forked from swisscom/kubeone-dcs-kubernetes
-
Notifications
You must be signed in to change notification settings - Fork 0
/
config.example.yaml
61 lines (56 loc) · 3.14 KB
/
config.example.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
---
kubernetes:
hostname: "my-kubernetes.my-domain.com" # adjust to your hostname, make sure you have a valid DNS records pointing to the edge gateway beforehand
version: "1.27.10"
csi:
storage_profile: "Ultra Fast Storage A" # adjust to a storage profile of your choice, see "VCD UI -> Data Centers -> Storage -> Storage Policies"
oidc:
secret: "hSPJw9AyyJMh3iQLF2V0RBGCkdRw7qSI" # generate a new secret with: cat /dev/urandom | tr -dc A-Za-z0-9 | head -c32
cookie: "R2ltbFNBTlV4MWs1UGxzUTNKZkZNOGpnUnNUWjRuc2g=" # generate a new cookie secret with: openssl rand -base64 32 | head -c 32 | base64
admin_password: "$2y$10$qZjfVBeMRHlRZPwX2uDrIe4zjLyU8SPmz6ww6zoCxctoNrHIUfq7u" # generate a new password hash with: echo "<my-password>" | htpasswd -BinC 10 admin | cut -d: -f2
dex:
connectors: [] # see https://dexidp.io/docs/connectors/ for documentation
# - type: github # see https://dexidp.io/docs/connectors/github/ for documentation
# id: github
# name: GitHub
# config:
# clientID: my_github_client
# clientSecret: my_github_client_secret
# redirectURI: https://dex.my-kubernetes.my-domain.com/dex/callback
# orgs:
# - name: my-organization
# - name: my-organization-with-teams
# teams:
# - red-team
# - blue-team
wireguard:
serverAddress: 10.242.42.1/24 # choose wireguard server address, default if not set is '10.242.42.1/24'
privateKey: aFNRgUHsMqyrj7cwWwsSKQvkEgXqTbJxiuTOjU3KB1c= # privateKey for wireguard server, generate keypair with: wg genkey | tee server.private.key | wg pubkey > server.public.key
clients:
- name: my-computer # name of your client
publicKey: pTAAvK3WkMy1MHgTlWJCdvoNpMSEy/WnfNblV96XUQw= # publicKey of your client, generate keypair with: wg genkey | tee client.private.key | wg pubkey > client.public.key
allowedIPs: 10.242.42.10/32 # IP for your client, choose one that is part of the server address network
# vCD settings
vcd:
url: "https://vcd-pod-bravo.swisscomcloud.com/api"
user: "api_vcd_my_username" # adjust to your API username
password: "my_api_password" # adjust to your API password
org: "PRO-0123456789" # adjust to your org / contract no.
vdc: "my-data-center" # adjust to your vdc / ddc
edge_gateway_name: "PRO-0123456789-my-edge-gateway" # adjust to your edge gateway
catalog_name: "KubeOne"
cluster_name: "kubeone"
control_plane: # adjust VM sizing for control plane nodes
memory: 4096
cpus: 2
disk_size_mb: 51200
storage_profile: "Ultra Fast Storage A with Backup" # adjust to a storage profile of your choice, see "VCD UI -> Data Centers -> Storage -> Storage Policies", or set to "*" if you are unsure
vm_count: 3 # use either 1 or 3 control plane VMs, other numbers are not recommended!
workers: # adjust VM sizing for worker nodes
memory: 8192
cpus: 4
disk_size_gb: 250
storage_profile: "Ultra Fast Storage A" # adjust to a storage profile of your choice, see "VCD UI -> Data Centers -> Storage -> Storage Policies", or set to "*" if you are unsure
initial_machinedeployment_replicas: 3
cluster_autoscaler_min_replicas: 3
cluster_autoscaler_max_replicas: 5