137 lines
3.3 KiB
YAML
137 lines
3.3 KiB
YAML
---
|
|
schema: armada/Chart/v1
|
|
metadata:
|
|
schema: metadata/Document/v1
|
|
name: ucp-armada
|
|
layeringDefinition:
|
|
abstract: false
|
|
layer: global
|
|
storagePolicy: cleartext
|
|
labels:
|
|
name: ucp-armada-global
|
|
substitutions:
|
|
# Chart source
|
|
- src:
|
|
schema: pegleg/SoftwareVersions/v1
|
|
name: software-versions
|
|
path: .charts.ucp.armada
|
|
dest:
|
|
path: .source
|
|
|
|
# Images
|
|
- src:
|
|
schema: pegleg/SoftwareVersions/v1
|
|
name: software-versions
|
|
path: .images.ucp.armada
|
|
dest:
|
|
path: .values.images.tags
|
|
|
|
# Endpoints
|
|
- src:
|
|
schema: pegleg/EndpointCatalogue/v1
|
|
name: ucp_endpoints
|
|
path: .ucp.identity
|
|
dest:
|
|
path: .values.endpoints.identity
|
|
- src:
|
|
schema: pegleg/EndpointCatalogue/v1
|
|
name: ucp_endpoints
|
|
path: .ucp.armada
|
|
dest:
|
|
path: .values.endpoints.armada
|
|
|
|
# Credentials
|
|
- src:
|
|
schema: pegleg/AccountCatalogue/v1
|
|
name: ucp_service_accounts
|
|
path: .ucp.keystone.admin
|
|
dest:
|
|
path: .values.endpoints.identity.auth.admin
|
|
- src:
|
|
schema: pegleg/AccountCatalogue/v1
|
|
name: ucp_service_accounts
|
|
path: .ucp.armada.keystone
|
|
dest:
|
|
path: .values.endpoints.identity.auth.user
|
|
|
|
# Secrets
|
|
- dest:
|
|
path: .values.endpoints.identity.auth.admin.password
|
|
src:
|
|
schema: deckhand/Passphrase/v1
|
|
name: ucp_keystone_admin_password
|
|
path: .
|
|
- dest:
|
|
path: .values.endpoints.identity.auth.armada.password
|
|
src:
|
|
schema: deckhand/Passphrase/v1
|
|
name: ucp_armada_keystone_password
|
|
path: .
|
|
data:
|
|
chart_name: armada
|
|
release: ucp-armada
|
|
namespace: ucp
|
|
protected:
|
|
continue_processing: false
|
|
wait:
|
|
native:
|
|
# Note(seaneagan): This allows the sidecar tiller (if enabled) to update
|
|
# the armada chart's release status to DEPLOYED before the tiller sidecar
|
|
# goes away when the armada chart is updated, otherwise it can get
|
|
# stuck in PENDING_UPGRADE status.
|
|
enabled: false
|
|
timeout: 900
|
|
labels:
|
|
release_group: clcp-ucp-armada
|
|
test:
|
|
enabled: true
|
|
install:
|
|
no_hooks: false
|
|
upgrade:
|
|
no_hooks: false
|
|
pre:
|
|
delete:
|
|
- type: job
|
|
labels:
|
|
release_group: clcp-ucp-armada
|
|
values:
|
|
pod:
|
|
mandatory_access_control:
|
|
type: apparmor
|
|
armada-api:
|
|
init: runtime/default
|
|
armada-api: runtime/default
|
|
tiller: runtime/default
|
|
armada-api-test:
|
|
armada-api-test: runtime/default
|
|
affinity:
|
|
anti:
|
|
type:
|
|
default: requiredDuringSchedulingIgnoredDuringExecution
|
|
security_context:
|
|
armada:
|
|
pod:
|
|
runAsUser: 1000
|
|
env:
|
|
armada_api:
|
|
- name: ARMADA_UWSGI_TIMEOUT
|
|
value: 10800
|
|
replicas:
|
|
api: 1
|
|
conf:
|
|
armada:
|
|
DEFAULT:
|
|
debug: true
|
|
# Allow lock to expire before timing out. This is needed in case
|
|
# a lock does not get cleaned up, such as when Armada updates itself.
|
|
lock_acquire_timeout: 1800
|
|
lock_expiration: 300
|
|
tiller:
|
|
storage: secret
|
|
manifests:
|
|
deployment_tiller: false
|
|
service_tiller_deploy: false
|
|
dependencies:
|
|
- armada-htk
|
|
...
|