kubemaster.yaml 37.5 KB
Newer Older
Spyridon Trigazis's avatar
Spyridon Trigazis committed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
heat_template_version: queens

description: >
  This is a nested stack that defines a single Kubernetes master, This stack is
  included by an ResourceGroup resource in the parent template
  (kubecluster.yaml).

parameters:

  name:
    type: string
    description: server name

  server_image:
    type: string
    description: glance image used to boot the server

  master_flavor:
    type: string
    description: flavor to use when booting the server

22
23
24
25
26
27
28
29
  nodegroup_role:
    type: string
    description: the role of the nodegroup

  nodegroup_name:
    type: string
    description: the name of the nodegroup where the node belongs

30
31
32
33
  heapster_enabled:
    type: boolean
    description: enable/disable the use of heapster

Diogo Guerra's avatar
Diogo Guerra committed
34
35
36
37
38
39
40
41
  metrics_server_enabled:
    type: boolean
    description: enable/disable the use of metrics-server

  metrics_server_chart_tag:
    type: string
    description: tag of the stable/metrics-server chart to install

Spyridon Trigazis's avatar
Spyridon Trigazis committed
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
  ssh_key_name:
    type: string
    description: name of ssh key to be provisioned on our server

  ssh_public_key:
    type: string
    description: The public ssh key to add in all nodes

  external_network:
    type: string
    description: uuid of a network to use for floating ip addresses

  portal_network_cidr:
    type: string
    description: >
      address range used by kubernetes for service portals

  kube_allow_priv:
    type: string
    description: >
      whether or not kubernetes should permit privileged containers.
    constraints:
      - allowed_values: ["true", "false"]

  boot_volume_size:
    type: number
    description: >
      size of the cinder boot volume for nodes root volume
    default: 0

  boot_volume_type:
    type: string
    description: >
      type of the cinder boot volume for nodes root volume

  etcd_volume_size:
    type: number
    description: >
      size of a cinder volume to allocate for etcd storage

  etcd_volume_type:
    type: string
    description: >
      type of a cinder volume to allocate for etcd storage

  docker_volume_size:
    type: number
    description: >
      size of a cinder volume to allocate to docker for container/image
      storage

  docker_volume_type:
    type: string
    description: >
      type of a cinder volume to allocate to docker for container/image
      storage

  docker_storage_driver:
    type: string
    description: docker storage driver name
    default: "devicemapper"

  cgroup_driver:
    type: string
    description: >
      cgroup driver name that kubelet should use, ideally the same as
      the docker cgroup driver.
    default: "cgroupfs"

  volume_driver:
    type: string
    description: volume driver to use for container storage

  region_name:
    type: string
    description: A logically separate section of the cluster

  flannel_network_cidr:
    type: string
    description: network range for flannel overlay network

  flannel_network_subnetlen:
    type: number
    description: size of subnet assigned to each master

  flannel_backend:
    type: string
    description: >
      specify the backend for flannel, default udp backend
    constraints:
      - allowed_values: ["udp", "vxlan", "host-gw"]

  system_pods_initial_delay:
    type: number
    description: >
      health check, time to wait for system pods (podmaster, scheduler) to boot
      (in seconds)
    default: 30

  system_pods_timeout:
    type: number
    description: >
      health check, timeout for system pods (podmaster, scheduler) to answer.
      (in seconds)
    default: 5

  admission_control_list:
    type: string
    description: >
      List of admission control plugins to activate

  discovery_url:
    type: string
    description: >
      Discovery URL used for bootstrapping the etcd cluster.

  tls_disabled:
    type: boolean
    description: whether or not to enable TLS

  traefik_ingress_controller_tag:
    type: string
    description: tag of the traefik containers to be used.

  kube_dashboard_enabled:
    type: boolean
    description: whether or not to disable kubernetes dashboard

  influx_grafana_dashboard_enabled:
    type: boolean
    description: Enable influxdb with grafana dashboard for data from heapster

  verify_ca:
    type: boolean
    description: whether or not to validate certificate authority

  kubernetes_port:
    type: number
    description: >
      The port which are used by kube-apiserver to provide Kubernetes
      service.

  cluster_uuid:
    type: string
    description: identifier for the cluster this template is generating

  magnum_url:
    type: string
    description: endpoint to retrieve TLS certs from

  prometheus_monitoring:
    type: boolean
    description: >
      whether or not to have prometheus and grafana deployed

  grafana_admin_passwd:
    type: string
    hidden: true
    description: >
      admin user password for the Grafana monitoring interface

  api_public_address:
    type: string
    description: Public IP address of the Kubernetes master server.
    default: ""

  api_private_address:
    type: string
    description: Private IP address of the Kubernetes master server.
    default: ""

  fixed_network:
    type: string
    description: Network from which to allocate fixed addresses.

  fixed_network_name:
    type: string
    description: Network from which to allocate fixed addresses.

  fixed_subnet:
    type: string
    description: Subnet from which to allocate fixed addresses.

  network_driver:
    type: string
    description: network driver to use for instantiating container networks

  secgroup_kube_master_id:
    type: string
    description: ID of the security group for kubernetes master.

  api_pool_id:
    type: string
    description: ID of the load balancer pool of k8s API server.

  etcd_pool_id:
    type: string
    description: ID of the load balancer pool of etcd server.

  auth_url:
    type: string
    description: >
      url for kubernetes to authenticate

  username:
    type: string
    description: >
      user account

  password:
    type: string
    description: >
      user password

  http_proxy:
    type: string
    description: http proxy address for docker

  https_proxy:
    type: string
    description: https proxy address for docker

  no_proxy:
    type: string
    description: no proxies for docker

  kube_tag:
    type: string
    description: tag of the k8s containers used to provision the kubernetes cluster

  cloud_provider_tag:
    type: string
    description:
      tag of the kubernetes/cloud-provider-openstack
      https://hub.docker.com/r/k8scloudprovider/openstack-cloud-controller-manager/tags/

  cloud_provider_enabled:
    type: boolean
    description: Enable or disable the openstack kubernetes cloud provider

  etcd_tag:
    type: string
    description: tag of the etcd system container

  coredns_tag:
    type: string
    description: tag of the coredns container

  flannel_tag:
    type: string
    description: tag of the flannel system containers

  flannel_cni_tag:
    type: string
    description: tag of the flannel cni container

  kube_version:
    type: string
    description: version of kubernetes used for kubernetes cluster

  kube_dashboard_version:
    type: string
    description: version of kubernetes dashboard used for kubernetes cluster

  trustee_user_id:
    type: string
    description: user id of the trustee

  trustee_password:
    type: string
    description: password of the trustee
    hidden: true

  trust_id:
    type: string
    description: id of the trust which is used by the trustee
    hidden: true

  insecure_registry_url:
    type: string
    description: insecure registry url

  container_infra_prefix:
    type: string
    description: >
      prefix of container images used in the cluster, kubernetes components,
      kubernetes-dashboard, coredns etc

  etcd_lb_vip:
    type: string
    description: >
      etcd lb vip private used to generate certs on master.
    default: ""

  dns_service_ip:
    type: string
    description: >
      address used by Kubernetes DNS service

  dns_cluster_domain:
    type: string
    description: >
      domain name for cluster DNS

  openstack_ca:
    type: string
    description: The OpenStack CA certificate to install on the node.

350
351
352
353
  nodes_server_group_id:
    type: string
    description: ID of the server group for kubernetes cluster nodes.

Spyridon Trigazis's avatar
Spyridon Trigazis committed
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
  availability_zone:
    type: string
    description: >
      availability zone for master and nodes
    default: ""

  ca_key:
    type: string
    description: key of internal ca for the kube certificate api manager
    hidden: true

  cert_manager_api:
    type: boolean
    description: true if the kubernetes cert api manager should be enabled
    default: false

  calico_tag:
    type: string
    description: tag of the calico containers used to provision the calico node

  calico_kube_controllers_tag:
    type: string
    description: tag of the kube_controllers used to provision the calico node

  calico_ipv4pool:
    type: string
    description: Configure the IP pool from which Pod IPs will be chosen

382
383
384
385
  calico_ipv4pool_ipip:
    type: string
    description: IPIP Mode to use for the IPv4 POOL created at start up

Spyridon Trigazis's avatar
Spyridon Trigazis committed
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
  pods_network_cidr:
    type: string
    description: Configure the IP pool/range from which pod IPs will be chosen

  ingress_controller:
    type: string
    description: >
      ingress controller backend to use

  ingress_controller_role:
    type: string
    description: >
      node role where the ingress controller should run

  octavia_ingress_controller_tag:
    type: string
    description: Octavia ingress controller docker image tag.

  kubelet_options:
    type: string
    description: >
      additional options to be passed to the kubelet

  kubeapi_options:
    type: string
    description: >
      additional options to be passed to the api

  kubecontroller_options:
    type: string
    description: >
      additional options to be passed to the controller manager

  kubeproxy_options:
    type: string
    description: >
      additional options to be passed to the kube proxy

  kubescheduler_options:
    type: string
    description: >
      additional options to be passed to the scheduler

  octavia_enabled:
    type: boolean
    description: >
      whether or not to use Octavia for LoadBalancer type service.
    default: False

435
436
437
438
439
440
441
442
443
444
445
446
  kube_csi_enabled:
    type: boolean
    description: >
      Indicates whether kube csi containers should be started.
    default: false

  kube_csi_version:
    type: string
    description: >
      Indicates the version of CSI to support.
    default: "v0.2.0"

447
448
449
450
451
452
453
454
  eos_enabled:
    type: boolean
    description: Indicates whether the eos csi plugin should be started.

  eos_chart_tag:
    type: string
    description: The cern/eosxd chart version to use.

455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
  cephfs_csi_enabled:
    type: boolean
    description: >
      Indicates whether the ceph csi plugin should be started.
    default: false

  cephfs_csi_version:
    type: string
    description: >
      Indicates the version of CEPH CSI to use.
    default: "v0.2.0"

  cvmfs_csi_enabled:
    type: boolean
    description: >
      Indicates whether the cvmfs csi plugin should be started.
    default: false

  cvmfs_csi_version:
    type: string
    description: >
      Indicates the version of CVMFS CSI to use.
    default: "v0.2.0"

479
480
481
482
483
484
485
486
487
488
489
490
  manila_csi_enabled:
    type: boolean
    description: >
      Indicates whether the Manila CSI plugin should be started.
    default: false

  manila_csi_version:
    type: string
    description: >
      Indicates the version of Manila CSI to use.
    default: "v0.2.0"

491
492
493
494
495
496
497
498
499
500
501
502
  manila_enabled:
    type: boolean
    description: >
      Indicates whether the Manila Provisioner should be started.
    default: false

  manila_version:
    type: string
    description: >
      Indicates the version of the Manila Provisioner to use.
    default: "v0.2.0"

503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
  logging_type:
    type: string
    description: >
      Indicates the logging type

  logging_include_internal:
    type: boolean
    description: >
      whether or not send kube-system logs with fluentd

  logging_http_destination:
    type: string
    description: >
      When logging type is http, destination of the logs

  logging_producer:
    type: string
    description: >
      Indicates the cern producer where to send the logs

  logging_version:
    type: string
    description: >
      Indicates the version of the fluentd-kubernetes-daemonset image

528
529
530
531
532
533
534
535
536
537
  logging_installer:
    type: string
    description: >
      Install the central monitoring using 'helm' or 'vanila' (default: vanila)

  logging_chart_tag:
    type: string
    description: >
      The cern/fluentd chart version to use.

538
539
540
541
542
543
544
545
546
547
548
549
  cern_tag:
    type: string
    description: >
      The tag to use for the cern setup containers.
    default: "latest"

  cern_enabled:
    type: boolean
    description: >
      Indicates whether cern setup should be done.
    default: false

550
551
552
553
554
555
556
557
558
559
  metrics_producer:
    type: string
    description: >
      Indicates the cern producer where to send the logs

  metrics_producer_version:
    type: string
    description: >
      The cern/prometheus-cern aggregation rules chart version to use.

Spyridon Trigazis's avatar
Spyridon Trigazis committed
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
  kube_service_account_key:
    type: string
    hidden: true
    description: >
      The signed cert will be used to verify the k8s service account tokens
      during authentication.

  kube_service_account_private_key:
    type: string
    hidden: true
    description: >
      The private key will be used to sign generated k8s service account
      tokens.

  prometheus_tag:
    type: string
    description: tag of prometheus container

  grafana_tag:
    type: string
    description: tag of grafana container

  heat_container_agent_tag:
    type: string
    description: tag of the heat_container_agent system container

  keystone_auth_enabled:
    type: boolean
    description: >
      true if the keystone authN and authZ should be enabled
    default:
      false

  k8s_keystone_auth_tag:
    type: string
    description: tag of the k8s_keystone_auth container

  monitoring_enabled:
    type: boolean
    description: Enable or disable prometheus-operator monitoring solution.
    default: false

  prometheus_operator_chart_tag:
    type: string
    description: The stable/prometheus-operator chart version to use.
    default: 5.12.3

Diogo Guerra's avatar
Diogo Guerra committed
607
608
609
610
611
612
613
614
615
616
617
618
  prometheus_adapter_enabled:
    type: boolean
    description: Enable or disable prometheus-adapter custom metrics.

  prometheus_adapter_chart_tag:
    type: string
    description: The stable/prometheus-adapter chart version to use.

  prometheus_adapter_configmap:
    type: string
    description: The prometheus adapter rules ConfigMap name to use as overwrite.

619
620
621
622
623
624
625
626
  landb_sync_enabled:
    type: boolean
    description: Enable or disable landb-sync cern service.

  landb_sync_chart_tag:
    type: string
    description: The cern/landb-sync chart version to install.

Spyridon Trigazis's avatar
Spyridon Trigazis committed
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
  project_id:
    type: string
    description: >
      project id of current project

  tiller_enabled:
    type: string
    description: Whether to enable tiller or not

  tiller_tag:
    type: string
    description: tag of tiller container

  tiller_namespace:
    type: string
    description: namespace where tiller will be installed

644
645
646
647
  helm_client_tag:
    type: string
    description: tag of helm container

Spyridon Trigazis's avatar
Spyridon Trigazis committed
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
  auto_healing_enabled:
    type: boolean
    description: >
      true if the auto healing feature should be enabled

  auto_healing_controller:
    type: string
    description: >
      The service to be deployed for auto-healing.
    default: "draino"

  magnum_auto_healer_tag:
    type: string
    description: tag of the magnum-auto-healer service.
    default: "v1.15.0"

  auto_scaling_enabled:
    type: boolean
    description: >
      true if the auto scaling feature should be enabled

669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
  cinder_csi_enabled:
    type: boolean
    description: >
      true if the cinder csi feature should be enabled

  cinder_csi_plugin_tag:
    type: string
    description: tag of cinder csi plugin

  csi_attacher_tag:
    type: string
    description: tag of csi attacher

  csi_provisioner_tag:
    type: string
    description: tag of csi provisioner

  csi_snapshotter_tag:
    type: string
    description: tag of csi snapshotter

  csi_resizer_tag:
    type: string
    description: tag of csi resizer

  csi_node_driver_registrar_tag:
    type: string
    description: tag of csi node driver registrar

Spyridon Trigazis's avatar
Spyridon Trigazis committed
698
699
700
701
702
703
704
705
  node_problem_detector_tag:
    type: string
    description: tag of the node problem detector container

  nginx_ingress_controller_tag:
    type: string
    description: nginx ingress controller docker image tag

706
707
708
709
  nginx_ingress_controller_chart_tag:
    type: string
    description: nginx ingress controller helm chart tag

Spyridon Trigazis's avatar
Spyridon Trigazis committed
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
  draino_tag:
    type: string
    description: tag of the draino container

  autoscaler_tag:
    type: string
    description: tag of the autoscaler container

  min_node_count:
    type: number
    description: >
      minimum node count of cluster workers when doing scale down

  max_node_count:
    type: number
    description: >
      maximum node count of cluster workers when doing scale up

  npd_enabled:
    type: boolean
    description: >
      true if the npd service should be launched
    default:
      true

735
736
737
738
739
740
741
742
743
744
745
746
747
  ostree_remote:
    type: string
    description: The ostree remote branch to upgrade

  ostree_commit:
    type: string
    description: The ostree commit to deploy

  use_podman:
    type: boolean
    description: >
      If true, run system containers for kubernetes, etcd and heat-agent

748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
  container_runtime:
    type: string
    description: The container runtime to install

  containerd_version:
    type: string
    description: The containerd version to download from https://storage.googleapis.com/cri-containerd-release/

  containerd_tarball_url:
    type: string
    description: Url location of the containerd tarball.

  containerd_tarball_sha256:
    type: string
    description: sha256 of the target containerd tarball.

764
765
766
767
768
769
770
771
  nvidia_gpu_enabled:
    type: boolean
    description: Enable or disable nvidia gpu setup.

  nvidia_gpu_tag:
    type: string
    description: Tag of the helm chart to use for nvidia gpu.

772
773
774
775
776
777
778
779
  cern_chart_enabled:
    type: boolean
    description: Enable or disable the CERN chart based setup.

  cern_chart_version:
    type: string
    description: The CERN chart tag to be used

Stavros Moiras's avatar
Stavros Moiras committed
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
  oidc_enabled:
    type: boolean
    description: >
      OpenID Connect support for kubernetes clusters at CERN
    default: false

  oidc_client_id:
    type: string
    description: >
      Custom client id, if set, no application is created in the application portal automatically
    default: ""

  oidc_issuer_url:
    type: string
    description: The url of our oidc issuer
    default: ''

  oidc_username_claim:
    type: string
    description: The username field
    default: ''

  oidc_groups_claim:
    type: string
    description: The groups field
    default: ''

  oidc_username_prefix:
    type: string
    description: A prefix for each username
    default: ''

  oidc_groups_prefix:
    type: string
    description: A prefix for each group
    default: ''

  oidc_username:
    type: string
    description: The cern username of the user that creates the cluster
    default: ''

Spyridon Trigazis's avatar
Spyridon Trigazis committed
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
conditions:

  image_based: {equals: [{get_param: boot_volume_size}, 0]}
  volume_based:
    not:
      equals:
      - get_param: boot_volume_size
      - 0

resources:
  ######################################################################
  #
  # software configs.  these are components that are combined into
  # a multipart MIME user-data archive.
  #

  agent_config:
    type: OS::Heat::SoftwareConfig
    properties:
      group: ungrouped
      config:
        list_join:
          - "\n"
          -
            - str_replace:
                template: {get_file: user_data.json}
                params:
                  $HOSTNAME: {get_param: name}
                  $SSH_KEY_VALUE: {get_param: ssh_public_key}
                  $OPENSTACK_CA: {get_param: openstack_ca}
852
853
854
855
856
857
858
859
                  $CONTAINER_INFRA_PREFIX:
                    if:
                      - equals:
                        - get_param: container_infra_prefix
                        - ""
                      - "docker.io/openstackmagnum/"
                      - get_param: container_infra_prefix
                  $HEAT_CONTAINER_AGENT_TAG: {get_param: heat_container_agent_tag}
860
861
862
                  $HTTP_PROXY: {get_param: http_proxy}
                  $HTTPS_PROXY: {get_param: https_proxy}
                  $NO_PROXY: {get_param: no_proxy}
Spyridon Trigazis's avatar
Spyridon Trigazis committed
863
864
865
866
867
868
869
870
871

  master_config:
    type: OS::Heat::SoftwareConfig
    properties:
      group: script
      config:
        list_join:
          - "\n"
          -
872
            - "#!/bin/bash"
Spyridon Trigazis's avatar
Spyridon Trigazis committed
873
874
875
876
            - str_replace:
                template: {get_file: ../../common/templates/kubernetes/fragments/write-heat-params-master.sh}
                params:
                  "$INSTANCE_NAME": {get_param: name}
877
                  "$HEAPSTER_ENABLED": {get_param: heapster_enabled}
Diogo Guerra's avatar
Diogo Guerra committed
878
879
                  "$METRICS_SERVER_ENABLED": {get_param: metrics_server_enabled}
                  "$METRICS_SERVER_CHART_TAG": {get_param: metrics_server_chart_tag}
Spyridon Trigazis's avatar
Spyridon Trigazis committed
880
                  "$PROMETHEUS_MONITORING": {get_param: prometheus_monitoring}
881
882
                  "$KUBE_API_PUBLIC_ADDRESS": {get_param: api_public_address}
                  "$KUBE_API_PRIVATE_ADDRESS":  {get_param: api_private_address}
Spyridon Trigazis's avatar
Spyridon Trigazis committed
883
                  "$KUBE_API_PORT": {get_param: kubernetes_port}
884
885
                  "$KUBE_NODE_PUBLIC_IP": {get_attr: [kube-master, first_address]}
                  "$KUBE_NODE_IP": {get_attr: [kube-master, first_address]}
Spyridon Trigazis's avatar
Spyridon Trigazis committed
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
                  "$KUBE_ALLOW_PRIV": {get_param: kube_allow_priv}
                  "$ETCD_VOLUME": {get_resource: etcd_volume}
                  "$ETCD_VOLUME_SIZE": {get_param: etcd_volume_size}
                  "$DOCKER_VOLUME": {get_resource: docker_volume}
                  "$DOCKER_VOLUME_SIZE": {get_param: docker_volume_size}
                  "$DOCKER_STORAGE_DRIVER": {get_param: docker_storage_driver}
                  "$CGROUP_DRIVER": {get_param: cgroup_driver}
                  "$NETWORK_DRIVER": {get_param: network_driver}
                  "$FLANNEL_NETWORK_CIDR": {get_param: flannel_network_cidr}
                  "$FLANNEL_NETWORK_SUBNETLEN": {get_param: flannel_network_subnetlen}
                  "$FLANNEL_BACKEND": {get_param: flannel_backend}
                  "$SYSTEM_PODS_INITIAL_DELAY": {get_param: system_pods_initial_delay}
                  "$SYSTEM_PODS_TIMEOUT": {get_param: system_pods_timeout}
                  "$PODS_NETWORK_CIDR": {get_param: pods_network_cidr}
                  "$PORTAL_NETWORK_CIDR": {get_param: portal_network_cidr}
                  "$ADMISSION_CONTROL_LIST": {get_param: admission_control_list}
                  "$ETCD_DISCOVERY_URL": {get_param: discovery_url}
                  "$AUTH_URL": {get_param: auth_url}
                  "$USERNAME": {get_param: username}
                  "$PASSWORD": {get_param: password}
                  "$CLUSTER_NETWORK": {get_param: fixed_network}
                  "$CLUSTER_NETWORK_NAME": {get_param: fixed_network_name}
                  "$CLUSTER_SUBNET": {get_param: fixed_subnet}
                  "$TLS_DISABLED": {get_param: tls_disabled}
                  "$TRAEFIK_INGRESS_CONTROLLER_TAG": {get_param: traefik_ingress_controller_tag}
                  "$KUBE_DASHBOARD_ENABLED": {get_param: kube_dashboard_enabled}
                  "$INFLUX_GRAFANA_DASHBOARD_ENABLED": {get_param: influx_grafana_dashboard_enabled}
                  "$VERIFY_CA": {get_param: verify_ca}
                  "$CLUSTER_UUID": {get_param: cluster_uuid}
                  "$MAGNUM_URL": {get_param: magnum_url}
                  "$VOLUME_DRIVER": {get_param: volume_driver}
                  "$REGION_NAME": {get_param: region_name}
                  "$HTTP_PROXY": {get_param: http_proxy}
                  "$HTTPS_PROXY": {get_param: https_proxy}
                  "$NO_PROXY": {get_param: no_proxy}
                  "$KUBE_TAG": {get_param: kube_tag}
                  "$CLOUD_PROVIDER_TAG": {get_param: cloud_provider_tag}
                  "$CLOUD_PROVIDER_ENABLED": {get_param: cloud_provider_enabled}
                  "$ETCD_TAG": {get_param: etcd_tag}
                  "$COREDNS_TAG": {get_param: coredns_tag}
                  "$FLANNEL_TAG": {get_param: flannel_tag}
                  "$FLANNEL_CNI_TAG": {get_param: flannel_cni_tag}
                  "$KUBE_VERSION": {get_param: kube_version}
                  "$KUBE_DASHBOARD_VERSION": {get_param: kube_dashboard_version}
                  "$TRUSTEE_USER_ID": {get_param: trustee_user_id}
                  "$TRUSTEE_PASSWORD": {get_param: trustee_password}
                  "$TRUST_ID": {get_param: trust_id}
                  "$INSECURE_REGISTRY_URL": {get_param: insecure_registry_url}
                  "$CONTAINER_INFRA_PREFIX": {get_param: container_infra_prefix}
                  "$ETCD_LB_VIP": {get_param: etcd_lb_vip}
                  "$DNS_SERVICE_IP": {get_param: dns_service_ip}
                  "$DNS_CLUSTER_DOMAIN": {get_param: dns_cluster_domain}
                  "$CERT_MANAGER_API": {get_param: cert_manager_api}
                  "$CA_KEY": {get_param: ca_key}
                  "$CALICO_TAG": {get_param: calico_tag}
                  "$CALICO_KUBE_CONTROLLERS_TAG": {get_param: calico_kube_controllers_tag}
                  "$CALICO_IPV4POOL": {get_param: calico_ipv4pool}
943
                  "$CALICO_IPV4POOL_IPIP": {get_param: calico_ipv4pool_ipip}
Spyridon Trigazis's avatar
Spyridon Trigazis committed
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
                  "$INGRESS_CONTROLLER": {get_param: ingress_controller}
                  "$INGRESS_CONTROLLER_ROLE": {get_param: ingress_controller_role}
                  "$OCTAVIA_INGRESS_CONTROLLER_TAG": {get_param: octavia_ingress_controller_tag}
                  "$KUBELET_OPTIONS": {get_param: kubelet_options}
                  "$KUBEAPI_OPTIONS": {get_param: kubeapi_options}
                  "$KUBECONTROLLER_OPTIONS": {get_param: kubecontroller_options}
                  "$KUBEPROXY_OPTIONS": {get_param: kubeproxy_options}
                  "$KUBESCHEDULER_OPTIONS": {get_param: kubescheduler_options}
                  "$OCTAVIA_ENABLED": {get_param: octavia_enabled}
                  "$KUBE_SERVICE_ACCOUNT_KEY": {get_param: kube_service_account_key}
                  "$KUBE_SERVICE_ACCOUNT_PRIVATE_KEY": {get_param: kube_service_account_private_key}
                  "$PROMETHEUS_TAG": {get_param: prometheus_tag}
                  "$GRAFANA_TAG": {get_param: grafana_tag}
                  "$HEAT_CONTAINER_AGENT_TAG": {get_param: heat_container_agent_tag}
                  "$KEYSTONE_AUTH_ENABLED": {get_param: keystone_auth_enabled}
                  "$K8S_KEYSTONE_AUTH_TAG": {get_param: k8s_keystone_auth_tag}
                  "$MONITORING_ENABLED": {get_param: monitoring_enabled}
                  "$PROMETHEUS_OPERATOR_CHART_TAG": {get_param: prometheus_operator_chart_tag}
Diogo Guerra's avatar
Diogo Guerra committed
962
963
964
                  "$PROMETHEUS_ADAPTER_ENABLED": {get_param: prometheus_adapter_enabled}
                  "$PROMETHEUS_ADAPTER_CHART_TAG": {get_param: prometheus_adapter_chart_tag}
                  "$PROMETHEUS_ADAPTER_CONFIGMAP": {get_param: prometheus_adapter_configmap}
965
966
                  "$LANDB_SYNC_ENABLED": {get_param: landb_sync_enabled}
                  "$LANDB_SYNC_CHART_TAG": {get_param: landb_sync_chart_tag}
Spyridon Trigazis's avatar
Spyridon Trigazis committed
967
968
                  "$PROJECT_ID": {get_param: project_id}
                  "$EXTERNAL_NETWORK_ID": {get_param: external_network}
969
970
971
972
973
                  "$LOGGING_TYPE": {get_param: logging_type}
                  "$LOGGING_INCLUDE_INTERNAL": {get_param: logging_include_internal}
                  "$LOGGING_HTTP_DESTINATION": {get_param: logging_http_destination}
                  "$LOGGING_PRODUCER": {get_param: logging_producer}
                  "$LOGGING_VERSION": {get_param: logging_version}
974
975
                  "$LOGGING_INSTALLER": {get_param: logging_installer}
                  "$LOGGING_CHART_TAG": {get_param: logging_chart_tag}
976
977
                  "$METRICS_PRODUCER": {get_param: metrics_producer}
                  "$METRICS_PRODUCER_VERSION": {get_param: metrics_producer_version}
978
979
                  "$KUBE_CSI_ENABLED": {get_param: kube_csi_enabled}
                  "$KUBE_CSI_VERSION": {get_param: kube_csi_version}
980
981
                  "$EOS_ENABLED": {get_param: eos_enabled}
                  "$EOS_CHART_TAG": {get_param: eos_chart_tag}
982
983
984
985
                  "$CEPHFS_CSI_ENABLED": {get_param: cephfs_csi_enabled}
                  "$CEPHFS_CSI_VERSION": {get_param: cephfs_csi_version}
                  "$CVMFS_CSI_ENABLED": {get_param: cvmfs_csi_enabled}
                  "$CVMFS_CSI_VERSION": {get_param: cvmfs_csi_version}
986
987
                  "$MANILA_ENABLED": {get_param: manila_enabled}
                  "$MANILA_VERSION": {get_param: manila_version}
988
989
                  "$CERN_TAG": {get_param: cern_tag}
                  "$CERN_ENABLED": {get_param: cern_enabled}
Spyridon Trigazis's avatar
Spyridon Trigazis committed
990
991
992
                  "$TILLER_ENABLED": {get_param: tiller_enabled}
                  "$TILLER_TAG": {get_param: tiller_tag}
                  "$TILLER_NAMESPACE": {get_param: tiller_namespace}
993
                  "$HELM_CLIENT_TAG": {get_param: helm_client_tag}
Spyridon Trigazis's avatar
Spyridon Trigazis committed
994
995
                  "$NODE_PROBLEM_DETECTOR_TAG": {get_param: node_problem_detector_tag}
                  "$NGINX_INGRESS_CONTROLLER_TAG": {get_param: nginx_ingress_controller_tag}
996
                  "$NGINX_INGRESS_CONTROLLER_CHART_TAG": {get_param: nginx_ingress_controller_chart_tag}
Spyridon Trigazis's avatar
Spyridon Trigazis committed
997
998
999
1000
                  "$AUTO_HEALING_ENABLED": {get_param: auto_healing_enabled}
                  "$AUTO_HEALING_CONTROLLER": {get_param: auto_healing_controller}
                  "$MAGNUM_AUTO_HEALER_TAG": {get_param: magnum_auto_healer_tag}
                  "$AUTO_SCALING_ENABLED": {get_param: auto_scaling_enabled}