treasuremap/global/software/charts/kubernetes/etcd/etcd.yaml

---
schema: armada/Chart/v1
metadata:
  schema: metadata/Document/v1
  name: kubernetes-etcd-global
  layeringDefinition:
    abstract: true
    layer: global
  labels:
    name: kubernetes-etcd-global
  storagePolicy: cleartext
  substitutions:

    # Chart source
    - src:
        schema: pegleg/SoftwareVersions/v1
        name: software-versions
        path: .charts.kubernetes.etcd
      dest:
        path: .source

    # Images
    - src:
        schema: pegleg/SoftwareVersions/v1
        name: software-versions
        path: .images.kubernetes.etcd
      dest:
        path: .values.images.tags

    # IP addresses
    -
      src:
        schema: pegleg/CommonAddresses/v1
        name: common-addresses
        path: .kubernetes.etcd_service_ip
      dest:
        path: .values.service.ip
    -
      src:
        schema: pegleg/CommonAddresses/v1
        name: common-addresses
        path: .kubernetes.etcd_service_ip
      dest:
        path: .values.anchor.etcdctl_endpoint

    # CAs
    -
      src:
        schema: deckhand/CertificateAuthority/v1
        name: kubernetes-etcd
        path: .
      dest:
        path: .values.secrets.tls.client.ca
    -
      src:
        schema: deckhand/CertificateAuthority/v1
        name: kubernetes-etcd-peer
        path: .
      dest:
        path: .values.secrets.tls.peer.ca

    -
      src:
        schema: deckhand/Certificate/v1
        name: kubernetes-etcd-anchor
        path: .
      dest:
        path: .values.secrets.anchor.tls.cert
    -
      src:
        schema: deckhand/CertificateKey/v1
        name: kubernetes-etcd-anchor
        path: .
      dest:
        path: .values.secrets.anchor.tls.key

data:
  chart_name: etcd
  release: kubernetes-etcd
  namespace: kube-system
  protected:
    continue_processing: false
  wait:
    timeout: 1800
    native:
      enabled: false
    resources:
      - type: "daemonset"
      - type: "pod"
    labels:
      release_group: clcp-kubernetes-etcd
  upgrade:
    no_hooks: false
    pre:
      delete:
        - type: job
          labels:
            release_group: clcp-kubernetes-etcd
  values:
    pod:
      mandatory_access_control:
        type: apparmor
        etcd-anchor:
          etcdctl: runtime/default
        etcd:
          etcd-test: runtime/default
        etcd-backup:
          etcd-backup: runtime/default
      lifecycle:
        upgrades:
          daemonsets:
            pod_replacement_strategy: RollingUpdate
            anchor:
              enabled: true
              min_ready_seconds: 0
              max_unavailable: 1
      env:
        etcd:
          # default ETCD_HEARTBEAT_INTERVAL: 100
          ETCD_HEARTBEAT_INTERVAL: 100
          # default ETCD_ELECTION_TIMEOUT: 1000
          ETCD_ELECTION_TIMEOUT: 1000
          # default ETCD_SNAPSHOT_COUNT: 100000
          ETCD_SNAPSHOT_COUNT: 10000
    labels:
      anchor:
        node_selector_key: kubernetes-etcd
        node_selector_value: enabled
    etcd:
      host_data_path: /var/lib/etcd/kubernetes
      host_etc_path: /etc/etcd/kubernetes
    service:
      name: kubernetes-etcd
    network:
      service_client:
        name: service_client
        port: 2379
        target_port: 2379
      service_peer:
        name: service_peer
        port: 2380
        target_port: 2380
    jobs:
      etcd_backup:
        cron: "0 0 * * *"
    backup:
      no_backup_keep: 3
  dependencies:
    - etcd-htk
...
---
schema: armada/Chart/v1
metadata:
  schema: metadata/Document/v1
  name: etcd-htk
  layeringDefinition:
    abstract: false
    layer: global
  substitutions:
    - src:
        schema: pegleg/SoftwareVersions/v1
        name: software-versions
        path: .charts.kubernetes.etcd-htk
      dest:
        path: .source
  storagePolicy: cleartext
data:
  chart_name: etcd-htk
  release: etcd-htk
  namespace: etcd-htk
  timeout: 600
  wait:
    timeout: 600
  upgrade:
    no_hooks: true
  values: {}
  dependencies: []
...