Created
May 24, 2018 10:50
-
-
Save widgetpl/dc1d5ca8b34546298af031d52875a3d4 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
###################### | |
### CLUSTER SETUP #### | |
###################### | |
{% if dcos.agent_list is defined -%} | |
# A YAML nested list (-) of IPv4 addresses to your private agent host names. ( JUST FOR CLI INSTALLATION ) | |
agent_list: | |
{% for agent in dcos.agent_list -%} | |
- {{ agent }} | |
{%- endfor %} | |
{% endif -%} | |
{% if dcos.aws_template_storage_access_key_id is defined -%} | |
# The access key ID of the account owning the AWS S3 bucket. | |
aws_template_storage_access_key_id: {{ dcos.aws_template_storage_access_key_id }} | |
{% endif -%} | |
{% if dcos.aws_template_storage_bucket is defined -%} | |
# The name of an S3 bucket to contain customized advanced AWS templates. | |
aws_template_storage_bucket: {{ dcos.aws_template_storage_bucket }} | |
{% endif -%} | |
{% if dcos.aws_template_storage_bucket_path is defined -%} | |
# The path to a location within the S3 bucket to store template artifacts. | |
aws_template_storage_bucket_path: {{ dcos.aws_template_storage_bucket_path }} | |
{% endif -%} | |
{% if dcos.aws_template_storage_region_name is defined -%} | |
# The region containing the S3 bucket. | |
aws_template_storage_region_name: {{ dcos.aws_template_storage_region_name }} | |
{% endif -%} | |
{% if dcos.aws_template_storage_secret_access_key is defined -%} | |
# The secret access key of the account owning the AWS S3 bucket. | |
aws_template_storage_secret_access_key: {{ dcos.aws_template_storage_secret_access_key }} | |
{% endif -%} | |
{% if dcos.aws_template_upload is defined -%} | |
# Whether to upload the customized advanced AWS templates to an S3 bucket. | |
aws_template_upload: {{ dcos.aws_template_upload }} | |
{% endif -%} | |
# (Required) The URI path for the DC/OS installer to store the customized DC/OS build files. | |
bootstrap_url: http://{{ dcos.bootstrap.ip }}:{{ dcos.bootstrap.port }} | |
{% if dcos.cluster_docker_credentials is defined -%} | |
# The dictionary of Docker credentials to pass. | |
cluster_docker_credentials: {{ dcos.cluster_docker_credentials }} | |
{% endif -%} | |
{% if dcos.cluster_docker_credentials_enabled is defined -%} | |
# Whether to pass the Mesos --docker_config option to Mesos. | |
cluster_docker_credentials_enabled: {{ dcos.cluster_docker_credentials_enabled }} | |
{% endif -%} | |
{% if dcos.cluster_docker_registry_url is defined -%} | |
# The custom URL that Mesos uses to pull Docker images from. | |
cluster_docker_registry_url: {{ dcos.cluster_docker_registry_url is defined }} | |
{% endif -%} | |
# The name of your cluster. | |
cluster_name: '{{ dcos.cluster_name }}' | |
{% if dcos.cosmos_config is defined -%} | |
# The dictionary of packaging configuration to pass to the DC/OS Package Manager (Cosmos). | |
cosmos_config: {{ dcos.cosmos_config }} | |
{% endif -%} | |
{% if dcos.custom_checks is defined -%} | |
# Custom installation checks that are added to the default check configuration process. | |
custom_checks: | |
{% if dcos.custom_checks.cluster_checks is defined -%} | |
cluster_checks: | |
{% for cluster_check in dcos.custom_checks.cluster_checks -%} | |
- {{ cluster_check.name }}: | |
description: {{ cluster_check.description }} | |
cmd: | |
{% for item in cluster_check.cmd -%} | |
- {{ item }} | |
{% endfor -%} | |
roles: | |
{% for role in cluster_check.roles -%} | |
- {{ role }} | |
{% endfor -%} | |
timeout: {{ cluster_check.timeout }} | |
{% endfor -%} | |
{% endif -%} | |
{% if dcos.cluster_checks.node_checks is defined -%} | |
node_checks: | |
checks: | |
{% for node_check in dcos.custom_checks.node_checks -%} | |
- {{ node_check.name }}: | |
description: {{ node_check.description }} | |
cmd: | |
{% for item in node_check.cmd -%} | |
- {{ item }} | |
{% endfor -%} | |
roles: | |
{% for role in node_check.roles -%} | |
- {{ role }} | |
{% endfor -%} | |
timeout: {{ node_check.timeout }} | |
{% endfor -%} | |
{% endif -%} | |
{% endif -%} | |
{% if dcos.exhibitor_storage_backend is defined -%} | |
# The type of storage backend to use for Exhibitor. | |
exhibitor_storage_backend: {{ dcos.exhibitor_storage_backend }} | |
{% if dcos.exhibitor_storage_backend == 'zookeeper' -%} | |
# A comma-separated list (<ZK_IP>:<ZK_PORT>, <ZK_IP>:<ZK_PORT>, <ZK_IP:ZK_PORT>) | |
exhibitor_zk_hosts: {{ dcos.exhibitor_zk_hosts }} | |
# The filepath that Exhibitor uses to store data. | |
exhibitor_zk_path: {{ dcos.exhibitor_zk_path }} | |
{% elif dcos.exhibitor_storage_backend == 'aws_s3' -%} | |
aws_access_key_id: {{ dcos.aws_access_key_id }} | |
aws_region: {{ dcos.aws_region }} | |
aws_secret_access_key: {{ dcos.aws_secret_access_key }} | |
exhibitor_explicit_keys: {{ dcos.exhibitor_explicit_keys }} | |
s3_bucket: {{ dcos.s3_bucket }} | |
s3_prefix: {{ dcos.s3_prefix }} | |
{% elif dcos.exhibitor_storage_backend == 'azure' -%} | |
exhibitor_azure_account_name: {{ dcos.exhibitor_azure_account_name }} | |
exhibitor_azure_account_key: {{ dcos.exhibitor_azure_account_key }} | |
exhibitor_azure_prefix: {{ dcos.exhibitor_azure_prefix }} | |
{% endif -%} | |
{% endif -%} | |
{% if dcos.enable_gpu_isolation is defined -%} | |
# Indicates whether to enable GPU support in DC/OS. | |
enable_gpu_isolation: {{ dcos.enable_gpu_isolation }} | |
{% endif -%} | |
{% if dcos.gpus_are_scarce is defined -%} | |
# Indicates whether to treat GPUs as a scarce resource in the cluster. | |
gpus_are_scarce: {{ dcos.gpus_are_scarce }} | |
{% endif -%} | |
{% if dcos.ip_detect_public_filename is defined -%} | |
# The IP detect file to use in your cluster. | |
ip_detect_public_filename: {{ dcos.ip_detect_public_filename }} | |
{% endif -%} | |
{% if dcos.master_discovery is defined -%} | |
# (Required) The Mesos master discovery method. | |
master_discovery: {{ dcos.master_discovery }} | |
{% if dcos.master_discovery == 'static' %} | |
master_list: | |
{% for master in dcos.master_list %} | |
- {{ master }}{{ '\n' }} | |
{%- endfor %} | |
{%- elif dcos.master_discovery == 'master_http_loadbalancer' %} | |
exhibitor_address: {{ dcos.exhibitor_address }} | |
num_masters: {{ dcos.num_masters }} | |
{% endif -%} | |
{% endif -%} | |
{% if dcos.mesos_container_log_sink is defined -%} | |
# The log manager for containers (tasks). | |
mesos_container_log_sink: {{ dcos.mesos_container_log_sink }} | |
{% endif -%} | |
{% if dcos.platform is defined -%} | |
# The infrastructure platform. | |
platform: {{ dcos.platform }} | |
{% endif -%} | |
{% if dcos.public_agent_list is defined -%} | |
# A YAML nested list (-) of IPv4 addresses to your public agent host names. | |
public_agent_list: | |
{% for agent in dcos.public_agent_list -%} | |
- {{ agent }}{{ '\n' }} | |
{% endfor -%} | |
{% endif -%} | |
{% if rexray_config is defined %} | |
# The REX-Ray configuration method for enabling external persistent volumes in Marathon. You cannot specify both rexray_config and rexray_config_preset. | |
{% include "rexray.yaml.j2" %} | |
{% endif %} | |
{% if dcos.rexray_config_preset is defined -%} | |
# If you run DC/OS on AWS setting this parameter to aws, sets the rexray_config parameter to a sensible default REX-Ray configuration that is bundled with DC/OS itself. You cannot specify both rexray_config and rexray_config_preset. | |
rexray_config_preset: {{ dcos.rexray_config_preset }} | |
{% endif -%} | |
################## | |
### NETWORKING ### | |
################## | |
{% if dcos.dcos_overlay_enable is defined -%} | |
# Block of parameters that specifies whether to enable DC/OS virtual networks. | |
dcos_overlay_enable: {{ dcos.dcos_overlay_enable }} | |
{% endif -%} | |
{% if dcos.dcos_overlay_config_attempts is defined -%} | |
dcos_overlay_config_attempts: {{ dcos.dcos_overlay_config_attempts }} | |
{% endif -%} | |
{% if dcos.dcos_overlay_mtu is defined -%} | |
dcos_overlay_mtu: {{ dcos.dcos_overlay_mtu }} | |
{% endif -%} | |
{% if dcos.dcos_overlay_network is defined -%} | |
dcos_overlay_network: | |
vtep_subnet: {{ dcos.dcos_overlay_network.vtep_subnet }} | |
vtep_mac_oui: {{ dcos.dcos_overlay_network.vtep_mac_oui }} | |
overlays: | |
name: {{ dcos.dcos_overlay_network.name }} | |
subnet: {{ dcos.dcos_overlay_network.subnet }} | |
prefix: {{ dcos.dcos_overlay_network.prefix }} | |
{% endif -%} | |
{% if dcos.dns_bind_ip_blacklist is defined -%} | |
# A list of IP addresses that DC/OS DNS resolvers cannot bind to. | |
dns_bind_ip_blacklist: | |
{% for ip in dcos.dns_bind_ip_blacklist -%} | |
- {{ ip }} | |
{% endfor -%} | |
{% endif -%} | |
{% if dcos.dns_forward_zones is defined -%} | |
# A nested list of DNS zones, IP addresses, and ports that configure custom forwarding behavior of DNS queries. A DNS zone is mapped to a set of DNS resolvers. | |
dns_forward_zones: | |
{% for dns_zone in dcos.dns_forward_zones -%} | |
- "{{ dns_zone }}": | |
{% for ip in dns_zone -%} | |
- "{{ ip }}": | |
{% for port in ip -%} | |
- {{ port }} | |
{% endfor -%} | |
{% endfor -%} | |
{% endfor -%} | |
{% endif -%} | |
{% if dcos.dns_search is defined -%} | |
# A space-separated list of domains that are tried when an unqualified domain is entered. | |
dns_search: {{ dcos.dns_search }} | |
{% endif -%} | |
{% if dcos.master_dns_bindall is defined -%} | |
# Indicates whether the master DNS port is open. | |
master_dns_bindall: {{ dcos.master_dns_bindall }} | |
{% endif -%} | |
{% if dcos.mesos_dns_set_truncate_bit is defined -%} | |
# Indicates whether to set the truncate bit if the response is too large to fit in a single packet. | |
mesos_dns_set_truncate_bit: {{ dcos.mesos_dns_set_truncate_bit }} | |
{% endif -%} | |
{% if dcos.resolvers is defined -%} | |
# A YAML nested list (-) of DNS resolvers for your DC/OS cluster nodes. | |
resolvers: | |
{% for resolver in dcos.resolvers %} | |
- {{ resolver }}{{ '\n' }} | |
{%- endfor %} | |
{% endif -%} | |
{% if dcos.use_proxy is defined -%} | |
# Indicates whether to enable the DC/OS proxy. | |
use_proxy: {{ dcos.use_proxy }} | |
{% if dcos.http_proxy is defined -%} | |
http_proxy: {{ dcos.http_proxy }} | |
{% endif -%} | |
{% if dcos.https_proxy is defined -%} | |
https_proxy: {{ dcos.https_proxy }} | |
{% endif -%} | |
{% if dcos.no_proxy is defined -%} | |
no_proxy: | |
{% for host in dcos.no_proxy -%} | |
- {{ host }} | |
{% endfor -%} | |
{% endif -%} | |
{% endif -%} | |
################################ | |
#### PERFORMANCE AND TUNING #### | |
################################ | |
{% if dcos.docker_remove_delay is defined -%} | |
# The amount of time to wait before removing stale Docker images stored on the agent nodes and the Docker image generated by the installer. | |
docker_remove_delay: {{ dcos.docker_remove_delay }} | |
{% endif -%} | |
{% if dcos.dcos_audit_logging is defined -%} | |
# ENTERPRISE ONLY | |
# Indicates whether security decisions (authentication, authorization) are logged for Mesos, Marathon, and Jobs. | |
dcos_audit_logging: {{ dcos.dcos_audit_logging }} | |
{% endif -%} | |
{% if dcos.enable_docker_gc is defined -%} | |
# Indicates whether to run the docker-gc script, a simple Docker container and image garbage collection script, once every hour to clean up stray Docker containers. | |
enable_docker_gc: {{ dcos.enable_docker_gc }} | |
{% endif -%} | |
{% if dcos.gc_delay is defined -%} | |
# The maximum amount of time to wait before cleaning up the executor directories. | |
gc_delay: {{ dcos.gc_delay }} | |
{% endif -%} | |
{% if dcos.log_directory is defined -%} | |
# The path to the installer host logs from the SSH processes. | |
log_directory: {{ dcos.log_directory }} | |
{% endif -%} | |
{% if dcos.mesos_max_completed_tasks_per_framework is defined -%} | |
# The number of completed tasks for each framework that the Mesos master will retain in memory. | |
mesos_max_completed_tasks_per_framework: {{ dcos.mesos_max_completed_tasks_per_framework }} | |
{% endif -%} | |
{% if dcos.process_timeout is defined -%} | |
# The allowable amount of time, in seconds, for an action to begin after the process forks. | |
process_timeout: {{ dcos.process_timeout }} | |
{% endif -%} | |
##################################### | |
#### SECURITY AND AUTHENTICATION #### | |
##################################### | |
{% if dcos.auth_cookie_secure_flag is defined -%} | |
# ENTERPRISE ONLY | |
# Indicates whether to allow web browsers to send the DC/OS authentication cookie through a non-HTTPS connection. | |
auth_cookie_secure_flag: {{ dcos.auth_cookie_secure_flag }} | |
{% endif -%} | |
{% if dcos.bouncer_expiration_auth_token_days is defined -%} | |
# ENTERPRISE ONLY | |
# Sets the auth token time-to-live (TTL) for Identity and Access Management. | |
bouncer_expiration_auth_token_days: {{ dcos.bouncer_expiration_auth_token_days }} | |
{% endif -%} | |
{% if dcos.customer_key is defined -%} | |
# ENTERPRISE ONLY | |
# (Required) The DC/OS Enterprise customer key. | |
customer_key: {{ dcos.customer_key }} | |
{% endif -%} | |
{% if dcos.ca_certificate_path is defined -%} | |
# ENTERPRISE ONLY | |
# Use this to set up a custom CA certificate. See this page for a detailed configuration parameter reference. | |
ca_certificate_path: {{ dcos.ca_certificate_path }} | |
{% endif -%} | |
{% if dcos.ca_certificate_key_path is defined -%} | |
# ENTERPRISE ONLY | |
# Use this to set up a custom CA certificate. See this page for a detailed configuration parameter reference. | |
ca_certificate_key_path: {{ dcos.ca_certificate_key_path }} | |
{% endif -%} | |
{% if dcos.ca_certificate_chain_path is defined -%} | |
# ENTERPRISE ONLY | |
# Use this to set up a custom CA certificate. See this page for a detailed configuration parameter reference. | |
ca_certificate_chain_path: {{ dcos.ca_certificate_chain_path }} | |
{% endif -%} | |
{% if dcos.security is defined -%} | |
# ENTERPRISE ONLY | |
# The security mode: disabled, permissive, or strict. | |
# TODO add if statement for enterprise enabled | |
security: {{ dcos.security }} | |
{% endif -%} | |
{% if dcos.ssh_key_path is defined -%} | |
# The path to the installer uses to log into the target nodes. | |
ssh_key_path: {{ dcos.ssh_key_path }} | |
{% endif -%} | |
{% if dcos.ssh_port is defined -%} | |
# The port to SSH to, for example 22. | |
ssh_port: {{ dcos.ssh_port }} | |
{% endif -%} | |
{% if dcos.ssh_user is defined -%} | |
# The SSH username, for example centos. | |
ssh_user: {{ dcos.ssh_user }} | |
{% endif -%} | |
{% if dcos.superuser_password_hash is defined -%} | |
# ENTERPRISE ONLY | |
# (Required) The hashed superuser password. | |
# TODO add if statement for enterprise enabled | |
superuser_password_hash: {{ dcos.superuser_password_hash }} | |
{% endif -%} | |
{% if dcos.superuser_username -%} | |
# ENTERPRISE ONLY | |
# (Required) The user name of the superuser. | |
# TODO add if statement for enterprise enabled | |
superuser_username: {{ dcos.superuser_username }} | |
{% endif -%} | |
{% if dcos.telemetry_enabled is defined -%} | |
# Indicates whether to enable sharing of anonymous data for your cluster. | |
telemetry_enabled: {{ dcos.telemetry_enabled }} | |
{% endif -%} | |
{% if dcos.zk_super_credentials is defined -%} | |
# ENTERPRISE ONLY | |
# The ZooKeeper superuser credentials. | |
zk_super_credentials: {{ dcos.zk_super_credentials }} | |
{% endif -%} | |
{% if dcos.zk_master_credentials is defined -%} | |
# ENTERPRISE ONLY | |
# The ZooKeeper master credentials. | |
zk_master_credentials: {{ dcos.zk_master_credentials }} | |
{% endif -%} | |
{% if dcos.zk_agent_credentials is defined -%} | |
# ENTERPRISE ONLY | |
# The ZooKeeper agent credentials. | |
zk_agent_credentials: {{ dcos.zk_agent_credentials }} | |
{% endif -%} | |
{% if dcos.enterprise == true %} | |
fault_domain_enabled: false | |
license_key_contents: {{ dcos.license_key_contents }} | |
{% endif %} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment