blob: 1124d63d83951c7afab30a8edede3ffedfb0aa5b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
|
---
schema: promenade/KubernetesNetwork/v1
metadata:
schema: metadata/Document/v1
name: kubernetes-network
layeringDefinition:
abstract: false
layer: type
storagePolicy: cleartext
substitutions:
# DNS
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .dns.cluster_domain
dest:
path: .dns.cluster_domain
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .dns.service_ip
dest:
path: .dns.service_ip
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .dns.upstream_servers
dest:
path: .dns.upstream_servers
# Kubernetes IPs
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .kubernetes.api_service_ip
dest:
path: .kubernetes.service_ip
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .kubernetes.pod_cidr
dest:
path: .kubernetes.pod_cidr
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .kubernetes.service_cidr
dest:
path: .kubernetes.service_cidr
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .kubernetes.apiserver_port
dest:
path: .kubernetes.apiserver_port
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .kubernetes.haproxy_port
dest:
path: .kubernetes.haproxy_port
# etcd IPs
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .etcd.container_port
dest:
path: .etcd.container_port
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .etcd.haproxy_port
dest:
path: .etcd.haproxy_port
# proxy
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .proxy.http
dest:
path: .proxy.url
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .proxy.no_proxy
dest:
path: .proxy.additional_no_proxy
data:
dns:
bootstrap_validation_checks:
- calico-etcd.kube-system.svc.cluster.local
- kubernetes-etcd.kube-system.svc.cluster.local
- kubernetes.default.svc.cluster.local
...
|