster-templates/examples/values_openstack.yaml @@ -0,0 +1,12 @@ +cloudprovider: openstack + +cloudCredentialSecretName: openstack + +nodepools: +- etcd: true + controlplane: true + worker: true + labels: {} + taints: {} + quantity: 1 + name: nodepool-1 diff --git a/charts/rancher-cluster-templates/examples/values_outscale.yaml b/charts/rancher-cluster-templates/examples/values_outscale.yaml new file mode 100644 index 0000000..29f4658 --- /dev/null +++ b/charts/rancher-cluster-templates/examples/values_outscale.yaml @@ -0,0 +1,12 @@ +cloudprovider: outscale + +cloudCredentialSecretName: outscale + +nodepools: +- etcd: true + controlplane: true + worker: true + labels: {} + taints: {} + quantity: 1 + name: nodepool-1 diff --git a/charts/rancher-cluster-templates/examples/values_vsphere.yaml b/charts/rancher-cluster-templates/examples/values_vsphere.yaml new file mode 100644 index 0000000..9515601 --- /dev/null +++ b/charts/rancher-cluster-templates/examples/values_vsphere.yaml @@ -0,0 +1,19 @@ +cloudprovider: vsphere + +cloudCredentialSecretName: vsphere + +nodepools: +- etcd: true + controlplane: true + worker: true + labels: {} + taints: {} + quantity: 1 + paused: false + name: nodepool-1 + cpuCount: "2" + creationType: "vm" + diskSize: "20480" + sshPort: "22" + sshUserGroup: staff + vcenterPort: 443 diff --git a/charts/rancher-cluster-templates/questions.yaml b/charts/rancher-cluster-templates/questions.yaml new file mode 100644 index 0000000..c7a49d7 --- /dev/null +++ b/charts/rancher-cluster-templates/questions.yaml @@ -0,0 +1,563 @@ +questions: + - variable: cluster.name + default: mycluster + description: "Specify the name of the cluster" + label: "Cluster Name" + required: true + type: string + group: "General" + - variable: cloudCredentialSecretName + default: + description: "CloudCredentialName for provisioning cluster" + label: "CloudCredential Name" + type: cloudcredential + group: "General" + - variable: cloudprovider + default: custom + description: "Specify Infrastructure provider for underlying nodes" + label: "Infrastructure Provider" + type: enum + required: true + options: + - amazonec2 + - digitalocean + - azure + - vsphere + - harvester + - custom + group: "General" + - variable: kubernetesVersion + default: v1.22.6+rke2r1 + description: "Specify Kubernetes version" + label: "Kubernetes Version" + type: enum + required: true + options: + - v1.21.6+rke2r1 + - v1.21.7+rke2r1 + - v1.21.8+rke2r1 + - v1.21.9+rke2r1 + - v1.22.5+rke2r1 + - v1.21.6+rke2r1 + group: "General" + - variable: rke.localClusterAuthEndpoint.enabled + default: false + label: "Local Auth endpoint" + description: "Enable local auth access endpoint" + type: boolean + group: "Auth Access Endpoint" + show_subquestion_if: true + subquestions: + - variable: rke.localClusterAuthEndpoint.fqdn + default: + description: "Local auth access endpoint FQDN" + label: "Auth Endpoint FQDN" + type: hostname + group: "Auth Access Endpoint" + - variable: rke.localClusterAuthEndpoint.caCerts + default: + label: "Auth Endpoint Cacerts" + description: "Local auth access endpoint CACerts" + type: multiline + group: "Auth Access Endpoint" + - variable: monitoring.enabled + default: false + label: "Enable monitoring" + description: "Enable monitoring" + type: boolean + group: "Monitoring" + show_subquestion_if: true + subquestions: + - variable: monitoring.version + default: + label: "Monitoring Version" + description: "Choose chart version of monitoring. If empty latest version will be installed" + type: string + group: "Monitoring" + - variable: monitoring.values + default: + label: "Monitoring Values" + description: "Custom monitoring chart values" + type: multiline + group: "Monitoring" + - variable: nodepools.0.name + default: + description: "Specify nodepool name" + type: string + label: "Nodepool name" + required: true + show_if: cloudprovider=amazonec2 || cloudprovider=vsphere || cloudprovider=azure || cloudprovider=digitalocean || cloudprovider=harvester + group: "Nodepools" + - variable: nodepools.0.quantity + default: 1 + description: "Specify node count" + type: int + required: true + show_if: cloudprovider=amazonec2 || cloudprovider=vsphere || cloudprovider=azure || cloudprovider=digitalocean || cloudprovider=harvester + label: "Node count" + group: "Nodepools" + - variable: nodepools.0.etcd + default: true + label: etcd + type: boolean + show_if: cloudprovider=amazonec2 || cloudprovider=vsphere || cloudprovider=azure || cloudprovider=digitalocean || cloudprovider=harvester + group: "Nodepools" + - variable: nodepools.0.worker + default: true + label: worker + type: boolean + show_if: cloudprovider=amazonec2 || cloudprovider=vsphere || cloudprovider=azure || cloudprovider=digitalocean || cloudprovider=harvester + group: "Nodepools" + - variable: nodepools.0.controlplane + label: controlplane + default: true + type: boolean + show_if: cloudprovider=amazonec2 || cloudprovider=vsphere || cloudprovider=azure || cloudprovider=digitalocean || cloudprovider=harvester + group: "Nodepools" + # EC2 + - variable: nodepools.0.region + label: "Region" + default: us-west-2 + type: string + description: "AWS EC2 region" + required: true + show_if: cloudprovider=amazonec2 + group: "Nodepools" + - variable: nodepools.0.zone + label: "Zone" + default: a + type: string + description: "AWS EC2 zone" + required: true + show_if: cloudprovider=amazonec2 + group: "Nodepools" + - variable: nodepools.0.instanceType + label: "Instance Type" + default: t3a.medium + type: string + description: "AWS instance type" + required: true + show_if: cloudprovider=amazonec2 + group: "Nodepools" + - variable: nodepools.0.rootSize + label: "Root Disk Size" + default: 16g + type: string + description: "AWS EC2 root disk size" + show_if: cloudprovider=amazonec2 + group: "Nodepools" + - variable: nodepools.0.vpcId + label: "VPC/SUBNET" + default: "" + type: string + description: "AWS EC2 vpc ID" + required: true + show_if: cloudprovider=amazonec2 + group: "Nodepools" + - variable: nodepools.0.iamInstanceProfile + label: "Instance Profile Name" + default: "" + type: string + description: "AWS EC2 Instance Profile Name" + show_if: cloudprovider=amazonec2 + group: "Nodepools" + - variable: nodepools.0.ami + label: "AMI ID" + default: "" + type: string + description: "AWS EC2 AMI ID" + show_if: cloudprovider=amazonec2 + group: "Nodepools" + - variable: nodepools.0.sshUser + label: "SSH Username for AMI" + default: ubuntu + type: string + description: "AWS EC2 SSH Username for AMI" + show_if: cloudprovider=amazonec2 + group: "Nodepools" + - variable: nodepools.0.createSecurityGroup + label: "Create security group" + default: true + type: boolean + description: "Whether to create `rancher-node` security group. If false, can provide with existing security group" + show_if: cloudprovider=amazonec2 + group: "Nodepools" + show_subquestion_if: false + subquestions: + - variable: nodepools.0.securityGroups + label: "Security groups" + default: + type: string + description: "Using existing security groups" + group: "Nodepools" + # vsphere + - variable: nodepools.0.vcenter + label: "vSphere IP/hostname" + default: "" + type: hostname + description: "vSphere IP/hostname for vCenter" + required: true + show_if: cloudprovider=vsphere + group: "Nodepools" + - variable: nodepools.0.datacenter + label: "Vsphere Datacenter" + default: "" + type: hostname + description: "vSphere datacenter for virtual machine" + required: true + show_if: cloudprovider=vsphere + group: "Nodepools" + - variable: nodepools.0.datastore + label: "Vsphere Datastore" + default: "" + type: string + description: "vSphere datastore for virtual machine" + required: true + show_if: cloudprovider=vsphere + group: "Nodepools" + - variable: nodepools.0.datastoreCluster + label: "Vsphere DatastoreCluster" + default: "" + type: string + description: "vSphere datastore cluster for virtual machine" + required: true + show_if: cloudprovider=vsphere + group: "Nodepools" + - variable: nodepools.0.diskSize + label: "Disk Size" + default: "20480" + type: string + description: "vSphere size of disk for docker VM (in MB)" + show_if: cloudprovider=vsphere + group: "Nodepools" + - variable: nodepools.0.memorySize + label: "Memory Size" + default: "2048" + type: string + description: "vSphere size of memory for docker VM (in MB)" + show_if: cloudprovider=vsphere + group: "Nodepools" + - variable: nodepools.0.network + label: "Network" + default: "" + type: string + description: "vSphere network where the virtual machine will be attached" + show_if: cloudprovider=vsphere + group: "Nodepools" + - variable: nodepools.0.pool + label: "Resource Pool" + default: "" + type: string + description: "vSphere resource pool for docker VM" + show_if: cloudprovider=vsphere + group: "Nodepools" + - variable: nodepools.0.sshPort + label: "SSH Port" + default: "22" + type: string + description: "If using a non-B2D image you can specify the ssh port" + show_if: cloudprovider=vsphere + group: "Nodepools" + - variable: nodepools.0.sshUserGroup + label: "SSH User Group" + default: docker:staff + type: hostname + description: "If using a non-B2D image the uploaded keys will need chown'ed, defaults to staff e.g. docker:staff" + show_if: cloudprovider=vsphere + group: "Nodepools" + - variable: nodepools.0.vappIpallocationpolicy + label: "IP allocation policy" + default: "" + type: enum + options: + - dhcp + - fixed + - transient + - fixedAllocated + description: "'vSphere vApp IP allocation policy. Supported values are: dhcp, fixed, transient and fixedAllocated'" + show_if: cloudprovider=vsphere + group: "Nodepools" + - variable: nodepools.0.vappIpprotocol + label: "IP protocol" + default: "" + type: enum + options: + - IPv4 + - IPv6 + description: "'vSphere vApp IP protocol for this deployment. Supported values are: IPv4 and IPv6'" + show_if: cloudprovider=vsphere + group: "Nodepools" + # HARVESTER + - variable: nodepools.0.diskSize + label: "Disk Size" + default: 40 + type: string + description: "Size of virtual hard disk in GB" + show_if: cloudprovider=harvester + group: "Nodepools" + - variable: nodepools.0.diskBus + label: "Disk Bus Type" + default: string + type: virtio + description: "harvester disk type" + show_if: cloudprovider=harvester + group: "Nodepools" + - variable: nodepools.0.cpuCount + label: "CPUs" + default: 2 + type: string + description: "number of CPUs for your VM" + show_if: cloudprovider=harvester + group: "Nodepools" + - variable: nodepools.0.memorySize + label: "Memory Size" + default: 4 + type: string + description: "Memory for VM in GB (available RAM)" + show_if: cloudprovider=harvester + group: "Nodepools" + - variable: nodepools.0.networkName + label: "Network" + default: default/network-name-1 + type: string + description: "Name of vlan network in harvester" + show_if: cloudprovider=harvester + group: "Nodepools" + - variable: nodepools.0.imageName + label: "Name of Image" + default: default/image-rand + type: string + description: "Name of image in harvester" + show_if: cloudprovider=harvester + group: "Nodepools" + - variable: nodepools.0.vmNamespace + label: "vm Namespace" + default: default + type: string + description: "namespace to deploy the VM to" + show_if: cloudprovider=harvester + group: "Nodepools" + - variable: nodepools.0.sshUser + label: "SSH User" + default: ubuntu + type: string + description: "SSH username" + show_if: cloudprovider=harvester + group: "Nodepools" + # DO + - variable: nodepools.0.image + label: "Image" + default: ubuntu-20-04-x64 + type: string + description: "Digital Ocean Image" + show_if: cloudprovider=digitalocean + group: "Nodepools" + - variable: nodepools.0.backups + label: "Backup" + default: false + type: boolean + description: "enable backups for droplet" + show_if: cloudprovider=digitalocean + group: "Nodepools" + - variable: nodepools.0.ipv6 + label: "IPv6" + default: false + type: boolean + description: "enable ipv6 for droplet" + show_if: cloudprovider=digitalocean + group: "Nodepools" + - variable: nodepools.0.monitoring + label: "Monitoring" + default: false + type: boolean + description: "enable monitoring for droplet" + show_if: cloudprovider=digitalocean + group: "Nodepools" + - variable: nodepools.0.privateNetworking + label: "Private Networking" + default: false + type: boolean + description: "enable private networking for droplet" + show_if: cloudprovider=digitalocean + group: "Nodepools" + - variable: nodepools.0.region + label: "Region" + default: sfo3 + type: string + description: "Digital Ocean region" + show_if: cloudprovider=digitalocean + group: "Nodepools" + - variable: nodepools.0.size + label: "Size" + default: s-4vcpu-8gb + type: string + description: "Digital Ocean size" + show_if: cloudprovider=digitalocean + group: "Nodepools" + - variable: nodepools.0.userdata + label: "Userdata" + default: + type: multiline + description: "File contents for userdata" + show_if: cloudprovider=digitalocean + group: "Nodepools" + - variable: nodepools.0.sshPort + label: "SSH Port" + default: 22 + type: string + description: "SSH port" + show_if: cloudprovider=digitalocean + group: "Nodepools" + - variable: nodepools.0.sshUser + label: "SSH User" + default: root + type: string + description: "SSH username" + show_if: cloudprovider=digitalocean + group: "Nodepools" + # Azure + - variable: nodepools.0.availabilitySet + label: "Availability Set" + default: docker-machine + type: string + description: "Azure Availability Set to place the virtual machine into" + show_if: cloudprovider=azure + group: "Nodepools" + - variable: nodepools.0.diskSize + label: "Disk Size" + default: "" + type: string + description: "Disk size if using managed disk(Gib)" + show_if: cloudprovider=azure + group: "Nodepools" + - variable: nodepools.0.dns + label: "DNS" + default: "" + type: string + description: "A unique DNS label for the public IP adddress" + show_if: cloudprovider=azure + group: "Nodepools" + - variable: nodepools.0.environment + label: "Environment" + default: AzurePublicCloud + type: enum + options: + - AzurePublicCloud + - AzureGermanCloud + - AzureChinaCloud + - AzureUSGovernmentCloud + description: "Azure environment" + show_if: cloudprovider=azure + group: "Nodepools" + - variable: nodepools.0.faultDomainCount + label: "Fault Domain Count" + default: "" + type: string + description: "Fault domain count to use for availability set" + show_if: cloudprovider=azure + group: "Nodepools" + - variable: nodepools.0.image + label: "Image" + default: canonical:UbuntuServer:18.04-LTS:latest + type: string + description: "Azure virtual machine OS image" + show_if: cloudprovider=azure + group: "Nodepools" + - variable: nodepools.0.location + label: "Location" + default: westus + type: string + description: "Azure region to create the virtual machine" + show_if: cloudprovider=azure + group: "Nodepools" + - variable: nodepools.0.managedDisks + label: "Managed Disks" + default: false + type: boolean + description: "Configures VM and availability set for managed disks" + show_if: cloudprovider=azure + group: "Nodepools" + - variable: nodepools.0.noPublicIp + label: "No Public IP" + default: false + type: boolean + description: "Do not create a public IP address for the machine" + show_if: cloudprovider=azure + group: "Nodepools" + - variable: nodepools.0.privateIpAddress + label: "Private IP Address" + default: "" + type: string + description: "Specify a static private IP address for the machine" + show_if: cloudprovider=azure + group: "Nodepools" + - variable: nodepools.0.resourceGroup + label: "Resource Group" + default: docker-machine + type: string + description: "Azure Resource Group name (will be created if missing)" + show_if: cloudprovider=azure + group: "Nodepools" + - variable: nodepools.0.size + label: "Size" + default: "Standard_D2_v2" + type: string + description: "Size for Azure Virtual Machine" + show_if: cloudprovider=azure + group: "Nodepools" + - variable: nodepools.0.sshUser + label: "SSH Username" + default: docker-user + type: string + description: "Username for SSH login" + show_if: cloudprovider=azure + group: "Nodepools" + - variable: nodepools.0.staticPublicIp + label: "Static Public IP" + default: false + type: boolean + description: "Assign a static public IP address to the machine" + show_if: cloudprovider=azure + group: "Nodepools" + - variable: nodepools.0.storageType + label: "Storage Account" + default: "Standard_LRS" + type: string + description: "Type of Storage Account to host the OS Disk for the machine" + show_if: cloudprovider=azure + group: "Nodepools" + - variable: nodepools.0.subnet + label: "Subnet" + default: docker-machine + type: string + description: "Azure Subnet Name to be used within the Virtual Network" + show_if: cloudprovider=azure + group: "Nodepools" + - variable: nodepools.0.subnetPrefix + label: "Subnet Prefix" + default: "192.168.0.0/16" + type: string + description: "Private CIDR block to be used for the new subnet, should comply RFC 1918" + show_if: cloudprovider=azure + group: "Nodepools" + - variable: nodepools.0.updateDomainCount + label: "Update Domain Count" + default: "" + type: string + description: "Update domain count to use for availability set" + show_if: cloudprovider=azure + group: "Nodepools" + - variable: nodepools.0.usePrivateIp + label: "Use Private IP" + default: false + type: boolean + description: "Azure Subnet Name to be used within the Virtual Network" + show_if: cloudprovider=azure + group: "Nodepools" + - variable: nodepools.0.vnet + label: "Vnet" + default: "docker-machine-vnet" + type: string + description: "Azure Virtual Network name to connect the virtual machine (in [resourcegroup:]name format)" + show_if: cloudprovider=azure + group: "Nodepools" diff --git a/charts/rancher-cluster-templates/templates/_helpers.tpl b/charts/rancher-cluster-templates/templates/_helpers.tpl new file mode 100644 index 0000000..e69de29 diff --git a/charts/rancher-cluster-templates/templates/amazonec2config.yaml b/charts/rancher-cluster-templates/templates/amazonec2config.yaml new file mode 100644 index 0000000..5424e4b --- /dev/null +++ b/charts/rancher-cluster-templates/templates/amazonec2config.yaml @@ -0,0 +1,117 @@ +{{- if eq .Values.cloudprovider "aws" }} +{{- range $index, $nodepool := .Values.nodepools }} +--- +# Amazon EC2 configuration (ref. amazonec2configs.rke-machine-config.cattle.io CRD) +apiVersion: rke-machine-config.cattle.io/v1 +kind: Amazonec2Config +metadata: + name: {{ $nodepool.name }} + namespace: fleet-default +{{- if $nodepool.labels }} + labels: +{{ toYaml $nodepool.labels | indent 4 }} +{{- end }} + # annotations: +# accessKey: string +{{- if $nodepool.ami }} +ami: {{ $nodepool.ami }} +{{- end }} +{{- if $nodepool.blockDurationMinutes }} +blockDurationMinutes: {{ $nodepool.blockDurationMinutes }} +{{- end }} +{{- if $nodepool.deviceName }} +deviceName: {{ $nodepool.deviceName }} +{{- end }} +{{- if $nodepool.encryptEbsVolume }} +encryptEbsVolume: {{ $nodepool.encryptEbsVolume }} +{{- end }} +{{- if $nodepool.endpoint }} +endpoint: {{ $nodepool.endpoint }} +# httpEndpoint: +# httpTokens: +{{- end }} +{{- if $nodepool.iamInstanceProfile }} +iamInstanceProfile: {{ $nodepool.iamInstanceProfile }} +{{- end }} +{{- if $nodepool.insecureTransport }} +insecureTransport: {{ $nodepool.insecureTransport }} +{{- end }} +{{- if $nodepool.instanceType }} +instanceType: {{ $nodepool.instanceType }} +{{- end }} +{{- if $nodepool.keypairName }} +keypairName: {{ $nodepool.keypairName }} +# kmsKey: +{{- end }} +{{- if $nodepool.monitoring }} +monitoring: {{ $nodepool.monitoring }} +{{- end }} +{{- if $nodepool.openPort}} +openPort: + {{- range $i, $port := $nodepool.openPort }} + - {{ $port }} + {{- end }} +{{- end }} +{{- if $nodepool.privateAddressOnly }} +privateAddressOnly: {{ $nodepool.privateAddressOnly }} +{{- end }} +{{- if $nodepool.region }} +region: {{ $nodepool.region }} +{{- end }} +{{- if $nodepool.requestSpotInstance }} +requestSpotInstance: {{ $nodepool.requestSpotInstance }} +{{- end }} +{{- if $nodepool.retries }} +retries: {{ $nodepool.retries }} +{{- end }} +{{- if $nodepool.rootSize }} +rootSize: {{ $nodepool.rootSize }} +{{- end }} +# secretKey: +securityGroup: + {{- if $nodepool.createSecurityGroup }} + - rancher-nodes + {{- else }} + {{ toYaml $nodepool.securityGroups | indent 2 }} + {{- end }} +{{- if $nodepool.securityGroupReadonly }} +securityGroupReadonly: {{ $nodepool.securityGroupReadonly }} +{{- end }} +{{- if $nodepool.sessionToken }} +sessionToken: {{ $nodepool.sessionToken }} +{{- end }} +{{- if $nodepool.spotPrice }} +spotPrice: {{ $nodepool.spotPrice }} +{{- end }} +{{- if $nodepool.sshKeyContents }} +sshKeyContents: {{ $nodepool.sshKeyContents }} +{{- end }} +{{- if $nodepool.sshUser }} +sshUser: {{ $nodepool.sshUser }} +{{- end }} +{{- if $nodepool.subnetId }} +subnetId: {{ $nodepool.subnetId }} +{{- end }} +{{- if $nodepool.tags }} +tags: {{ $nodepool.tags }} +{{- end }} +{{- if $nodepool.useEbsOptimizedInstance }} +useEbsOptimizedInstance: {{ $nodepool.useEbsOptimizedInstance }} +{{- end }} +{{- if $nodepool.usePrivateAddress }} +usePrivateAddress: {{ $nodepool.usePrivateAddress }} +{{- end }} +{{- if $nodepool.userdata }} +userdata: {{ $nodepool.userdata }} +{{- end }} +{{- if $nodepool.volumeType }} +volumeType: {{ $nodepool.volumeType }} +{{- end }} +{{- if $nodepool.vpcId }} +vpcId: {{ $nodepool.vpcId }} +{{- end }} +{{- if $nodepool.zone }} +zone: {{ $nodepool.zone }} +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/rancher-cluster-templates/templates/azureconfig.yaml b/charts/rancher-cluster-templates/templates/azureconfig.yaml new file mode 100644 index 0000000..31b3251 --- /dev/null +++ b/charts/rancher-cluster-templates/templates/azureconfig.yaml @@ -0,0 +1,59 @@ +{{- if eq .Values.cloudprovider "azure" }} +{{- range $index, $nodepool := .Values.nodepools }} +--- +# Azure configuration (ref. azureconfigs.rke-machine-config.cattle.io CRD) +apiVersion: rke-machine-config.cattle.io/v1 +kind: AzureConfig +metadata: + name: {{ $nodepool.name }} + namespace: fleet-default + {{- if $nodepool.annotations }} + labels: + {{- toYaml $nodepool.annotations | indent 4 }} + {{- end }} + {{- if $nodepool.labels }} + labels: + {{- toYaml $nodepool.labels | indent 4 }} + {{- end }} +availabilitySet: {{ default (printf "avs-%s" $.Values.cluster.name) $nodepool.availabilitySet }} +# clientId: string +# clientSecret: string +{{- if $nodepool.clientId }} +customData: {{ $nodepool.customData }} +{{- end }} +diskSize: "{{ default "30" $nodepool.diskSize }}" +{{- if $nodepool.dns }} +dns: {{ $nodepool.dns }} +{{- end }} +dockerPort: "{{ default "2376" $nodepool.dockerPort }}" +environment: {{ default "AzurePublicCloud" $nodepool.environment }} +faultDomainCount: "{{ default "3" $nodepool.faultDomainCount }}" +image: {{ $nodepool.image }} +location: {{ $nodepool.region }} +managedDisks: {{ default "true" $nodepool.managedDisks }} +noPublicIp: {{ default "false" $nodepool.noPublicIp }} +nsg: {{ $nodepool.nsg }} +{{- if $nodepool.openPort}} +openPort: + {{- range $i, $port := $nodepool.openPort }} + - {{ $port }} + {{- end }} +{{- end }} +# plan: string +{{- if $nodepool.privateIpAddress }} +privateIpAddress: {{ $nodepool.privateIpAddress }} +{{- end }} +resourceGroup: {{ $nodepool.resourceGroup }} +size: {{ $nodepool.size }} +sshUser: {{ default "azureuser" $nodepool.sshUser }} +staticPublicIp: {{ default "false" $nodepool.staticPublicIp }} +storageType: {{ $nodepool.storageType }} +subnet: {{ $nodepool.subnet }} +subnetPrefix: {{ default "192.168.0.0/16" $nodepool.subnetPrefix }} +# subscriptionId: string +# tenantId: string +updateDomainCount: "{{ default "5" $nodepool.updateDomainCount }}" +usePrivateIp: {{ default "false" $nodepool.usePrivateIp }} +vnet: {{ $nodepool.vnet }} +{{- end }} +{{- end }} diff --git a/charts/rancher-cluster-templates/templates/cloudscaleconfig.yaml b/charts/rancher-cluster-templates/templates/cloudscaleconfig.yaml new file mode 100644 index 0000000..855ff6e --- /dev/null +++ b/charts/rancher-cluster-templates/templates/cloudscaleconfig.yaml @@ -0,0 +1,43 @@ +{{- if eq .Values.cloudprovider "cloudscale" }} +{{- range $index, $nodepool := .Values.nodepools }} +--- +# CloudScale configuration (ref. cloudscaleconfigs.rke-machine-config.cattle.io CRD) +apiVersion: rke-machine-config.cattle.io/v1 +kind: CloudscaleConfig +metadata: + name: {{ $nodepool.name }} + namespace: default + # annotations: + # key: string +{{- if $nodepool.labels }} + labels: +{{ toYaml $nodepool.labels | indent 4 }} +{{- end }} +# antiAffinityWith: string +# flavor: string +# image: string +# noPublicNetwork: boolean +# serverGroups: +# - string +# sshKeyPath: string +sshPort: {{ $nodepool.sshPort | quote }} +{{- if $nodepool.sshUser }} +sshUser: {{ $nodepool.sshUser }} +{{- end }} +# token: string +# useIpv6: boolean +# usePrivateNetwork: boolean +{{- if $nodepool.userdata }} +userdata: {{ $nodepool.userdata }} +{{- end }} +# userdatafile: string +# volumeBulk: +# - string +# volumeSizeGb: string +# volumeSsd: +# - string +{{- if $nodepool.zone }} +zone: {{ $nodepool.zone }} +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/rancher-cluster-templates/templates/cluster.yaml b/charts/rancher-cluster-templates/templates/cluster.yaml new file mode 100644 index 0000000..5a5bb97 --- /dev/null +++ b/charts/rancher-cluster-templates/templates/cluster.yaml @@ -0,0 +1,180 @@ +--- +# Cluster configuration (ref. cluster.provisioning.cattle.io CRD) +apiVersion: provisioning.cattle.io/v1 +kind: Cluster +metadata: + {{- if .Values.cluster.labels }} + labels: +{{ toYaml .Values.cluster.labels | indent 4 }} + {{- end }} + {{- if .Values.cluster.annotations }} + annotations: +{{ toYaml .Values.cluster.annotations | indent 4 }} + {{- end }} + name: {{ .Values.cluster.name }} + namespace: fleet-default +spec: + {{- if .Values.cloudCredentialSecretName }} + cloudCredentialSecretName: {{ .Values.cloudCredentialSecretName }} + {{- end }} + {{- if .Values.kubernetesVersion }} + kubernetesVersion: {{ .Values.kubernetesVersion }} + {{- end }} + {{- if .Values.enableNetworkPolicy }} + enableNetworkPolicy: {{ .Values.enableNetworkPolicy }} + {{- end }} + {{- if .Values.rke.localClusterAuthEndpoint.enabled }} + localClusterAuthEndpoint: + enabled: {{ .Values.rke.localClusterAuthEndpoint.enabled }} + fqdn: {{ .Values.rke.localClusterAuthEndpoint.fqdn }} + caCerts: {{ .Values.rke.localClusterAuthEndpoint.caCerts }} + {{- end }} + rkeConfig: + {{- if ne .Values.cloudprovider "custom" }} + machinePools: + {{- if .Values.nodepools }} + {{- range $index, $nodepool := .Values.nodepools }} + - controlPlaneRole: {{ $nodepool.controlplane }} + etcdRole: {{ $nodepool.etcd }} + workerRole: {{ $nodepool.worker }} + quantity: {{ $nodepool.quantity }} + name: {{ $nodepool.name }} + machineConfigRef: + {{- if eq $.Values.cloudprovider "aws" }} + kind: Amazonec2Config + {{- else if eq $.Values.cloudprovider "azure" }} + kind: AzureConfig + {{- else if eq $.Values.cloudprovider "cloudscale" }} + kind: CloudscaleConfig + {{- else if eq $.Values.cloudprovider "digitalocean" }} + kind: DigitaloceanConfig + {{- else if eq $.Values.cloudprovider "equinix" }} + kind: PacketConfig + {{- else if eq $.Values.cloudprovider "exoscale" }} + kind: ExoscaleConfig + {{- else if eq $.Values.cloudprovider "harvester" }} + kind: HarvesterConfig + {{- else if eq $.Values.cloudprovider "linode" }} + kind: LinodeConfig + {{- else if eq $.Values.cloudprovider "nutanix" }} + kind: NutanixConfig + {{- else if eq $.Values.cloudprovider "openstack" }} + kind: OpenstackConfig + {{- else if eq $.Values.cloudprovider "outscale" }} + kind: OutscaleConfig + {{- else if eq $.Values.cloudprovider "vsphere" }} + kind: VmwarevsphereConfig + {{- end}} + name: {{ $nodepool.name }} + paused: {{ $nodepool.paused }} + displayName: {{ $nodepool.displayName }} + # drainBeforeDelete: + # drainBeforeDeleteTimeout: + # machineOS: + # maxUnhealthy: + # labels: + # nodeStartupTimeout: + # taints: + # unhealthyRange: + # unhealthyNodeTimeout: + {{- if $nodepool.rollingUpdate }} + rollingUpdate: + maxUnavailable: {{ $nodepool.rollingUpdate.maxUnavailable }} + maxSurge: {{ $nodepool.rollingUpdate.maxSurge }} + {{- end }} + {{- if $nodepool.machineDeploymentLabels }} + machineDeploymentLabels: +{{ toYaml $nodepool.machineDeploymentLabels | indent 10 }} + {{- end }} + {{- if $nodepool.machineDeploymentAnnotations }} + machineDeploymentAnnotations: +{{ toYaml $nodepool.machineDeploymentAnnotations | indent 10 }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} + machineGlobalConfig: + # audit-policy-file: "" # Path to the file that defines the audit policy configuration + # cluster-cidr: "" # IPv4/IPv6 network CIDRs to use for pod IPs (default: 10.42.0.0/16) + # cluster-dns: "" # IPv4 Cluster IP for coredns service. Should be in your service-cidr range (default: 10.43.0.10) + # cluster-domain: "" # Cluster Domain (default: "cluster.local") + cni: calico # CNI Plugin to deploy, one of none, canal, cilium (default: "canal") + # disable: false # Do not deploy packaged components and delete any deployed components (valid items: rke2-coredns, rke2-ingress-nginx, rke2-kube-proxy, rke2-metrics-server) + # etcd-disable-snapshots: false # Disable automatic etcd snapshots + # etcd-expose-metrics: false # Expose etcd metrics to client interface. (Default false) + # etcd-snapshot-dir: "" # Directory to save db snapshots. (Default location: ${data-dir}/db/snapshots) + # etcd-snapshot-name: "" # Set the base name of etcd snapshots. Default: etcd-snapshot- (default: "etcd-snapshot") + # etcd-snapshot-retention: 5 # Number of snapshots to retain (default: 5) + # etcd-snapshot-schedule-cron: "0 */12 * * *" # Snapshot interval time in cron spec. eg. every 5 hours '* */5 * * *' (default: "0 */12 * * *") + # kube-apiserver-arg: "" # Customized flag for kube-apiserver process + # kube-scheduler-arg: "" # Customized flag for kube-scheduler process + # kube-controller-manager-arg: "" # Customized flag for kube-controller-manager process + # profile: "cis-1.6" # Validate system configuration against the selected benchmark (valid items: cis-1.5, cis-1.6) + # secrets-encryption: false # Enable Secret encryption at rest + # service-cidr: "10.43.0.0/16" # IPv4/IPv6 network CIDRs to use for service IPs (default: 10.43.0.0/16) + # service-node-port-range: "30000-32767" # Port range to reserve for services with NodePort visibility (default: "30000-32767") + # tls-san: [] # Add additional hostnames or IPv4/IPv6 addresses as Subject Alternative Names on the server TLS cert + # machineSelectorConfig: + # config: + # node-name: "" + # container-runtime-endpoint: "" # Disable embedded containerd and use alternative CRI implementation + # snapshotter: "" # Override default containerd snapshotter (default: "overlayfs") + # node-ip: "1.1.1.1" # IP address to advertise for node + # resolv-conf: "" # Kubelet resolv.conf file + # kubelet-arg: "" # Customized flag for kubelet process + # kube-proxy-arg: "" # Customized flag for kube-proxy process + # protect-kernel-defaults: false # Kernel tuning behavior. If set, error if kernel tunables are different than kubelet defaults. (default: false) + # selinux: true # Enable SELinux in containerd (default: false) + # cloud-provider-name: "" + # cloud-provider-config: "" # Cloud provider configuration file path + # machineLabelSelector: + # matchExpressions: + # matchExpressions: + # provisionGeneration: + # registries: + # configs: + # authConfigSecretName: + # caBundle: + # insecureSkipVerify: + # tlsSecretName: + # mirrors: + # endpoint: + # rewrite: + # rotateCertificates: + # generation: + # services: + # rotateEncryptionKeys: + # generation: + upgradeStrategy: + controlPlaneConcurrency: "10%" + controlPlaneDrainOptions: + enabled: false + # deleteEmptyDirData: false + # disableEviction: false + # gracePeriod: 0 + # ignoreErrors: false + # skipWaitForDeleteTimeoutSeconds: 0 + # timeout: 0 + workerConcurrency: "10%" + workerDrainOptions: + enabled: false + # deleteEmptyDirData: false + # disableEviction: false + # gracePeriod: 0 + # ignoreErrors: false + # skipWaitForDeleteTimeoutSeconds: 0 + # timeout: 0 + # additionalManifest: + # chartValues: + # etcd: + # etcdSnapshotCreate: + # etcdSnapshotRestore: + # infrastructureRef: + {{- if .Values.agentEnvs }} + agentEnvVars: +{{ toYaml .Values.agentEnvs | indent 4 }} + {{- end }} + # clusterAPIConfig: + # defaultClusterRoleForProjectMembers: + # defaultPodSecurityPolicyTemplateName: + # redeploySystemAgentGeneration: diff --git a/charts/rancher-cluster-templates/templates/clusterroletemplatebinding.yaml b/charts/rancher-cluster-templates/templates/clusterroletemplatebinding.yaml new file mode 100644 index 0000000..05183e9 --- /dev/null +++ b/charts/rancher-cluster-templates/templates/clusterroletemplatebinding.yaml @@ -0,0 +1,11 @@ +{{- range $index, $member := .Values.clusterMembers }} +--- +apiVersion: management.cattle.io/v3 +clusterName: c-m-{{ trunc 8 (sha256sum (printf "%s/%s" $.Release.Namespace $.Values.cluster.name)) }} +kind: ClusterRoleTemplateBinding +metadata: + name: ctrb-{{ trunc 8 (sha256sum (printf "%s/%s" $.Release.Namespace $member.principalName )) }} + namespace: c-m-{{ trunc 8 (sha256sum (printf "%s/%s" $.Release.Namespace $.Values.cluster.name)) }} +roleTemplateName: {{ $member.roleTemplateName }} +userPrincipalName: {{ $member.principalName }} +{{- end }} diff --git a/charts/rancher-cluster-templates/templates/digitaloceanconfig.yaml b/charts/rancher-cluster-templates/templates/digitaloceanconfig.yaml new file mode 100644 index 0000000..b577646 --- /dev/null +++ b/charts/rancher-cluster-templates/templates/digitaloceanconfig.yaml @@ -0,0 +1,31 @@ +{{- if eq .Values.cloudprovider "digitalocean" }} +{{- range $index, $nodepool := .Values.nodepools }} +--- +# Digital Ocean configuration (ref. digitaloceanconfigs.rke-machine-config.cattle.io CRD) +apiVersion: rke-machine-config.cattle.io/v1 +kind: DigitaloceanConfig +metadata: + name: {{ $nodepool.name }} + namespace: fleet-default + # annotations: + # key: string +{{- if $nodepool.labels }} + labels: +{{ toYaml $nodepool.labels | indent 4 }} +{{- end }} +# accessToken: string +backups: {{ $nodepool.backups }} +image: {{ $nodepool.image }} +ipv6: {{ $nodepool.ipv6 }} +monitoring: {{ $nodepool.monitoring }} +privateNetworking: {{ $nodepool.privateNetworking }} +region: {{ $nodepool.region }} +size: {{ $nodepool.size }} +sshKeyContents: {{ $nodepool.sshKeyContents }} +sshKeyFingerprint: {{ $nodepool.sshKeyFingerprint }} +sshPort: {{ $nodepool.sshPort | quote }} +sshUser: {{ $nodepool.sshUser }} +tags: {{ $nodepool.tags }} +userdata: {{ $nodepool.userdata }} +{{- end }} +{{- end }} diff --git a/charts/rancher-cluster-templates/templates/exoscaleconfig.yaml b/charts/rancher-cluster-templates/templates/exoscaleconfig.yaml new file mode 100644 index 0000000..d29fc74 --- /dev/null +++ b/charts/rancher-cluster-templates/templates/exoscaleconfig.yaml @@ -0,0 +1,31 @@ +{{- if eq .Values.cloudprovider "exoscale" }} +{{- range $index, $nodepool := .Values.nodepools }} +--- +# Exoscale configuration (ref. exoscaleconfigs.rke-machine-config.cattle.io CRD) +apiVersion: rke-machine-config.cattle.io/v1 +kind: ExoscaleConfig +metadata: + name: {{ $nodepool.name }} + namespace: default + # annotations: + # key: string +{{- if $nodepool.labels }} + labels: +{{ toYaml $nodepool.labels | indent 4 }} +{{- end }} +# affinityGroup: +# - string +# apiKey: string +# apiSecretKey: string +# availabilityZone: string +# diskSize: string +image: {{ $nodepool.image }} +# instanceProfile: string +# securityGroup: +# - string +# sshKey: string +sshUser: {{ $nodepool.sshUser }} +# url: string +userdata: {{ $nodepool.userdata }} +{{- end }} +{{- end }} diff --git a/charts/rancher-cluster-templates/templates/harvesterconfig.yaml b/charts/rancher-cluster-templates/templates/harvesterconfig.yaml new file mode 100644 index 0000000..3441d21 --- /dev/null +++ b/charts/rancher-cluster-templates/templates/harvesterconfig.yaml @@ -0,0 +1,38 @@ +{{- if eq .Values.cloudprovider "harvester" }} +{{- range $index, $nodepool := .Values.nodepools }} +--- +# Harvester configuration (ref. harvesterconfigs.rke-machine-config.cattle.io CRD) +apiVersion: rke-machine-config.cattle.io/v1 +kind: HarvesterConfig +metadata: + name: {{ $nodepool.name }} + namespace: fleet-default + # annotations: + # key: string +{{- if $nodepool.labels }} + labels: +{{ toYaml $nodepool.labels | indent 4 }} +{{- end }} +#cloudConfig: string +#clusterId: string +#clusterType: string +cpuCount: {{ $nodepool.cpuCount | quote }} +diskBus: {{ $nodepool.diskBus }} +diskSize: {{ $nodepool.diskSize | quote }} +imageName: {{ $nodepool.imageName }} +#keyPairName: string +#kubeconfigContent: string +memorySize: {{ $nodepool.memorySize | quote }} +#networkData: string +#networkModel: string +networkName: {{ $nodepool.networkName }} +#networkType: string +#sshPassword: string +#sshPort: string +#sshPrivateKeyPath: string +sshUser: {{ $nodepool.sshUser }} +#userData: string +#vmAffinity: string +vmNamespace: {{ $nodepool.vmNamespace }} +{{- end }} +{{- end }} diff --git a/charts/rancher-cluster-templates/templates/linodeconfig.yaml b/charts/rancher-cluster-templates/templates/linodeconfig.yaml new file mode 100644 index 0000000..256c4e2 --- /dev/null +++ b/charts/rancher-cluster-templates/templates/linodeconfig.yaml @@ -0,0 +1,33 @@ +{{- if eq .Values.cloudprovider "linode" }} +{{- range $index, $nodepool := .Values.nodepools }} +--- +# Linode configuration (ref. linodeconfigs.rke-machine-config.cattle.io CRD) +apiVersion: rke-machine-config.cattle.io/v1 +kind: LinodeConfig +metadata: + name: {{ $nodepool.name }} + namespace: default + # annotations: + # key: string +{{- if $nodepool.labels }} + labels: +{{ toYaml $nodepool.labels | indent 4 }} +{{- end }} +# authorizedUsers: string +# createPrivateIp: boolean +# dockerPort: string +image: {{ $nodepool.image }} +# instanceType: string +# label: string +region: {{ $nodepool.region }} +# rootPass: string +sshPort: {{ $nodepool.sshPort | quote }} +sshUser: {{ $nodepool.sshUser }} +# stackscript: string +# stackscriptData: string +# swapSize: string +tags: {{ $nodepool.tags }} +# token: string +# uaPrefix: string +{{- end }} +{{- end }} diff --git a/charts/rancher-cluster-templates/templates/managedcharts.yaml b/charts/rancher-cluster-templates/templates/managedcharts.yaml new file mode 100644 index 0000000..0793bc6 --- /dev/null +++ b/charts/rancher-cluster-templates/templates/managedcharts.yaml @@ -0,0 +1,50 @@ +{{- if .Values.monitoring.enabled }} +--- +apiVersion: management.cattle.io/v3 +kind: ManagedChart +metadata: + name: monitoring-crd-{{ .Values.cluster.name }} + namespace: fleet-default +spec: + chart: "rancher-monitoring-crd" + repoName: "rancher-charts" + releaseName: "rancher-monitoring-crd" + version: {{ .Values.monitoring.version }} + {{- if .Values.monitoring.values }} + values: +{{ toYaml .Values.monitoring.values | indent 4 }} + {{- end }} + defaultNamespace: "cattle-monitoring-system" + targets: + - clusterName: {{ .Values.cluster.name }} +--- +apiVersion: management.cattle.io/v3 +kind: ManagedChart +metadata: + name: monitoring-{{ .Values.cluster.name }} + namespace: fleet-default +spec: + chart: "rancher-monitoring" + repoName: "rancher-charts" + releaseName: "rancher-monitoring" + version: {{ .Values.monitoring.version }} + {{- if .Values.monitoring.values }} + values: +{{ toYaml .Values.monitoring.values | indent 4 }} + {{- end }} + diff: + comparePatches: + - apiVersion: admissionregistration.k8s.io/v1beta1 + kind: MutatingWebhookConfiguration + name: rancher-monitoring-admission + jsonPointers: + - /webhooks/0/failurePolicy + - apiVersion: admissionregistration.k8s.io/v1beta1 + kind: ValidatingWebhookConfiguration + name: rancher-monitoring-admission + jsonPointers: + - /webhooks/0/failurePolicy + defaultNamespace: "cattle-monitoring-system" + targets: + - clusterName: {{ .Values.cluster.name }} +{{- end }} diff --git a/charts/rancher-cluster-templates/templates/nutanixconfig.yaml b/charts/rancher-cluster-templates/templates/nutanixconfig.yaml new file mode 100644 index 0000000..e03a575 --- /dev/null +++ b/charts/rancher-cluster-templates/templates/nutanixconfig.yaml @@ -0,0 +1,36 @@ +{{- if eq .Values.cloudprovider "nutanix" }} +{{- range $index, $nodepool := .Values.nodepools }} +--- +# Nutanix configuration (ref. nutanixconfigs.rke-machine-config.cattle.io CRD) +apiVersion: rke-machine-config.cattle.io/v1 +kind: NutanixConfig +metadata: + name: {{ $nodepool.name }} + namespace: default + # annotations: + # key: string +{{- if $nodepool.labels }} + labels: +{{ toYaml $nodepool.labels | indent 4 }} +{{- end }} +# cloudInit: string +# cluster: string +# diskSize: string +# endpoint: string +# insecure: boolean +# password: string +# port: string +# storageContainer: string +# username: string +# vmCategories: +# - string +# vmCores: string +# vmCpuPassthrough: boolean +# vmCpus: string +vmImage: {{ $nodepool.image }} +# vmImageSize: string +# vmMem: string +# vmNetwork: +# - string +{{- end }} +{{- end }} diff --git a/charts/rancher-cluster-templates/templates/openstackconfig.yaml b/charts/rancher-cluster-templates/templates/openstackconfig.yaml new file mode 100644 index 0000000..7dcf149 --- /dev/null +++ b/charts/rancher-cluster-templates/templates/openstackconfig.yaml @@ -0,0 +1,60 @@ +{{- if eq .Values.cloudprovider "openstack" }} +{{- range $index, $nodepool := .Values.nodepools }} +--- +# OpenStack configuration (ref. openstackconfigs.rke-machine-config.cattle.io CRD) +apiVersion: rke-machine-config.cattle.io/v1 +kind: OpenstackConfig +metadata: + name: {{ $nodepool.name }} + namespace: default + # annotations: + # key: string +{{- if $nodepool.labels }} + labels: +{{ toYaml $nodepool.labels | indent 4 }} +{{- end }} +# activeTimeout: string +# applicationCredentialId: string +# applicationCredentialName: string +# applicationCredentialSecret: string +# authUrl: string +# availabilityZone: string +# bootFromVolume: boolean +# cacert: string +# configDrive: boolean +# domainId: string +# domainName: string +# endpointType: string +# flavorId: string +# flavorName: string +# floatingipPool: string +# imageId: string +# imageName: string +# insecure: boolean +# ipVersion: string +# keypairName: string +# netId: string +# netName: string +# novaNetwork: boolean +# password: string +# privateKeyFile: string +region: {{ $nodepool.region }} +# secGroups: string +sshPort: {{ $nodepool.sshPort | quote }} +sshUser: {{ $nodepool.sshUser }} +# tenantDomainId: string +# tenantDomainName: string +# tenantId: string +# tenantName: string +# userDataFile: string +# userDomainId: string +# userDomainName: string +# userId: string +# username: string +# volumeDevicePath: string +# volumeId: string +# volumeName: string +# volumeSize: string +# volumeType: string +{{- end }} +{{- end }} diff --git a/charts/rancher-cluster-templates/templates/outscaleconfig.yaml b/charts/rancher-cluster-templates/templates/outscaleconfig.yaml new file mode 100644 index 0000000..0751bf2 --- /dev/null +++ b/charts/rancher-cluster-templates/templates/outscaleconfig.yaml @@ -0,0 +1,37 @@ +{{- if eq .Values.cloudprovider "outscale" }} +{{- range $index, $nodepool := .Values.nodepools }} +--- +# Outscale configuration (ref. outscaleconfigs.rke-machine-config.cattle.io CRD) +apiVersion: rke-machine-config.cattle.io/v1 +kind: OutscaleConfig +metadata: + name: {{ $nodepool.name }} + namespace: default + # annotations: + # key: string +{{- if $nodepool.labels }} + labels: +{{ toYaml $nodepool.labels | indent 4 }} +{{- end }} +# accessKey: string +# extraTagsAll: +# - string +# extraTagsInstances: +# - string +{{- if $nodepool.instanceType }} +instanceType: {{ $nodepool.instanceType }} +{{- end }} +{{- if $nodepool.region }} +region: {{ $nodepool.region }} +{{- end }} +# rootDiskIops: string +# rootDiskSize: string +# rootDiskType: string +# secretKey: string +# securityGroupIds: +# - string +{{- if $nodepool.sourceOmi }} +sourceOmi: {{ $nodepool.sourceOmi }} +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/rancher-cluster-templates/templates/packetconfig.yaml b/charts/rancher-cluster-templates/templates/packetconfig.yaml new file mode 100644 index 0000000..f513314 --- /dev/null +++ b/charts/rancher-cluster-templates/templates/packetconfig.yaml @@ -0,0 +1,49 @@ +{{- if eq .Values.cloudprovider "equinix" }} +{{- range $index, $nodepool := .Values.nodepools }} +--- +# Equinix Metal configuration (ref. packetconfigs.rke-machine-config.cattle.io CRD) +apiVersion: rke-machine-config.cattle.io/v1 +kind: PacketConfig +metadata: + name: {{ $nodepool.name }} + namespace: fleet-default + # annotations: + # key: string +{{- if $nodepool.labels }} + labels: +{{ toYaml $nodepool.labels | indent 4 }} +{{- end }} +# apiKey: string +{{- if $nodepool.billingCycle }} +billingCycle: {{ $nodepool.billingCycle }} +{{- end }} +{{- if $nodepool.facilityCode }} +facilityCode: {{ $nodepool.facilityCode }} +{{- end }} +{{- if $nodepool.hwReservationId }} +hwReservationId: {{ $nodepool.hwReservationId }} +{{- end }} +# metroCode: string +{{- if $nodepool.os }} +os: {{ $nodepool.os }} +{{- end }} +{{- if $nodepool.plan }} +plan: {{ $nodepool.plan }} +{{- end }} +{{- if $nodepool.projectId }} +projectId: {{ $nodepool.projectId }} +{{- end }} +{{- if $nodepool.spotInstance }} +spotInstance: {{ $nodepool.spotInstance }} +{{- end }} +{{- if $nodepool.spotPriceMax }} +spotPriceMax: {{ $nodepool.spotPriceMax }} +{{- end }} +{{- if $nodepool.terminationTime }} +terminationTime: {{ $nodepool.terminationTime }} +{{- end }} +{{- if $nodepool.userdata }} +userdata: {{ $nodepool.userdata }} +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/rancher-cluster-templates/templates/vsphereconfig.yaml b/charts/rancher-cluster-templates/templates/vsphereconfig.yaml new file mode 100644 index 0000000..e9db2ac --- /dev/null +++ b/charts/rancher-cluster-templates/templates/vsphereconfig.yaml @@ -0,0 +1,63 @@ +{{- if eq .Values.cloudprovider "vsphere" }} +{{- range $index, $nodepool := .Values.nodepools }} +--- +# VMware vSphere configuration (ref. vmwarevsphereconfigs.rke-machine-config.cattle.io CRD) +apiVersion: rke-machine-config.cattle.io/v1 +kind: VmwarevsphereConfig +metadata: + name: {{ $nodepool.name }} + namespace: fleet-default + # annotations: + # key: string +{{- if $nodepool.labels }} + labels: +{{ toYaml $nodepool.labels | indent 4 }} +{{- end }} +# boot2dockerUrl: string +{{- if $nodepool.cfgparam }} +cfgparam: {{ $nodepool.cfgparam }} +{{- end }} +cloneFrom: {{ $nodepool.cloneFrom }} +cloudConfig: | +{{ $nodepool.cloudConfig | indent 2 }} +cloudinit: {{ $nodepool.cloudinit }} +common: +# cloudCredentialSecretName: string +{{- if $nodepool.labels }} + labels: +{{ toYaml $nodepool.labels | indent 4 }} +{{- end }} +{{- if $nodepool.taints }} + taints: +{{ toYaml $nodepool.taints | indent 4 }} +{{- end }} +contentLibrary: {{ $nodepool.contentLibrary }} +cpuCount: {{ $nodepool.cpuCount | quote }} +creationType: {{ $nodepool.creationType }} +customAttribute: {{ $nodepool.customAttribute }} +datacenter: {{ $nodepool.datacenter }} +datastore: {{ $nodepool.datastore }} +datastoreCluster: {{ $nodepool.datastoreCluster }} +diskSize: {{ $nodepool.diskSize | quote }} +folder: {{ $nodepool.folder }} +hostsystem: {{ $nodepool.hostsystem }} +memorySize: {{ $nodepool.memorySize | quote }} +network: {{ $nodepool.network }} +pool: {{ $nodepool.pool }} +# os: string +# password: string +# providerID: string +# sshPassword: string +sshPort: {{ $nodepool.sshPort | quote }} +sshUser: {{ $nodepool.sshUser }} +sshUserGroup: {{ $nodepool.sshUserGroup }} +tag: {{ $nodepool.tag }} +# username: string +vappIpallocationpolicy: {{ $nodepool.vappIpallocationpolicy }} +vappIpprotocol: {{ $nodepool.vappIpprotocol }} +vappProperty: {{ $nodepool.vappProperty }} +vappTransport: {{ $nodepool.vappTransport }} +vcenter: {{ $nodepool.vcenter }} +vcenterPort: {{ $nodepool.vcenterPort | quote }} +{{- end }} +{{- end }} diff --git a/charts/rancher-cluster-templates/values.yaml b/charts/rancher-cluster-templates/values.yaml new file mode 100644 index 0000000..94a65b0 --- /dev/null +++ b/charts/rancher-cluster-templates/values.yaml @@ -0,0 +1,77 @@ +cluster: + name: "mycluster" + labels: {} + annotations: {} + +# cloud provider name (values can be aws, azure, cloudscale, digitalocean, equinix, exoscale, harvester, linode, nutanix, openstack, outscale, vsphere) +cloudprovider: "" + +# cloud credential secret name (do not need to be provided if using custom driver) +cloudCredentialSecretName: "" + +kubernetesVersion: "v1.24.14+rke2r1" + +# Rancher Kubernetes Engine options (Kubernetes distribution) +rke: + localClusterAuthEndpoint: + enabled: false + fqdn: foo.bar.example + caCerts: "" + +# specify user principal ids to be assiged as cluster members +# clusterMembers: +# - principalName: "local://u-z8zl5" +# roleTemplateName: "cluster-member" + +monitoring: + enabled: false + # specify which version to install, can be semver range. If version is empty or is semver range, it will pick up the latest version. + # version: "" + # specify cutsom values set + # values: + # foo: bar + +nodepools: [] +# - etcd: true +# controlplane: true +# worker: true +# labels: {} +# taints: {} +# quantity: 1 +# paused: false +# displayName: "" +# rollingUpdate: +# maxSurge: "1" +# machineDeploymentLabels: {} +# machineDeploymentAnnotations: {} +# name: "" +# ami: "" # AWS machine image +# blockDurationMinutes: 0 # AWS spot instance duration in minutes (60, 120, 180, 240, 300, or 360) +# deviceName: "/dev/sda1" # AWS root device name +# encryptEbsVolume: false # AWS Encrypt the EBS volume using the AWS Managed CMK +# endpoint: "" # Optional endpoint URL (hostname only or fully qualified) +# iamInstanceProfile: "" # AWS IAM Instance Profile +# insecureTransport: false # Disable SSL when sending requests +# instanceType: t3a.medium # AWS instance type +# region: us-west-2 # AWS datacenter region +# createSecurityGroup: true # Whether to create `rancher-node` security group. If false, can provide with existing security group +# securityGroups: [] +# keypairName: "" # AWS keypair to use +# securityGroupReadonly: false # skip adding default rules to security groups +# sshKeyContents: "" # AWS file content +# subnetId: "" # AWS VPC subnet id +# monitoring: false # AWS flag to enable CloudWatch monitoring +# openPort: ["8080", "8443"] # AWS port numbers accessible from the Internet +# privateAddressOnly: false # AWS flag to only use a private IP address +# requestSpotInstance: false # AWS flag to request spot instance +# tags: "foo,bar" # AWS tags (e.g. key1,value1,key2,value2) +# retries: 5 # AWS retry count for recoverable failures (use -1 to disable) +# rootSize: 16 # AWS root disk size (in GB) +# spotPrice: 0.5 # AWS spot instance bid price (in dollar) +# sshUser: ubuntu # AWS SSH username +# volumeType: gp2 # AWS Amazon EBS volume type +# vpcId: "" # AWS VPC id +# useEbsOptimizedInstance: false # AWS create an EBS optimized instance +# usePrivateAddress: false # AWS force the usage of private IP address +# userdata: "" # AWS file contents for userdata +# zone: a # AWS zone for instance (i.e. a,b,c,d,e)