forked from rancher/rancherd
-
Notifications
You must be signed in to change notification settings - Fork 0
/
config-example.yaml
145 lines (126 loc) · 5.1 KB
/
config-example.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
########################################################
# The below parameters apply to cluster-init role only #
########################################################
# The Kubernetes version to be installed. This must be a k3s or RKE2 version
# v1.21 or newer. k3s and RKE2 versions always have a `k3s` or `rke2` in the
# version string.
kubernetesVersion: v1.22.2+k3s1
# The Rancher version to be installed or a channel "latest" or "stable"
rancherVersion: v2.6.0
# Values set on the Rancher Helm chart. Refer to
# https://github.com/rancher/rancher/blob/release/v2.6/chart/values.yaml
# for possible values.
rancherValues:
# Below are the default values set
# Multi-Cluster Management is disabled by default, change to multi-cluster-management=true to enable
features: multi-cluster-management=false
# The Rancher UI will run on the host port 8443 by default. Set to 0 to disable
# and instead use ingress.enabled=true to route traffic through ingress
hostPort: 8443
# Accessing ingress is disabled by default.
ingress:
enabled: false
# Don't create a default admin password
noDefaultAdmin: true
# The negative value means it will up to that many replicas if there are
# at least that many nodes available. For example, if you have 2 nodes and
# `replicas` is `-3` then 2 replicas will run. Once you add a third node
# a then 3 replicas will run
replicas: -3
# External TLS is assumed
tls: external
# Addition SANs (hostnames) to be added to the generated TLS certificate that
# served on port 6443.
tlsSans:
- additionalhostname.example.com
# Generic commands to run before bootstrapping the node.
preInstructions:
- name: something
# This image will be extracted to a temporary folder and
# set as the current working dir. The command will not run
# contained or chrooted, this is only a way to copy assets
# to the host. This is parameter is optional
image: custom/image:1.1.1
# Environment variables to set
env:
- FOO=BAR
# Program arguments
args:
- arg1
- arg2
# Command to run
command: /bin/dosomething
# Save output to /var/lib/rancher/rancherd/plan/plan-output.json
saveOutput: false
# Generic commands to run after bootstrapping the node.
postInstructions:
- name: something
env:
- FOO=BAR
args:
- arg1
- arg2
command: /bin/dosomething
saveOutput: false
# Kubernetes resources that will be created once Rancher is bootstrapped
resources:
- kind: ConfigMap
apiVersion: v1
metadata:
name: random
data:
key: value
# Contents of the registries.yaml that will be used by k3s/RKE2. The structure
# is documented at https://rancher.com/docs/k3s/latest/en/installation/private-registry/
registries: {}
# The default registry used for all Rancher container images. For more information
# refer to https://rancher.com/docs/rancher/v2.6/en/admin-settings/config-private-registry/
systemDefaultRegistry: someprefix.example.com:5000
# Advanced: The system agent installer image used for Kubernetes
runtimeInstallerImage: ...
# Advanced: The system agent installer image used for Rancher
rancherInstallerImage: ...
###########################################
# The below parameters apply to all roles #
###########################################
# The URL to Rancher to join a node. If you have disabled the hostPort and configured
# TLS then this will be the server you have setup.
server: https://myserver.example.com:8443
# A shared secret to join nodes to the cluster
token: sometoken
# Instead of setting the server parameter above the server value can be dynamically
# determined from cloud provider metadata. This is powered by https://github.com/hashicorp/go-discover.
# Discovery requires that the hostPort is not disabled.
discovery:
params:
# Corresponds to go-discover provider name
provider: "mdns"
# All other key/values are parameters corresponding to what
# the go-discover provider is expecting
service: "rancher-server"
# If this is a new cluster it will wait until 3 server are
# available and they all agree on the same cluster-init node
expectedServers: 3
# How long servers are remembered for. It is useful for providers
# that are not consistent in their responses, like mdns.
serverCacheDuration: 1m
# The role of this node. Every cluster must start with one node as role=cluster-init.
# After that nodes can be joined using the server role for control-plane nodes and
# agent role for worker only nodes. The server/agent terms correspond to the server/agent
# terms in k3s and RKE2
role: cluster-init,server,agent
# The Kubernetes node name that will be set
nodeName: custom-hostname
# The IP address that will be set in Kubernetes for this node
address: 123.123.123.123
# The internal IP address that will be used for this node
internalAddress: 123.123.123.124
# Taints to apply to this node upon creation
taints:
- dedicated=special-user:NoSchedule
# Labels to apply to this node upon creation
labels:
- key=value
# Advanced: Arbitrary configuration that will be placed in /etc/rancher/k3s/config.yaml.d/40-rancherd.yaml
# or /etc/rancher/rke2/config.yaml.d/40-rancherd.yaml
extraConfig: {}