Skip to content

Instantly share code, notes, and snippets.

@widgetpl
Created May 24, 2018 10:50
Show Gist options
  • Save widgetpl/dc1d5ca8b34546298af031d52875a3d4 to your computer and use it in GitHub Desktop.
Save widgetpl/dc1d5ca8b34546298af031d52875a3d4 to your computer and use it in GitHub Desktop.
---
######################
### CLUSTER SETUP ####
######################
{% if dcos.agent_list is defined -%}
# A YAML nested list (-) of IPv4 addresses to your private agent host names. ( JUST FOR CLI INSTALLATION )
agent_list:
{% for agent in dcos.agent_list -%}
- {{ agent }}
{%- endfor %}
{% endif -%}
{% if dcos.aws_template_storage_access_key_id is defined -%}
# The access key ID of the account owning the AWS S3 bucket.
aws_template_storage_access_key_id: {{ dcos.aws_template_storage_access_key_id }}
{% endif -%}
{% if dcos.aws_template_storage_bucket is defined -%}
# The name of an S3 bucket to contain customized advanced AWS templates.
aws_template_storage_bucket: {{ dcos.aws_template_storage_bucket }}
{% endif -%}
{% if dcos.aws_template_storage_bucket_path is defined -%}
# The path to a location within the S3 bucket to store template artifacts.
aws_template_storage_bucket_path: {{ dcos.aws_template_storage_bucket_path }}
{% endif -%}
{% if dcos.aws_template_storage_region_name is defined -%}
# The region containing the S3 bucket.
aws_template_storage_region_name: {{ dcos.aws_template_storage_region_name }}
{% endif -%}
{% if dcos.aws_template_storage_secret_access_key is defined -%}
# The secret access key of the account owning the AWS S3 bucket.
aws_template_storage_secret_access_key: {{ dcos.aws_template_storage_secret_access_key }}
{% endif -%}
{% if dcos.aws_template_upload is defined -%}
# Whether to upload the customized advanced AWS templates to an S3 bucket.
aws_template_upload: {{ dcos.aws_template_upload }}
{% endif -%}
# (Required) The URI path for the DC/OS installer to store the customized DC/OS build files.
bootstrap_url: http://{{ dcos.bootstrap.ip }}:{{ dcos.bootstrap.port }}
{% if dcos.cluster_docker_credentials is defined -%}
# The dictionary of Docker credentials to pass.
cluster_docker_credentials: {{ dcos.cluster_docker_credentials }}
{% endif -%}
{% if dcos.cluster_docker_credentials_enabled is defined -%}
# Whether to pass the Mesos --docker_config option to Mesos.
cluster_docker_credentials_enabled: {{ dcos.cluster_docker_credentials_enabled }}
{% endif -%}
{% if dcos.cluster_docker_registry_url is defined -%}
# The custom URL that Mesos uses to pull Docker images from.
cluster_docker_registry_url: {{ dcos.cluster_docker_registry_url is defined }}
{% endif -%}
# The name of your cluster.
cluster_name: '{{ dcos.cluster_name }}'
{% if dcos.cosmos_config is defined -%}
# The dictionary of packaging configuration to pass to the DC/OS Package Manager (Cosmos).
cosmos_config: {{ dcos.cosmos_config }}
{% endif -%}
{% if dcos.custom_checks is defined -%}
# Custom installation checks that are added to the default check configuration process.
custom_checks:
{% if dcos.custom_checks.cluster_checks is defined -%}
cluster_checks:
{% for cluster_check in dcos.custom_checks.cluster_checks -%}
- {{ cluster_check.name }}:
description: {{ cluster_check.description }}
cmd:
{% for item in cluster_check.cmd -%}
- {{ item }}
{% endfor -%}
roles:
{% for role in cluster_check.roles -%}
- {{ role }}
{% endfor -%}
timeout: {{ cluster_check.timeout }}
{% endfor -%}
{% endif -%}
{% if dcos.cluster_checks.node_checks is defined -%}
node_checks:
checks:
{% for node_check in dcos.custom_checks.node_checks -%}
- {{ node_check.name }}:
description: {{ node_check.description }}
cmd:
{% for item in node_check.cmd -%}
- {{ item }}
{% endfor -%}
roles:
{% for role in node_check.roles -%}
- {{ role }}
{% endfor -%}
timeout: {{ node_check.timeout }}
{% endfor -%}
{% endif -%}
{% endif -%}
{% if dcos.exhibitor_storage_backend is defined -%}
# The type of storage backend to use for Exhibitor.
exhibitor_storage_backend: {{ dcos.exhibitor_storage_backend }}
{% if dcos.exhibitor_storage_backend == 'zookeeper' -%}
# A comma-separated list (<ZK_IP>:<ZK_PORT>, <ZK_IP>:<ZK_PORT>, <ZK_IP:ZK_PORT>)
exhibitor_zk_hosts: {{ dcos.exhibitor_zk_hosts }}
# The filepath that Exhibitor uses to store data.
exhibitor_zk_path: {{ dcos.exhibitor_zk_path }}
{% elif dcos.exhibitor_storage_backend == 'aws_s3' -%}
aws_access_key_id: {{ dcos.aws_access_key_id }}
aws_region: {{ dcos.aws_region }}
aws_secret_access_key: {{ dcos.aws_secret_access_key }}
exhibitor_explicit_keys: {{ dcos.exhibitor_explicit_keys }}
s3_bucket: {{ dcos.s3_bucket }}
s3_prefix: {{ dcos.s3_prefix }}
{% elif dcos.exhibitor_storage_backend == 'azure' -%}
exhibitor_azure_account_name: {{ dcos.exhibitor_azure_account_name }}
exhibitor_azure_account_key: {{ dcos.exhibitor_azure_account_key }}
exhibitor_azure_prefix: {{ dcos.exhibitor_azure_prefix }}
{% endif -%}
{% endif -%}
{% if dcos.enable_gpu_isolation is defined -%}
# Indicates whether to enable GPU support in DC/OS.
enable_gpu_isolation: {{ dcos.enable_gpu_isolation }}
{% endif -%}
{% if dcos.gpus_are_scarce is defined -%}
# Indicates whether to treat GPUs as a scarce resource in the cluster.
gpus_are_scarce: {{ dcos.gpus_are_scarce }}
{% endif -%}
{% if dcos.ip_detect_public_filename is defined -%}
# The IP detect file to use in your cluster.
ip_detect_public_filename: {{ dcos.ip_detect_public_filename }}
{% endif -%}
{% if dcos.master_discovery is defined -%}
# (Required) The Mesos master discovery method.
master_discovery: {{ dcos.master_discovery }}
{% if dcos.master_discovery == 'static' %}
master_list:
{% for master in dcos.master_list %}
- {{ master }}{{ '\n' }}
{%- endfor %}
{%- elif dcos.master_discovery == 'master_http_loadbalancer' %}
exhibitor_address: {{ dcos.exhibitor_address }}
num_masters: {{ dcos.num_masters }}
{% endif -%}
{% endif -%}
{% if dcos.mesos_container_log_sink is defined -%}
# The log manager for containers (tasks).
mesos_container_log_sink: {{ dcos.mesos_container_log_sink }}
{% endif -%}
{% if dcos.platform is defined -%}
# The infrastructure platform.
platform: {{ dcos.platform }}
{% endif -%}
{% if dcos.public_agent_list is defined -%}
# A YAML nested list (-) of IPv4 addresses to your public agent host names.
public_agent_list:
{% for agent in dcos.public_agent_list -%}
- {{ agent }}{{ '\n' }}
{% endfor -%}
{% endif -%}
{% if rexray_config is defined %}
# The REX-Ray configuration method for enabling external persistent volumes in Marathon. You cannot specify both rexray_config and rexray_config_preset.
{% include "rexray.yaml.j2" %}
{% endif %}
{% if dcos.rexray_config_preset is defined -%}
# If you run DC/OS on AWS setting this parameter to aws, sets the rexray_config parameter to a sensible default REX-Ray configuration that is bundled with DC/OS itself. You cannot specify both rexray_config and rexray_config_preset.
rexray_config_preset: {{ dcos.rexray_config_preset }}
{% endif -%}
##################
### NETWORKING ###
##################
{% if dcos.dcos_overlay_enable is defined -%}
# Block of parameters that specifies whether to enable DC/OS virtual networks.
dcos_overlay_enable: {{ dcos.dcos_overlay_enable }}
{% endif -%}
{% if dcos.dcos_overlay_config_attempts is defined -%}
dcos_overlay_config_attempts: {{ dcos.dcos_overlay_config_attempts }}
{% endif -%}
{% if dcos.dcos_overlay_mtu is defined -%}
dcos_overlay_mtu: {{ dcos.dcos_overlay_mtu }}
{% endif -%}
{% if dcos.dcos_overlay_network is defined -%}
dcos_overlay_network:
vtep_subnet: {{ dcos.dcos_overlay_network.vtep_subnet }}
vtep_mac_oui: {{ dcos.dcos_overlay_network.vtep_mac_oui }}
overlays:
name: {{ dcos.dcos_overlay_network.name }}
subnet: {{ dcos.dcos_overlay_network.subnet }}
prefix: {{ dcos.dcos_overlay_network.prefix }}
{% endif -%}
{% if dcos.dns_bind_ip_blacklist is defined -%}
# A list of IP addresses that DC/OS DNS resolvers cannot bind to.
dns_bind_ip_blacklist:
{% for ip in dcos.dns_bind_ip_blacklist -%}
- {{ ip }}
{% endfor -%}
{% endif -%}
{% if dcos.dns_forward_zones is defined -%}
# A nested list of DNS zones, IP addresses, and ports that configure custom forwarding behavior of DNS queries. A DNS zone is mapped to a set of DNS resolvers.
dns_forward_zones:
{% for dns_zone in dcos.dns_forward_zones -%}
- "{{ dns_zone }}":
{% for ip in dns_zone -%}
- "{{ ip }}":
{% for port in ip -%}
- {{ port }}
{% endfor -%}
{% endfor -%}
{% endfor -%}
{% endif -%}
{% if dcos.dns_search is defined -%}
# A space-separated list of domains that are tried when an unqualified domain is entered.
dns_search: {{ dcos.dns_search }}
{% endif -%}
{% if dcos.master_dns_bindall is defined -%}
# Indicates whether the master DNS port is open.
master_dns_bindall: {{ dcos.master_dns_bindall }}
{% endif -%}
{% if dcos.mesos_dns_set_truncate_bit is defined -%}
# Indicates whether to set the truncate bit if the response is too large to fit in a single packet.
mesos_dns_set_truncate_bit: {{ dcos.mesos_dns_set_truncate_bit }}
{% endif -%}
{% if dcos.resolvers is defined -%}
# A YAML nested list (-) of DNS resolvers for your DC/OS cluster nodes.
resolvers:
{% for resolver in dcos.resolvers %}
- {{ resolver }}{{ '\n' }}
{%- endfor %}
{% endif -%}
{% if dcos.use_proxy is defined -%}
# Indicates whether to enable the DC/OS proxy.
use_proxy: {{ dcos.use_proxy }}
{% if dcos.http_proxy is defined -%}
http_proxy: {{ dcos.http_proxy }}
{% endif -%}
{% if dcos.https_proxy is defined -%}
https_proxy: {{ dcos.https_proxy }}
{% endif -%}
{% if dcos.no_proxy is defined -%}
no_proxy:
{% for host in dcos.no_proxy -%}
- {{ host }}
{% endfor -%}
{% endif -%}
{% endif -%}
################################
#### PERFORMANCE AND TUNING ####
################################
{% if dcos.docker_remove_delay is defined -%}
# The amount of time to wait before removing stale Docker images stored on the agent nodes and the Docker image generated by the installer.
docker_remove_delay: {{ dcos.docker_remove_delay }}
{% endif -%}
{% if dcos.dcos_audit_logging is defined -%}
# ENTERPRISE ONLY
# Indicates whether security decisions (authentication, authorization) are logged for Mesos, Marathon, and Jobs.
dcos_audit_logging: {{ dcos.dcos_audit_logging }}
{% endif -%}
{% if dcos.enable_docker_gc is defined -%}
# Indicates whether to run the docker-gc script, a simple Docker container and image garbage collection script, once every hour to clean up stray Docker containers.
enable_docker_gc: {{ dcos.enable_docker_gc }}
{% endif -%}
{% if dcos.gc_delay is defined -%}
# The maximum amount of time to wait before cleaning up the executor directories.
gc_delay: {{ dcos.gc_delay }}
{% endif -%}
{% if dcos.log_directory is defined -%}
# The path to the installer host logs from the SSH processes.
log_directory: {{ dcos.log_directory }}
{% endif -%}
{% if dcos.mesos_max_completed_tasks_per_framework is defined -%}
# The number of completed tasks for each framework that the Mesos master will retain in memory.
mesos_max_completed_tasks_per_framework: {{ dcos.mesos_max_completed_tasks_per_framework }}
{% endif -%}
{% if dcos.process_timeout is defined -%}
# The allowable amount of time, in seconds, for an action to begin after the process forks.
process_timeout: {{ dcos.process_timeout }}
{% endif -%}
#####################################
#### SECURITY AND AUTHENTICATION ####
#####################################
{% if dcos.auth_cookie_secure_flag is defined -%}
# ENTERPRISE ONLY
# Indicates whether to allow web browsers to send the DC/OS authentication cookie through a non-HTTPS connection.
auth_cookie_secure_flag: {{ dcos.auth_cookie_secure_flag }}
{% endif -%}
{% if dcos.bouncer_expiration_auth_token_days is defined -%}
# ENTERPRISE ONLY
# Sets the auth token time-to-live (TTL) for Identity and Access Management.
bouncer_expiration_auth_token_days: {{ dcos.bouncer_expiration_auth_token_days }}
{% endif -%}
{% if dcos.customer_key is defined -%}
# ENTERPRISE ONLY
# (Required) The DC/OS Enterprise customer key.
customer_key: {{ dcos.customer_key }}
{% endif -%}
{% if dcos.ca_certificate_path is defined -%}
# ENTERPRISE ONLY
# Use this to set up a custom CA certificate. See this page for a detailed configuration parameter reference.
ca_certificate_path: {{ dcos.ca_certificate_path }}
{% endif -%}
{% if dcos.ca_certificate_key_path is defined -%}
# ENTERPRISE ONLY
# Use this to set up a custom CA certificate. See this page for a detailed configuration parameter reference.
ca_certificate_key_path: {{ dcos.ca_certificate_key_path }}
{% endif -%}
{% if dcos.ca_certificate_chain_path is defined -%}
# ENTERPRISE ONLY
# Use this to set up a custom CA certificate. See this page for a detailed configuration parameter reference.
ca_certificate_chain_path: {{ dcos.ca_certificate_chain_path }}
{% endif -%}
{% if dcos.security is defined -%}
# ENTERPRISE ONLY
# The security mode: disabled, permissive, or strict.
# TODO add if statement for enterprise enabled
security: {{ dcos.security }}
{% endif -%}
{% if dcos.ssh_key_path is defined -%}
# The path to the installer uses to log into the target nodes.
ssh_key_path: {{ dcos.ssh_key_path }}
{% endif -%}
{% if dcos.ssh_port is defined -%}
# The port to SSH to, for example 22.
ssh_port: {{ dcos.ssh_port }}
{% endif -%}
{% if dcos.ssh_user is defined -%}
# The SSH username, for example centos.
ssh_user: {{ dcos.ssh_user }}
{% endif -%}
{% if dcos.superuser_password_hash is defined -%}
# ENTERPRISE ONLY
# (Required) The hashed superuser password.
# TODO add if statement for enterprise enabled
superuser_password_hash: {{ dcos.superuser_password_hash }}
{% endif -%}
{% if dcos.superuser_username -%}
# ENTERPRISE ONLY
# (Required) The user name of the superuser.
# TODO add if statement for enterprise enabled
superuser_username: {{ dcos.superuser_username }}
{% endif -%}
{% if dcos.telemetry_enabled is defined -%}
# Indicates whether to enable sharing of anonymous data for your cluster.
telemetry_enabled: {{ dcos.telemetry_enabled }}
{% endif -%}
{% if dcos.zk_super_credentials is defined -%}
# ENTERPRISE ONLY
# The ZooKeeper superuser credentials.
zk_super_credentials: {{ dcos.zk_super_credentials }}
{% endif -%}
{% if dcos.zk_master_credentials is defined -%}
# ENTERPRISE ONLY
# The ZooKeeper master credentials.
zk_master_credentials: {{ dcos.zk_master_credentials }}
{% endif -%}
{% if dcos.zk_agent_credentials is defined -%}
# ENTERPRISE ONLY
# The ZooKeeper agent credentials.
zk_agent_credentials: {{ dcos.zk_agent_credentials }}
{% endif -%}
{% if dcos.enterprise == true %}
fault_domain_enabled: false
license_key_contents: {{ dcos.license_key_contents }}
{% endif %}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment