# 
# Cluster Config
# 
docker_root_dir: /var/lib/docker
enable_cluster_alerting: false
enable_cluster_monitoring: false
enable_network_policy: false
local_cluster_auth_endpoint:
  enabled: true
name: openstack-rke
# 
# Rancher Config
# 
rancher_kubernetes_engine_config:
#####################################################################
#
# Config for OpenStack @ NetLab Hochschule Fulda Start
#
# Paste the following section into rancher_kubernetes_engine_config
# be sure to use correct indention, if in doubt, use YAML syntax
# checker
#
# You need to replace tenant-id with your project id, you can see
# the id, e.g., in the OpenStack Web Interface (Horizon) here:
#   - https://private-cloud.informatik.hs-fulda.de/project/api_access/view_credentials/
#
# Replace floating-network-id with the id of the network "public1".
# Click in network "public1" here:
#   - https://private-cloud.informatik.hs-fulda.de/project/networks/
# and use the value shown for ID.
#
# Replace subnet-id with the id of the subnet (not network!) that you
# use for your RKE node instances. If you use network
# "my-terraform-rancher-network-1" you can got to:
#   - https://private-cloud.informatik.hs-fulda.de/project/networks/
# click on my-terraform-rancher-network-1, then click on its subnet
# my-terraform-rancher-subnet-1, and use the shown ID of the subnet.
#
# Replace the router-id with the id of your router. Go to:
#   - https://private-cloud.informatik.hs-fulda.de/project/routers/
# click on the router you use for the network of your RKE instances
# and use the shown ID of this router.
#
# Replace password with the password of your groups' OpenStack
# account
#
# You can also see other config options in RKE docu here:
# https://rancher.com/docs/rke/latest/en/config-options/cloud-providers/openstack/
#
#####################################################################
  cloud_provider:
    name: openstack
    openstackCloudProvider:
      block_storage:
        ignore-volume-az: true
        trust-device-path: false
      global:
        auth-url: 'https://private-cloud.informatik.hs-fulda.de:5000'
        domain-name: Default
        tenant-id: <id of your project here>
        username: IntServ19
        password: <your password here>
      load_balancer:
        create-monitor: false
        floating-network-id: <id of network public1>
        lb-version: v2
        manage-security-groups: true
        monitor-max-retries: 0
        subnet-id: <id of the subnet your use for rke instances>
        use-octavia: true
      metadata:
        request-timeout: 0
      route:
        router-id: <id of the router you use for the rke instances>
#####################################################################
#
# Config for OpenStack @ NetLab Hochschule Fulda End
#
#####################################################################
  addon_job_timeout: 45
  authentication:
    strategy: x509
  dns:
    nodelocal:
      ip_address: ''
      node_selector: null
      update_strategy: {}
  enable_cri_dockerd: false
  ignore_docker_version: true
# 
# # Currently only nginx ingress provider is supported.
# # To disable ingress controller, set `provider: none`
# # To enable ingress on specific nodes, use the node_selector, eg:
#    provider: nginx
#    node_selector:
#      app: ingress
# 
  ingress:
    default_backend: false
    default_ingress_class: true
    http_port: 0
    https_port: 0
    provider: nginx
  kubernetes_version: v1.21.8-rancher1-1
  monitoring:
    provider: metrics-server
    replicas: 1
# 
#   If you are using calico on AWS
# 
#    network:
#      plugin: calico
#      calico_network_provider:
#        cloud_provider: aws
# 
# # To specify flannel interface
# 
#    network:
#      plugin: flannel
#      flannel_network_provider:
#      iface: eth1
# 
# # To specify flannel interface for canal plugin
# 
#    network:
#      plugin: canal
#      canal_network_provider:
#        iface: eth1
# 
  network:
    mtu: 0
    options:
      flannel_backend_type: vxlan
    plugin: canal
  rotate_encryption_key: false
# 
#    services:
#      kube-api:
#        service_cluster_ip_range: 10.43.0.0/16
#      kube-controller:
#        cluster_cidr: 10.42.0.0/16
#        service_cluster_ip_range: 10.43.0.0/16
#      kubelet:
#        cluster_domain: cluster.local
#        cluster_dns_server: 10.43.0.10
# 
  services:
    etcd:
      backup_config:
        enabled: true
        interval_hours: 12
        retention: 6
        safe_timestamp: false
        timeout: 300
      creation: 12h
      extra_args:
        election-timeout: 5000
        heartbeat-interval: 500
      gid: 0
      retention: 72h
      snapshot: false
      uid: 0
    kube_api:
      always_pull_images: false
      pod_security_policy: false
      secrets_encryption_config:
        enabled: false
      service_node_port_range: 30000-32767
  ssh_agent_auth: false
  upgrade_strategy:
    max_unavailable_controlplane: '1'
    max_unavailable_worker: 10%
    node_drain_input:
      delete_local_data: false
      force: false
      grace_period: -1
      ignore_daemon_sets: true
      timeout: 120
windows_prefered_cluster: false