-
Notifications
You must be signed in to change notification settings - Fork 11
/
Copy pathdefault.config.yml
311 lines (217 loc) · 11.1 KB
/
default.config.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
---
# ---Kubernetes-specific variables---
# This variable specificies which Kubernetes platform Ascender and its components will be installed on.
k8s_platform: eks # Options include k3s, eks and dkp, with more to come.
# Determines whether to use HTTP or HTTPS for Ascender and Ledger.
# If set to https, you MUST provide certificate/key options for the Installer to use.
k8s_lb_protocol: http #options include http and https
# Routable IP address for the K8s API Server
# (This could be a Load Balancer if using 3 K8s control nodes)
kubeapi_server_ip: "127.0.0.1"
# This value being set to "true" means that some work needs to be done to set up a
# cluster before proceeding. Here is ther behavior for different values of k8s_platforms:
# k3s: A single-node k3s cluster will be set up on the inventory server
# named "ascender_host"
# eks: N/A, as this is handled by the EKS_CLUSTER_STATUS variable
# rke2: N/A, as you must use Labyrinth Labs' Ansible role to set up a fresh kubernetes cluster
kube_install: false
# Offline Install - Whether to use local assets to complete the install
k8s_offline: false
# Specify an INTERNAL container registry and namespace where the k8s cluster can access Ascender images
k8s_container_registry: ""
# Kubernetes secret containing the login credentials required for the INTERNAL registry holding the ASCENDER images
#LEAVE AS NONE if no such secret is required
k8s_image_pull_secret: None
# Kubernetes secret containing the login credentials required for the INTERNAL registry holding the EXECUTION ENVIRONMENT images
#LEAVE AS NONE if no such secret is required
k8s_ee_pull_credentials_secret: None
# Indictates whether or not the kubeconfig file needs to be downloaded to the Ansible controller
download_kubeconfig: false
# ---k3s variables---
# IP address for the K3s Master/Worker node
# Required for local DNS and k3s install
# This IP Address must be close reachable by the server from which this installer is running
k3s_master_node_ip: "127.0.0.1"
# ---eks variables---
# Determines whether to use Route53's Domain Management (which is automated)
# Or a third-party service (e.g., Cloudflare, GoDaddy, etc.)
#If this value is set to false, you will have to manually set a CNAME record for
# {{ASCENDER_HOSTNAME }} and {{ LEDGER_HOSTNAME }} to point to their corresponding
# AWS Loadbalancers
USE_ROUTE_53: yes
# If desired, this indicates an AWS IAM user that can be set up in order to have minimum
# permissions to set up a new eks cluster and install Ascender and its associoated components
EKS_USER: ascenderuser
# The name of the eks cluster to set up
EKS_CLUSTER_NAME: ascender-eks-cluster
# Determines what to do with the eks cluster Ascender wil be installed on:
# provision: Provision a new EKS cluster from scratch
# configure: use the cluster specified by the variable EKS_CLUSTER_NAME, and configure it with
# policies for loa balancer creation and elastic block service access
# no_action: use the cluster specified by the variable EKS_CLUSTER_NAME, but make no changes to it before
# installing Ascender.
EKS_CLUSTER_STATUS: no_action
# The AWS region hosting the eks cluster
EKS_CLUSTER_REGION: us-east-1
# The eks cluster subnet in CIDR notation
# Only required if EKS_CLUSTER_STATUS is set to provision.
EKS_CLUSTER_CIDR: "10.10.0.0/16"
# The kubernetes version for the eks cluster; available kubernetes versions can be found here:
# https://docs.aws.amazon.com/eks/latest/userguide/kubernetes-versions.html
EKS_K8S_VERSION: "1.28"
# The worker node instance types
EKS_INSTANCE_TYPE: t3.large
# The minimum number of worker nodes that the cluster will run
EKS_MIN_WORKER_NODES: 2
# The maximum number of worker nodes that the cluster will run
EKS_MAX_WORKER_NODES: 6
# The desired number of worker nodes for the eks cluster
EKS_NUM_WORKER_NODES: 3
# The size of the Elastic Block Storage volume for each worker node
EKS_WORKER_VOLUME_SIZE: 100
# The ARN for the SSL certificate; required when k8s_lb_protocol is https.
# The same certificate is used for all components (currently Ascender and Ledger);
# as such, we recommend that the certificate is set for a wildcard domain
# (e.g., *.example.com)
EKS_SSL_CERT: arn:aws:acm:<region>:xxxxxxxxxx:certificate/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx
# The Amazon Elastic Block Store Container Storage Interface (CSI) Driver provides
# a CSI interface used by Container Orchestrators to manage the lifecycle of Amazon EBS volumes.
# This variable specifies the version in use by the cluster; all releases can be found here:
# https://github.com/kubernetes-sigs/aws-ebs-csi-driver/releases
EKS_EBS_CSI_DRIVER_VERSION: "v1.24.0"
# ---aks variables---
# The name of the aks cluster to install Ascender on - if it does not already exist, the installer can set it up
AKS_CLUSTER_NAME: ascender-aks-cluster
# Determines whether to use Azure DNS' Domain Management (which is automated)
# Or a third-party service (e.g., Cloudflare, GoDaddy, etc.)
#If this value is set to false, you will have to manually set an A record for
# {{ASCENDER_HOSTNAME }} and {{ LEDGER_HOSTNAME }} to point to their corresponding
# Azure Loadbalancers
USE_AZURE_DNS: true
# Specifies whether the AKS cluster needs to be provisioned (provision), exists but needs to be configured to support Ascender (configure), or exists and needs nothing done before installing Ascender (no_action)
AKS_CLUSTER_STATUS: provision
# The Azure region hosting the aks cluster
AKS_CLUSTER_REGION: southcentralus
# The kubernetes version for the aks cluster; available kubernetes versions can be found here:
# https://learn.microsoft.com/en-us/azure/aks/supported-kubernetes-versions?tabs=azure-cli
AKS_K8S_VERSION: "1.29"
# The aks worker node instance types
AKS_INSTANCE_TYPE: "Standard_D2_v2"
# The desired number of aks worker nodes
AKS_NUM_WORKER_NODES: 3
# The volume size of aks worker nodes in GB
AKS_WORKER_VOLUME_SIZE: 100
# ---dkp variables---
# The name of the dkp cluster you wish to deploy Ascender to and/or create
# See a list of all dkp clusters with the command
# NOTE: This must be done while pointing to the DKP Bootstrap Cluster
DKP_CLUSTER_NAME: dkp-cluster
# ---rke2 variables---
# The URL to the binary file rke2.linux-amd64. If you want to choose a different
# release, you can choose here:
# https://github.com/rancher/rke2/releases
RKE2_BINARY_URL: https://github.com/rancher/rke2/releases/download/v1.25.16%2Brke2r1/rke2.linux-amd64
# ---Local artifact variables---
# TLS Certificate file, required when deploying HTTPS in K3s
tls_crt_path: "~/ascender.crt"
# TLS Private Key file, required when deploying HTTPS in K3s
tls_key_path: "~/ascender.key"
# Set to false if using an external DNS server for resolution
# Set to true if not
use_etc_hosts: true
# A directory in which to place both temporary artifacts
# and timestamped Kubernetes Manifests to make Ascender/Ledger easy
# to uninstall
tmp_dir: "{{ playbook_dir }}/../ascender_install_artifacts"
# ---Ascender install variables---
# DNS resolvable hostname for Ascender service. This is required for install.
ASCENDER_HOSTNAME: ascender.example.com
# The domain name for all components; required when k8s_platorm=="eks"
ASCENDER_DOMAIN: example.com
# k8s namespace for Ascender k8s objects
ASCENDER_NAMESPACE: ascender
# Administrator username for Ascender
ASCENDER_ADMIN_USER: admin
# Administrator password for Ascender
ASCENDER_ADMIN_PASSWORD: "myadminpassword"
# The OCI container image for Ascender
ASCENDER_IMAGE: ghcr.io/ctrliq/ascender
# The image tag indicating the version of Ascender you wish to install
ASCENDER_VERSION: 24.0.1
# The version of the AWX Operator used to install Ascender and its components
ANSIBLE_OPERATOR_VERSION: 2.13.1
# Determines whether to keep the secrets required to encrypt within Ascender (important when backing up)
ascender_garbage_collect_secrets: true
# Setup extra demo playbooks after installation
ascender_setup_playbooks: true
# # External PostgreSQL ip or url resolvable by the cluster
# ASCENDER_PGSQL_HOST: "ascenderpghost.example.com"
# # External PostgreSQL port, this usually defaults to 5432
# ASCENDER_PGSQL_PORT: 5432
# # External PostgreSQL username
# ASCENDER_PGSQL_USER: ascender
# # External PostgreSQL password
# NOTE: Do NOT use the special characters in the postgres password (Django requirement)
# ASCENDER_PGSQL_PWD: mypgadminpassword
# # External PostgreSQL database name used for Ascender (this DB must exist)
# ASCENDER_PGSQL_DB: ascenderdb
### All of these options are unnecessary to change, but will allow you to tweak your Ascender deployment if you choose to change them
ascender_replicas: 1
ascender_image_pull_policy: Always
# ---Ascender React install variables---
# Determines whether or not Ascender React will be installed
REACT_INSTALL: false
# DNS resolvable hostname for Ascender React service. This is required for install.
REACT_HOSTNAME: react.example.com
# k8s namespace for Ascender React k8s objects
REACT_NAMESPACE: react
# Administrator username for Ascender React
REACT_ADMIN_USER: admin
# Administrator password for Ascender React
REACT_ADMIN_PASSWORD: "myadminpassword"
# The version of the EDA Operator used to install Ascender React and its components
REACT_OPERATOR_VERSION: 1.0.2
# The OCI container image for Ascender React
REACT_IMAGE: quay.io/ansible/eda-server
REACT_IMAGE_VERSION: main
# The OCI container image for Ascender React UI
REACT_IMAGE_WEB: quay.io/ansible/eda-ui
REACT_IMAGE_WEB_VERSION: 2.4.1132
# TLS Certificate file, required when deploying HTTPS in K3s
react_tls_crt_path: "~/ascender.crt"
# TLS Private Key file, required when deploying HTTPS in K3s
react_tls_key_path: "~/ascender.key"
# # External PostgreSQL ip or url resolvable by the cluster
# REACT_PGSQL_HOST: "reactpghost.example.com"
# # External PostgreSQL port, this usually defaults to 5432
# REACT_PGSQL_PORT: 5432
# # External PostgreSQL username
# REACT_PGSQL_USER: react
# # External PostgreSQL password
# NOTE: Do NOT use the special characters in the postgres password (Django requirement)
# REACT_PGSQL_PWD: mypgadminpassword
# # External PostgreSQL database name used for Ascender (this DB must exist)
# REACT_PGSQL_DB: reactdb
# ---Ledger install variables---
# Determines whether or not Ledger will be installed
LEDGER_INSTALL: true
# DNS resolvable hostname for Ledger service. This is required for install.
LEDGER_HOSTNAME: ledger.example.com
# The OCI container image for Ledger
LEDGER_WEB_IMAGE: ghcr.io/ctrliq/ascender-ledger/ledger-web
# The number of ledger web pods - this is good to ensure high availability
ledger_web_replicas: 1
# The OCI container image for the Ledger Parser
LEDGER_PARSER_IMAGE: ghcr.io/ctrliq/ascender-ledger/ledger-parser
# The number of ledger parser pods - this is good to ensure high availability
ledger_parser_replicas: 1
# The OCI container image for the Ledger Database
LEDGER_DB_IMAGE: ghcr.io/ctrliq/ascender-ledger/ledger-db
# The image tag indicating the version of Ledger you wish to install
LEDGER_VERSION: latest
# The Kubernetes namespace in which Ledger objects will live
LEDGER_NAMESPACE: ledger
# Admin password for Ledger (the username is admin by default)
LEDGER_ADMIN_PASSWORD: "myadminpassword"
# Password for Ledger database
LEDGER_DB_PASSWORD: "mydbpassword"