-
Notifications
You must be signed in to change notification settings - Fork 5
/
config.yaml
143 lines (133 loc) · 3.32 KB
/
config.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
stacks:
- name: sber
provider: sbercloud
accessKey: <%= env.SBER_ACCESS_KEY %>
secretKey: <%= env.SBER_SECRET_KEY %>
projectId: <%= env.SBER_PROJECT_ID %>
## backend
backendConfiguration:
bucket: <%= env.SBER_STATE_BUCKET_NAME %>
accessKey: <%= env.SBER_ACCESS_KEY %>
secretKey: <%= env.SBER_SECRET_KEY %>
## iam users
iamUsers:
- name: my-registry-user
createAccessKey: true
roles:
- "SWR Administrator"
- name: my-s3-user
createAccessKey: true
roles:
- "OBS Operator"
## registries
registries:
- name: my-first-registry
users:
- name: my-registry-user
images:
- name: my-private-image
- name: my-public-image
isPublic: true
## buckets
buckets:
- name: my-uploads-bucket
- name: my-website-bucket
acl: public-read
website:
enabled: true
cors:
enabled: true
## keypairs
keyPairs:
- name: my-key-pair
publicKey: <%= env.MY_PUBLIC_KEY %>
## elasticIp
staticIpConfig:
staticIps:
- name: nat-ip
bandwidthName: nat-ip-band
shareType: PER
- name: k8s-ip
bandwidthName: k8s-ip-band
shareType: PER
- name: pg-ip
bandwidthName: pg-ip-band
shareType: PER
## vpcs
vpcs:
- name: my-vpc
cidr: 10.10.0.0/16
labels:
type: vpc
nat:
enabled: true
elasticIp: nat-ip
publicSubnet:
name: my-public-subnet
cidr: 10.10.1.0/24
gatewayIp: 10.10.1.1
labels:
type: subnet
role: public
internalSubnet:
name: my-internal-subnet
cidr: 10.10.2.0/24
gatewayIp: 10.10.2.1
labels:
type: subnet
role: internal
## secgroups
secGroups:
- name: my-sec-group
rules:
- direction: ingress
remoteCidr: <%= env.MY_WHITE_IP %>
ports: 5432
## postgres
pgClusters:
- name: my-pg-cluster
network: my-vpc
subnet: my-internal-subnet
secGroup: my-sec-group
elasticIp: pg-ip
databases:
- dbName: production
userName: production
extensions:
- postgis
## k8s
k8sClusters:
- name: my-cluster
network: my-vpc
subnet: my-internal-subnet
elasticIp: k8s-ip
labels:
type: kube-cluster
addons:
ingress:
enabled: true
network: my-vpc
subnet: my-internal-subnet
certManager:
enabled: true
dashboard:
enabled: true
createAdmin: true
nodeGroups:
- name: my-first-group
authConfig:
method: keyPair
keyPair: my-key-pair
scalePolicy:
autoScaleMode: false
initialSize: 2
nodeLabels:
role: infra
- name: my-second-group
authConfig:
method: keyPair
keyPair: my-key-pair
scalePolicy:
autoScaleMode: true
nodeLabels:
role: workers