blob: e6e09c4b5a5bb410b176e4d29021f1aec90f46ea [file] [log] [blame]
Rico Lind020bc22023-11-01 01:57:03 +08001# Licensed under the Apache License, Version 2.0 (the "License");
2# you may not use this file except in compliance with the License.
3# You may obtain a copy of the License at
4#
5# http://www.apache.org/licenses/LICENSE-2.0
6#
7# Unless required by applicable law or agreed to in writing, software
8# distributed under the License is distributed on an "AS IS" BASIS,
9# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
10# See the License for the specific language governing permissions and
11# limitations under the License.
12
13# Default values for staffeln.
14# This is a YAML-formatted file.
15# Declare name/value pairs to be passed into your templates.
16# name: value
17
18---
19labels:
20 api:
21 node_selector_key: openstack-control-plane
22 node_selector_value: enabled
23 conductor:
24 node_selector_key: openstack-control-plane
25 node_selector_value: enabled
26 job:
27 node_selector_key: openstack-control-plane
28 node_selector_value: enabled
29 test:
30 node_selector_key: openstack-control-plane
31 node_selector_value: enabled
32
33release_group: null
34
35# NOTE(philsphicas): the pre-install hook breaks upgrade for helm2
36# Set to false to upgrade using helm2
37helm3_hook: true
38
39images:
40 tags:
41 bootstrap: docker.io/openstackhelm/heat:wallaby-ubuntu_focal
42 dep_check: quay.io/airshipit/kubernetes-entrypoint:v1.0.0
43 db_init: docker.io/openstackhelm/heat:wallaby-ubuntu_focal
44 db_drop: docker.io/openstackhelm/heat:wallaby-ubuntu_focal
45 staffeln_db_sync: ghcr.io/vexxhost/staffeln:v2.2.3
46 staffeln_api: ghcr.io/vexxhost/staffeln:v2.2.3
47 staffeln_conductor: ghcr.io/vexxhost/staffeln:v2.2.3
48 image_repo_sync: docker.io/docker:17.07.0
49 pull_policy: "IfNotPresent"
50 local_registry:
51 active: false
52 exclude:
53 - dep_check
54 - image_repo_sync
55
56pod:
Dong Ma9f49d7a2025-02-12 04:24:30 +000057 priorityClassName:
58 staffeln_api: null
59 staffeln_conductor: null
Dong Ma36b89222025-02-13 16:15:52 +000060 staffeln_tests: null
61 bootstrap: null
Dong Ma9f49d7a2025-02-12 04:24:30 +000062 db_sync: null
63 runtimeClassName:
64 staffeln_api: null
65 staffeln_conductor: null
Dong Ma36b89222025-02-13 16:15:52 +000066 staffeln_tests: null
67 bootstrap: null
Dong Ma9f49d7a2025-02-12 04:24:30 +000068 db_sync: null
Rico Lind020bc22023-11-01 01:57:03 +080069 security_context:
70 staffeln:
71 pod:
72 runAsUser: 42424
73 container:
74 staffeln_api:
75 allowPrivilegeEscalation: false
76 readOnlyRootFilesystem: true
77 staffeln_conductor:
78 allowPrivilegeEscalation: false
79 readOnlyRootFilesystem: true
80 test:
81 pod:
82 runAsUser: 42424
83 container:
84 staffeln_test:
85 allowPrivilegeEscalation: false
86 readOnlyRootFilesystem: true
87 affinity:
88 anti:
89 type:
90 default: preferredDuringSchedulingIgnoredDuringExecution
91 topologyKey:
92 default: kubernetes.io/hostname
93 weight:
94 default: 10
95 tolerations:
96 staffeln:
97 enabled: false
98 tolerations:
99 - key: node-role.kubernetes.io/master
100 operator: Exists
101 effect: NoSchedule
102 mounts:
103 staffeln_api:
104 init_container: null
105 staffeln_api:
106 volumeMounts:
107 volumes:
108 staffeln_conductor:
109 init_container: null
110 staffeln_conductor:
111 volumeMounts:
112 volumes:
113 staffeln_bootstrap:
114 init_container: null
115 staffeln_bootstrap:
116 volumeMounts:
117 volumes:
118 staffeln_tests:
119 init_container: null
120 staffeln_tests:
121 volumeMounts:
122 volumes:
123 staffeln_db_sync:
124 staffeln_db_sync:
125 volumeMounts:
126 volumes:
127 replicas:
128 api: 1
129 conductor: 1
130 lifecycle:
131 upgrades:
132 deployments:
133 revision_history: 3
134 pod_replacement_strategy: RollingUpdate
135 rolling_update:
136 max_unavailable: 1
137 max_surge: 3
138 disruption_budget:
139 api:
140 min_available: 0
141 conductor:
142 min_available: 0
143 resources:
144 enabled: false
145 api:
146 requests:
147 memory: "128Mi"
148 cpu: "100m"
149 limits:
150 memory: "1024Mi"
151 cpu: "2000m"
152 conductor:
153 requests:
154 memory: "128Mi"
155 cpu: "100m"
156 limits:
157 memory: "1024Mi"
158 cpu: "2000m"
159 jobs:
160 bootstrap:
161 requests:
162 memory: "128Mi"
163 cpu: "100m"
164 limits:
165 memory: "1024Mi"
166 cpu: "2000m"
167 db_init:
168 requests:
169 memory: "128Mi"
170 cpu: "100m"
171 limits:
172 memory: "1024Mi"
173 cpu: "2000m"
174 db_sync:
175 requests:
176 memory: "128Mi"
177 cpu: "100m"
178 limits:
179 memory: "1024Mi"
180 cpu: "2000m"
181 db_drop:
182 requests:
183 memory: "128Mi"
184 cpu: "100m"
185 limits:
186 memory: "1024Mi"
187 cpu: "2000m"
188 tests:
189 requests:
190 memory: "128Mi"
191 cpu: "100m"
192 limits:
193 memory: "1024Mi"
194 cpu: "2000m"
195 image_repo_sync:
196 requests:
197 memory: "128Mi"
198 cpu: "100m"
199 limits:
200 memory: "1024Mi"
201 cpu: "2000m"
202
203network:
204 api:
205 ingress:
206 public: false
207 classes:
208 namespace: "nginx"
209 cluster: "nginx-cluster"
210 annotations:
211 nginx.ingress.kubernetes.io/rewrite-target: /
212 external_policy_local: false
213 node_port:
214 enabled: false
215 port: 8808
216
217network_policy:
218 staffeln:
219 ingress:
220 - {}
221 egress:
222 - {}
223
224bootstrap:
225 enabled: true
226 script: null
227
228dependencies:
229 dynamic:
230 common:
231 local_image_registry:
232 jobs:
233 - staffeln-image-repo-sync
234 services:
235 - endpoint: node
236 service: local_image_registry
237 static:
238 api:
239 jobs:
240 - staffeln-db-sync
241 services:
242 - endpoint: internal
243 service: oslo_db
244 - endpoint: internal
245 service: identity
246 conductor:
247 jobs:
248 - staffeln-db-sync
249 services:
250 - endpoint: internal
251 service: oslo_db
252 - endpoint: internal
253 service: identity
254 - endpoint: internal
255 service: oslo_messaging
256 db_drop:
257 services:
258 - endpoint: internal
259 service: oslo_db
260 db_init:
261 services:
262 - endpoint: internal
263 service: oslo_db
264 db_sync:
265 jobs:
266 - staffeln-db-init
267 services:
268 - endpoint: internal
269 service: oslo_db
270 image_repo_sync:
271 services:
272 - endpoint: internal
273 service: local_image_registry
274
275conf:
276 clouds:
277 clouds:
278 envvars:
279 auth: {}
280 staffeln:
281 conductor:
282 backup_metadata_key: __staffeln_backup
283 retention_metadata_key: __staffeln_retention
Michiel Piscaer31656d22023-11-16 09:02:13 +0100284 backup_min_interval: 86400
285 backup_service_period: 3600
286 retention_service_period: 3600
287 backup_cycle_timout: 6h
288 retention_time: 2w
Rico Lind020bc22023-11-01 01:57:03 +0800289 database:
290 max_retries: -1
Rico Lin96b42382024-02-24 02:57:32 +0800291 db_max_retries: 60
292 pool_timeout: 600
293 use_db_reconnect: true
Rico Lind020bc22023-11-01 01:57:03 +0800294 coordination:
295 backend_url: ""
296 logging:
297 loggers:
298 keys:
299 - root
300 - staffeln
301 handlers:
302 keys:
303 - stdout
304 - stderr
305 - "null"
306 formatters:
307 keys:
308 - context
309 - default
310 logger_root:
311 level: WARNING
312 handlers: 'null'
313 logger_staffeln:
314 level: INFO
315 handlers:
316 - stdout
317 qualname: staffeln
318 logger_amqp:
319 level: WARNING
320 handlers: stderr
321 qualname: amqp
322 logger_amqplib:
323 level: WARNING
324 handlers: stderr
325 qualname: amqplib
326 logger_eventletwsgi:
327 level: WARNING
328 handlers: stderr
329 qualname: eventlet.wsgi.server
330 logger_sqlalchemy:
331 level: WARNING
332 handlers: stderr
333 qualname: sqlalchemy
334 logger_boto:
335 level: WARNING
336 handlers: stderr
337 qualname: boto
338 handler_null:
339 class: logging.NullHandler
340 formatter: default
341 args: ()
342 handler_stdout:
343 class: StreamHandler
344 args: (sys.stdout,)
345 formatter: context
346 handler_stderr:
347 class: StreamHandler
348 args: (sys.stderr,)
349 formatter: context
350 formatter_context:
351 class: oslo_log.formatters.ContextFormatter
352 datefmt: "%Y-%m-%d %H:%M:%S"
353 formatter_default:
354 format: "%(message)s"
355 datefmt: "%Y-%m-%d %H:%M:%S"
356# Names of secrets used by bootstrap and environmental checks
357secrets:
358 identity:
359 admin: staffeln-keystone-admin
360 oslo_db:
361 admin: staffeln-db-admin
362 staffeln: staffeln-db-user
363 oci_image_registry:
364 staffeln: staffeln-oci-image-registry
365
366endpoints:
367 cluster_domain_suffix: cluster.local
368 local_image_registry:
369 name: docker-registry
370 namespace: docker-registry
371 hosts:
372 default: localhost
373 internal: docker-registry
374 node: localhost
375 host_fqdn_override:
376 default: null
377 port:
378 registry:
379 node: 5000
380 oci_image_registry:
381 name: oci-image-registry
382 namespace: oci-image-registry
383 auth:
384 enabled: false
385 staffeln:
386 username: staffeln
387 password: password
388 hosts:
389 default: localhost
390 host_fqdn_override:
391 default: null
392 port:
393 registry:
394 default: null
395 identity:
396 name: keystone
397 auth:
398 admin:
399 region_name: RegionOne
400 username: admin
401 password: password
402 project_name: admin
403 user_domain_name: default
404 project_domain_name: default
405 hosts:
406 default: keystone
407 internal: keystone-api
408 host_fqdn_override:
409 default: null
410 path:
411 default: /v3
412 scheme:
413 default: http
414 port:
415 api:
416 default: 80
417 internal: 5000
418 staffeln:
419 name: staffeln
420 hosts:
421 default: staffeln-api
422 public: staffeln
423 host_fqdn_override:
424 default: null
425 path:
426 default: '/v1'
427 scheme:
428 default: http
429 service: http
430 port:
431 api:
432 default: 8808
433 public: 80
434 service: 8808
435 oslo_db:
436 auth:
437 admin:
438 username: root
439 password: password
440 secret:
441 tls:
442 internal: mariadb-tls-direct
443 staffeln:
444 username: staffeln
445 password: password
446 hosts:
447 default: mariadb
448 host_fqdn_override:
449 default: null
450 path: /staffeln
451 scheme: mysql+pymysql
452 port:
453 mysql:
454 default: 3306
455 oslo_cache:
456 auth:
457 # NOTE(portdirect): this is used to define the value for keystone
458 # authtoken cache encryption key, if not set it will be populated
459 # automatically with a random value, but to take advantage of
460 # this feature all services should be set to use the same key,
461 # and memcache service.
462 memcache_secret_key: null
463 hosts:
464 default: memcached
465 host_fqdn_override:
466 default: null
467 port:
468 memcache:
469 default: 11211
470 fluentd:
471 namespace: null
472 name: fluentd
473 hosts:
474 default: fluentd-logging
475 host_fqdn_override:
476 default: null
477 path:
478 default: null
479 scheme: 'http'
480 port:
481 service:
482 default: 24224
483 metrics:
484 default: 24220
485 # NOTE(tp6510): these endpoints allow for things like DNS lookups and ingress
486 # They are using to enable the Egress K8s network policy.
487 kube_dns:
488 namespace: kube-system
489 name: kubernetes-dns
490 hosts:
491 default: kube-dns
492 host_fqdn_override:
493 default: null
494 path:
495 default: null
496 scheme: http
497 port:
498 dns:
499 default: 53
500 protocol: UDP
501 ingress:
502 namespace: null
503 name: ingress
504 hosts:
505 default: ingress
506 port:
507 ingress:
508 default: 80
509
510tls:
511 identity: false
512 oslo_db: false
513
514manifests:
515 certificates: false
516 configmap_bin: true
517 configmap_etc: true
518 deployment_api: true
519 deployment_conductor: true
520 job_bootstrap: true
521 job_db_init: true
522 job_db_sync: true
523 job_db_drop: false
524 job_image_repo_sync: true
525 pdb_api: true
526 secret_db: true
527 network_policy: false
528 secret_registry: true
529 service_ingress_api: true
530 service_api: true
531...