1 # ================================================================================
2 # Copyright (c) 2018 Cisco Systems. All rights reserved.
3 # ================================================================================
4 # Licensed under the Apache License, Version 2.0 (the "License");
5 # you may not use this file except in compliance with the License.
6 # You may obtain a copy of the License at
8 # http://www.apache.org/licenses/LICENSE-2.0
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS,
12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 # See the License for the specific language governing permissions and
14 # limitations under the License.
15 # ============LICENSE_END=========================================================
18 # infrastructure used for pnda deployment
24 INFRASTRUCTURE_TYPE: openstack
26 # The user name to use when logging into the instances
27 # For aws target user-name allowed :
28 # Target AWS Openstack
30 # Distro Redhat: ec2-user cloud-user
31 # CentOS: centos cloud-user
32 OS_USER: {{ .Values.pnda.osUser }}
34 # CIDR specifying the address range for the network containing all PNDA instances
35 networkCidr: {{ .Values.pnda.networkCidr }}
38 # KEYSTONE_USER: Username for the openstack clients to use
39 KEYSTONE_USER: {{ .Values.openstack.keystoneUser }}
41 # KEYSTONE_PASSWORD: Password for the openstack clients to use
42 KEYSTONE_PASSWORD: {{ .Values.openstack.keystonePassword }}
44 # KEYSTONE_TENANT: Name of the tenant / project in the openstack environment. The
45 # PNDA stack will be created in this project.
46 KEYSTONE_TENANT: {{ .Values.openstack.keystoneTenant }}
48 # KEYSTONE_AUTH_URL: Keystone authentication URL. The Openstack console provides this
49 # under the Access & Security section.
50 KEYSTONE_AUTH_URL: {{ .Values.openstack.keystoneAuthUrl }}
52 # KEYSTONE_AUTH_VERSION: Keystone authentication version. The Openstack console provides this
53 # under the Access & Security section.
54 KEYSTONE_AUTH_VERSION: '2'
56 # KEYSTONE_REGION_NAME: Keystone region. The Openstack console provides this
57 # under the Access & Security section.
58 KEYSTONE_REGION_NAME: {{ .Values.openstack.keystoneRegion }}
60 # imageId: Base image to use for the created instances. It should be created by
61 # following the guide in https://github.com/pndaproject/pnda-dib-elements
63 imageId: {{ .Values.openstack.imageId }}
65 # CIDR specifying the address range that may access the created PNDA instances
66 whitelistSshAccess: {{ .Values.openstack.whitelistSshAccess }}
68 # UUID of the public network in openstack to use
69 externalPublicNetworkId: {{ .Values.openstack.publicNetworkId }}
71 useExistingNetwork: {{ .Values.openstack.useExistingNetwork }}
73 existingNetworkId: {{ .Values.openstack.existingNetworkId }}
75 existingSubnetId: {{ .Values.openstack.existingSubnetId }}
77 # CIDR specifying the address range for the public subnet (bastion access)
78 publicSubnetCidr: {{ .Values.openstack.publicSubnetCidr }}
81 # Use either PLATFORM_GIT_REPO_URI + PLATFORM_GIT_BRANCH or PLATFORM_SALT_LOCAL
82 PLATFORM_SALT_LOCAL: /platform-salt
84 pnda_application_repo:
85 # Type of storage to use for PNDA application packages
86 # s3 - AWS S3. Also set PNDA_APPS_CONTAINER, PNDA_APPS_FOLDER, PNDA_APPS_REGION, PNDA_APPS_ACCESS_KEY_ID, PNDA_APPS_SECRET_ACCESS_KEY
87 # sshfs - standard file system. Also set PR_FS_LOCATION_PATH, PR_SSHFS_USER, PR_SSHFS_HOST, PR_SSHFS_PATH and PR_SSHFS_KEY
88 # local - local filesystem on the package repository service server. Also set PR_FS_LOCATION_PATH.
89 # swift - Openstack swift. Also set PNDA_APPS_CONTAINER and PNDA_APPS_FOLDER
90 PR_FS_TYPE: {{ .Values.pnda.apps.fsType }}
92 # S3 container to use for PNDA application packages
93 PNDA_APPS_CONTAINER: {{ .Values.pnda.apps.s3container }}
95 # Name of folder within PNDA_APPS_CONTAINER that contains the PNDA application packages
96 PNDA_APPS_FOLDER: {{ .Values.pnda.apps.s3folder }}
98 # AWS region that contains the PNDA_APPS_CONTAINER bucket
99 PNDA_APPS_REGION: {{ .Values.pnda.apps.s3region }}
101 # API key for s3 access to PNDA_APPS_CONTAINER. These keys are stored on the cloud instances so should be restricted
102 # only allow access to the PNDA_APPS_CONTAINER bucket
103 PNDA_APPS_ACCESS_KEY_ID: {{ .Values.pnda.apps.s3keyid }}
104 PNDA_APPS_SECRET_ACCESS_KEY: {{ .Values.pnda.apps.s3secret }}
106 # Path on file system if PR_FS_TYPE is 'local' or 'sshfs'
107 PR_FS_LOCATION_PATH: {{ .Values.pnda.apps.fsLocation | print "/opt/pnda/packages" }}
109 # SSH accessed file system to use for PNDA application packages
110 PR_SSHFS_USER: centos
111 PR_SSHFS_HOST: 127.0.0.1
112 PR_SSHFS_PATH: /mnt/packages
113 PR_SSHFS_KEY: key.pem
116 # S3 container to use for archiving PNDA datasets
117 PNDA_ARCHIVE_CONTAINER: pnda-archive
119 # AWS region that contains the PNDA_ARCHIVE_CONTAINER bucket
120 PNDA_ARCHIVE_REGION: eu-west-1
122 # API key for s3 access to PNDA_ARCHIVE_CONTAINER. These keys are stored on the cloud instances so should be restricted
123 # only allow access to the PNDA_ARCHIVE_CONTAINER bucket
124 PNDA_ARCHIVE_ACCESS_KEY_ID: xxxx
125 PNDA_ARCHIVE_SECRET_ACCESS_KEY: xxxx
128 # Optional ntp servers. Use this if the standard NTP servers on the Internet cannot be reached
129 # and a local NTP server has been configured. PNDA will not work without NTP.
130 # example format: 'xxx.ntp.org'
131 #For REJECT_OUTBOUND="YES" then NTP server/s must.
133 - {{ .Values.pnda.ntp }}
136 # External DNS servers list
138 - {{ .Values.pnda.nameserver }}
141 # Mirror of resources required for provisioning PNDA, see PNDA guide for instructions on how to set this up
145 # Hadoop distribution to install
150 # Spark version to enable for oozie (HDP only)
154 OOZIE_SPARK_VERSION: 1
157 # The IP address of the client that created PNDA
158 CLIENT_IP: {{ .Values.pnda.outboundCidr }}
159 # Add online repositories for yum, apt-get, pip, etc alongside PNDA mirror
160 ADD_ONLINE_REPOS: "YES"
161 # RPM Extras repository to enable when ADD_ONLINE_REPOS=YES
162 RPM_EXTRAS_REPO_NAME: rhui-REGION-rhel-server-optional
163 # RPM Optional repository to enable when ADD_ONLINE_REPOS=YES
164 RPM_OPTIONAL_REPO_NAME: rhui-REGION-rhel-server-extras
167 PNDA_INTERNAL_NETWORK: eth0
168 PNDA_INGEST_NETWORK: eth0
171 # Maximum number of outbound connections that the CLI will attempt to open at once
172 # Consider increasing this when creating clusters with more than 100 nodes to speed
173 # up PNDA creation time.
174 MAX_SIMULTANEOUS_OUTBOUND_CONNECTIONS: 100
177 # The path were to find the security material (certificate/key).
178 # The directory should be structured as defined in this' repo's directory structure with the same name.
179 # The security material should conform to the guidelines defined in the README.md file in
180 # the containing sub directory.
181 SECURITY_MATERIAL_PATH: ./platform-certificates/
183 # Address of LDAP server
184 # All instances will have PAM configured to authenticate with this LDAP server if set
185 # Leave blank to disable LDAP-PAM integration
188 # Base DN for LDAP server to use when enabling client PAM integration with LDAP
189 LDAP_BASE_DN: dc=nodomain
192 # Include experimental features.
193 # Set to "NO", omit setting or omit features section entirely to turn off experimental features
194 EXPERIMENTAL_FEATURES: "NO"
198 TOP_LEVEL_DOMAIN: pnda.local
200 # Second-level domain
201 SECOND_LEVEL_DOMAIN: dc1
204 # Enable/Disable compaction on datasets.
208 # If compaction is enabled, PATTERN sets the frequency of compaction.
209 # H - hourly compaction.
210 # d - daily compaction.
211 # M - monthly compaction.
212 # Y - yearly compaction.
216 # DATANODE_VOLUME_COUNT sets the number of data volumes on each hadoop datanode
218 # DEVICE_ROOT sets the disk device root name
222 # DATA_DIRS sets the data dirs on kafka node
225 # DEVICE_ROOT sets the disk device root name
226 KAFKA_DEVICE_ROOT: xvdb
229 #GENERIC_DEVICE_ROOT sets the disk device root name for generic instances.
230 GENERIC_DEVICE_ROOT: xvdb