2 # ================================================================================
3 # Copyright (c) 2018 Cisco Systems. All rights reserved.
4 # ================================================================================
5 # Licensed under the Apache License, Version 2.0 (the "License");
6 # you may not use this file except in compliance with the License.
7 # You may obtain a copy of the License at
9 # http://www.apache.org/licenses/LICENSE-2.0
11 # Unless required by applicable law or agreed to in writing, software
12 # distributed under the License is distributed on an "AS IS" BASIS,
13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 # See the License for the specific language governing permissions and
15 # limitations under the License.
16 # ============LICENSE_END=========================================================
20 # infrastructure used for pnda deployment
26 INFRASTRUCTURE_TYPE: openstack
28 # The user name to use when logging into the instances
29 # For aws target user-name allowed :
30 # Target AWS Openstack
32 # Distro Redhat: ec2-user cloud-user
33 # CentOS: centos cloud-user
34 OS_USER: {{ .Values.pnda.osUser }}
36 # CIDR specifying the address range for the network containing all PNDA instances
37 networkCidr: {{ .Values.pnda.networkCidr }}
40 # KEYSTONE_USER: Username for the openstack clients to use
41 KEYSTONE_USER: {{ .Values.openstack.keystoneUser }}
43 # KEYSTONE_PASSWORD: Password for the openstack clients to use
44 KEYSTONE_PASSWORD: {{ .Values.openstack.keystonePassword }}
46 # KEYSTONE_TENANT: Name of the tenant / project in the openstack environment. The
47 # PNDA stack will be created in this project.
48 KEYSTONE_TENANT: {{ .Values.openstack.keystoneTenant }}
50 # KEYSTONE_AUTH_URL: Keystone authentication URL. The Openstack console provides this
51 # under the Access & Security section.
52 KEYSTONE_AUTH_URL: {{ .Values.openstack.keystoneAuthUrl }}
54 # KEYSTONE_AUTH_VERSION: Keystone authentication version. The Openstack console provides this
55 # under the Access & Security section.
56 KEYSTONE_AUTH_VERSION: '2'
58 # KEYSTONE_REGION_NAME: Keystone region. The Openstack console provides this
59 # under the Access & Security section.
60 KEYSTONE_REGION_NAME: {{ .Values.openstack.keystoneRegion }}
62 # imageId: Base image to use for the created instances. It should be created by
63 # following the guide in https://github.com/pndaproject/pnda-dib-elements
65 imageId: {{ .Values.openstack.imageId }}
67 # CIDR specifying the address range that may access the created PNDA instances
68 whitelistSshAccess: {{ .Values.openstack.whitelistSshAccess }}
70 # UUID of the public network in openstack to use
71 externalPublicNetworkId: {{ .Values.openstack.publicNetworkId }}
73 useExistingNetwork: {{ .Values.openstack.useExistingNetwork }}
75 existingNetworkId: {{ .Values.openstack.existingNetworkId }}
77 existingSubnetId: {{ .Values.openstack.existingSubnetId }}
79 # CIDR specifying the address range for the public subnet (bastion access)
80 publicSubnetCidr: {{ .Values.openstack.publicSubnetCidr }}
83 # Use either PLATFORM_GIT_REPO_URI + PLATFORM_GIT_BRANCH or PLATFORM_SALT_LOCAL
84 PLATFORM_SALT_LOCAL: /platform-salt
86 pnda_application_repo:
87 # Type of storage to use for PNDA application packages
88 # s3 - AWS S3. Also set PNDA_APPS_CONTAINER, PNDA_APPS_FOLDER, PNDA_APPS_REGION, PNDA_APPS_ACCESS_KEY_ID, PNDA_APPS_SECRET_ACCESS_KEY
89 # sshfs - standard file system. Also set PR_FS_LOCATION_PATH, PR_SSHFS_USER, PR_SSHFS_HOST, PR_SSHFS_PATH and PR_SSHFS_KEY
90 # local - local filesystem on the package repository service server. Also set PR_FS_LOCATION_PATH.
91 # swift - Openstack swift. Also set PNDA_APPS_CONTAINER and PNDA_APPS_FOLDER
92 PR_FS_TYPE: {{ .Values.pnda.apps.fsType }}
94 # S3 container to use for PNDA application packages
95 PNDA_APPS_CONTAINER: {{ .Values.pnda.apps.s3container }}
97 # Name of folder within PNDA_APPS_CONTAINER that contains the PNDA application packages
98 PNDA_APPS_FOLDER: {{ .Values.pnda.apps.s3folder }}
100 # AWS region that contains the PNDA_APPS_CONTAINER bucket
101 PNDA_APPS_REGION: {{ .Values.pnda.apps.s3region }}
103 # API key for s3 access to PNDA_APPS_CONTAINER. These keys are stored on the cloud instances so should be restricted
104 # only allow access to the PNDA_APPS_CONTAINER bucket
105 PNDA_APPS_ACCESS_KEY_ID: {{ .Values.pnda.apps.s3keyid }}
106 PNDA_APPS_SECRET_ACCESS_KEY: {{ .Values.pnda.apps.s3secret }}
108 # Path on file system if PR_FS_TYPE is 'local' or 'sshfs'
109 PR_FS_LOCATION_PATH: {{ .Values.pnda.apps.fsLocation | print "/opt/pnda/packages" }}
111 # SSH accessed file system to use for PNDA application packages
112 PR_SSHFS_USER: centos
113 PR_SSHFS_HOST: 127.0.0.1
114 PR_SSHFS_PATH: /mnt/packages
115 PR_SSHFS_KEY: key.pem
118 # S3 container to use for archiving PNDA datasets
119 PNDA_ARCHIVE_CONTAINER: pnda-archive
121 # AWS region that contains the PNDA_ARCHIVE_CONTAINER bucket
122 PNDA_ARCHIVE_REGION: eu-west-1
124 # API key for s3 access to PNDA_ARCHIVE_CONTAINER. These keys are stored on the cloud instances so should be restricted
125 # only allow access to the PNDA_ARCHIVE_CONTAINER bucket
126 PNDA_ARCHIVE_ACCESS_KEY_ID: xxxx
127 PNDA_ARCHIVE_SECRET_ACCESS_KEY: xxxx
130 # Optional ntp servers. Use this if the standard NTP servers on the Internet cannot be reached
131 # and a local NTP server has been configured. PNDA will not work without NTP.
132 # example format: 'xxx.ntp.org'
133 #For REJECT_OUTBOUND="YES" then NTP server/s must.
135 - {{ .Values.pnda.ntp }}
138 # External DNS servers list
140 - {{ .Values.pnda.nameserver }}
143 # Mirror of resources required for provisioning PNDA, see PNDA guide for instructions on how to set this up
147 # Hadoop distribution to install
152 # Spark version to enable for oozie (HDP only)
156 OOZIE_SPARK_VERSION: 1
159 # The IP address of the client that created PNDA
160 CLIENT_IP: {{ .Values.pnda.outboundCidr }}
161 # Add online repositories for yum, apt-get, pip, etc alongside PNDA mirror
162 ADD_ONLINE_REPOS: "YES"
163 # RPM Extras repository to enable when ADD_ONLINE_REPOS=YES
164 RPM_EXTRAS_REPO_NAME: rhui-REGION-rhel-server-optional
165 # RPM Optional repository to enable when ADD_ONLINE_REPOS=YES
166 RPM_OPTIONAL_REPO_NAME: rhui-REGION-rhel-server-extras
169 PNDA_INTERNAL_NETWORK: eth0
170 PNDA_INGEST_NETWORK: eth0
173 # Maximum number of outbound connections that the CLI will attempt to open at once
174 # Consider increasing this when creating clusters with more than 100 nodes to speed
175 # up PNDA creation time.
176 MAX_SIMULTANEOUS_OUTBOUND_CONNECTIONS: 100
179 # The path were to find the security material (certificate/key).
180 # The directory should be structured as defined in this' repo's directory structure with the same name.
181 # The security material should conform to the guidelines defined in the README.md file in
182 # the containing sub directory.
183 SECURITY_MATERIAL_PATH: ./platform-certificates/
185 # Address of LDAP server
186 # All instances will have PAM configured to authenticate with this LDAP server if set
187 # Leave blank to disable LDAP-PAM integration
190 # Base DN for LDAP server to use when enabling client PAM integration with LDAP
191 LDAP_BASE_DN: dc=nodomain
194 # Include experimental features.
195 # Set to "NO", omit setting or omit features section entirely to turn off experimental features
196 EXPERIMENTAL_FEATURES: "NO"
200 TOP_LEVEL_DOMAIN: pnda.local
202 # Second-level domain
203 SECOND_LEVEL_DOMAIN: dc1
206 # Enable/Disable compaction on datasets.
210 # If compaction is enabled, PATTERN sets the frequency of compaction.
211 # H - hourly compaction.
212 # d - daily compaction.
213 # M - monthly compaction.
214 # Y - yearly compaction.
218 # DATANODE_VOLUME_COUNT sets the number of data volumes on each hadoop datanode
220 # DEVICE_ROOT sets the disk device root name
224 # DATA_DIRS sets the data dirs on kafka node
227 # DEVICE_ROOT sets the disk device root name
228 KAFKA_DEVICE_ROOT: xvdb
231 #GENERIC_DEVICE_ROOT sets the disk device root name for generic instances.
232 GENERIC_DEVICE_ROOT: xvdb