-
Notifications
You must be signed in to change notification settings - Fork 0
/
schema.yaml
128 lines (119 loc) · 4.09 KB
/
schema.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
x-google-marketplace:
schemaVersion: v2
applicationApiVersion: v1beta1
publishedVersion: '3.9.0-14'
clusterConstraints:
assistedClusterCreation:
type: STRICT
gke:
nodePool:
- numNodes: 3
machineType: e2-standard-4
publishedVersionMetadata:
releaseNote: >-
Initial Release of Spektra (BYOL).
releaseTypes:
- Feature
recommended: false
deployerServiceAccount:
description: >
Service account for the Spektra deployment. This service account
requires permissions to provision various resources.
roles:
- type: ClusterRole
rulesType: CUSTOM
rules:
- apiGroups: ['']
resources: ['secrets', 'ServiceAccount', 'namespaces']
verbs: ['*']
- apiGroups: ['apps']
resources: ['deployments']
verbs: ['*']
- apiGroups: ['rbac.authorization.k8s.io']
resources: ['*']
verbs: ['*']
- apiGroups: ['apiextensions.k8s.io']
resources: ['*']
verbs: ['*']
images:
spektrasvc:
properties:
spektrasvcRepo:
type: FULL
form:
- widget: help
description: |
<h4>Prerequisites</h4>
<ul>
<li>GKE cluster with K8S version 1.27 or 1.28 </li>
<li>There should be at least one worker node with a minimum configuration of <b>E2-Standard-4 [4 VCPU and 16GB
Memory]</b>. </li>
<li>To configure OIDC, Spektra's FQDN Issuer URL requires a CA certificate. </li>
</ul>
<h4>Installation Steps</h4>
<ul>
<li>Configure <b>OIDC</b> using the following script <a
href="https://raw.githubusercontent.com/diamanticom/gmp-spektra/master/gke-oidc.sh">here</a>. </br>
<b>usage:</b>
<code> ./gke-oidc.sh <Cluster Name> -z <Cluster Zone> -p <Project ID> -s <Spektra FQDN> -c <CA Cert File>,<CA Key File></code>
</li>
<li>Setup Cloud DNS for the Spektra FQDN. <a
href="https://github.com/diamanticom/gmp-spektra/blob/master/README.md#setup-cloud-dns-for-the-spektra-fqdn">here</a>
</li>
</ul>
<h4>Deployment Steps</h4>
<ul>
<li>Select the <b>"spektra-system"</b> namespace. If it does not exist, select <b>create a new namespace</b> with the name <b>"spektra-system"</b>.</li>
<li>For OIDC_VIP, Spektra_FQDN, CA_CERT_FILE_BASE64 and CA_KEY_FILE_BASE64, use the values provided by the <b>gke-oidc.sh</b> script.</li>
<li>Deploy Spektra. Once deployed, check status and configure the domain by following the steps outlined <a
href="https://github.com/diamanticom/gmp-spektra/blob/master/README.md#check-status">here</a>.
</li>
</ul>
<h5><a href="https://github.com/diamanticom/gmp-spektra/blob/master/README.md">Link to documentation.</a></h5>
properties:
name:
type: string
x-google-marketplace:
type: NAME
namespace:
type: string
default: spektra-system
x-google-marketplace:
type: NAMESPACE
spec.clusterVip:
type: string
title: OIDC_VIP
description: It is the OIDC_VIP address of the GKE cluster.
spec.spektraFqdn:
type: string
title: Spektra_FQDN
description: Fully Qualified Domain Name (FQDN) used for cluster.
spec.spektraPort:
type: integer
title: Spektra Port
description: Spektra ingress HTTPS port
default: 5443
spec.clusterApiPort:
type: integer
title: Cluster Api Port
description: Domain cluster k8s API port
default: 443
spec.controlPlaneCert.type:
type: string
description: CA Certificate
default: ca
spec.controlPlaneCert.crt:
type: string
title: CA_CERT_FILE_BASE64
description: CA_CERT_FILE_BASE64 is valid certificate in base64 format.
spec.controlPlaneCert.key:
type: string
title: CA_KEY_FILE_BASE64
description: CA_KEY_FILE_BASE64 is valid private key in base64 format.
required:
- name
- namespace
- spec.clusterVip
- spec.spektraFqdn
- spec.controlPlaneCert.crt
- spec.controlPlaneCert.key