yk8s.openstack

Note

yk8s.openstack.nodes allows you to configure the k8s master and worker servers. The role attribute must be used to distinguish both [1].

The amount of gateway nodes can be controlled with yk8s.openstack.gateway_count.

[1]

Caveat: Changing the role of a Terraform node will completely rebuild the node.

Attention

You must configure at least one master node.

You can add and delete Terraform nodes simply by adding and removing their entries to/from the config or tuning yk8s.openstack.gateway_count for gateway nodes. Consider the following example:

 openstack = {

-  gateway_count = 3;
+  gateway_count = 2;                 # <-- one gateway gets deleted

   nodes = {
     worker-0 = {
       role = "worker";
       flavor = "M";
       image = "Debian 12 (bookworm)";
     };
-    worker-1 = {                     # <-- gets deleted
-      role = "worker";
-      flavor = "M";
-    };
     worker-2 = {
       role = "worker";
       flavor = "L";
     };
+    mon1 = {                         # <-- gets created
+      role = "worker";
+      flavor = "S";
+      image = "Ubuntu 22.04 LTS x64";
+    };
   };
};

The name of an OpenStack node is composed from the following parts:

• for master/worker nodes: yk8s.infra.cluster_name <the nodes' key in yk8s.openstack.nodes>

• for gateway nodes: yk8s.infra.cluster_name yk8s.openstack.gateway_defaults.common_name <numeric-index>

openstack = {

 cluster_name = "yk8s";
 gateway_count = 1;
 #....

 gateway_defaults.common_name = "gateway-";

 nodes.master-x.role = "master";
 nodes.worker-a.role = "worker";

 # yields the following node names:
 # - yk8s-gateway-0
 # - yk8s-master-x
 # - yk8s-worker-a

yk8s.openstack.azs

Availability zones of the underlying Openstack cloud to use for the creation of servers.

Type::

list of non-empty string

Default::

[ ]

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.check_credentials

Whether to enable OpenStack credential checks Terrible things will happen when certain tasks are run and OpenStack credentials are not sourced. Okay, maybe not so terrible after all, but the templates do not check if certain values exist. Hence config files with empty credentials are written. The LCM will execute a simple check to see if you provided valid credentials as a sanity check if you’re on openstack and this option is set to true. .

Type::

boolean

Default::

true

Example::

false

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.cinder_enable_topology

Whether to enable cinder topology. This flag enables the topology feature gate of the cinder controller plugin. Its purpose is to allocate volumes from cinder which are in the same AZ as the worker node to which the volume should be attached. Important: Cinder must support AZs and the AZs must match the AZs used by nova! .

Type::

boolean

Default::

false

Example::

true

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.cinder_volume_type

Use a specific volume type for the csi-sc-cinderplugin StorageClass. If unset, no volume type is explicitly set and the default volume type of the IaaS-layer is used.

Type::

null or non-empty string

Default::

null

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.create_root_disk_on_volume

Whether to enable creation of root disk volumes. If true, create block volume for each instance and boot from there. Equivalent to openstack server create --boot-from-volume […]. .

Type::

boolean

Default::

false

Example::

true

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.dns_nameservers_v4

A list of IPv4 addresses which will be configured as DNS nameservers of the IPv4 subnet.

Type::

list of IPv4 address in four-octets decimal notation

Default::

[ ]

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.enabled

Whether to build the cluster on top of Openstack.

Type::

boolean

Default::

true

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.gateway_count

Amount of gateway nodes to create.

Defaults to 3 unless yk8s.openstack.spread_gateways_across_azs is set to true in which case it will match the amount of availability zones by default.

Type::

positive integer, meaning >0

Default::

0

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.gateway_defaults.common_name

Type::

string

Default::

"gw-"

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.gateway_defaults.flavor

Type::

non-empty string

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.gateway_defaults.image

Type::

non-empty string

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.gateway_defaults.root_disk_size

Only applies if yk8s.openstack.create_root_disk_on_volume is set to true

Type::

positive integer, meaning >0

Default::

10

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.gateway_defaults.root_disk_volume_type

Only applies if yk8s.openstack.create_root_disk_on_volume is set to true If null, the default of the IaaS environment will be used.

Type::

null or non-empty string

Default::

null

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.keypair

Name of the SSH public key in your cloud environment

Will most of the time be set via the environment variable TF_VAR_keypair

Type::

null or non-empty string

Default::

null

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.master_defaults.flavor

Type::

non-empty string

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.master_defaults.image

Type::

non-empty string

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.master_defaults.root_disk_size

Only applies if yk8s.openstack.create_root_disk_on_volume is set to true

Type::

positive integer, meaning >0

Default::

50

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.master_defaults.root_disk_volume_type

Only applies if yk8s.openstack.create_root_disk_on_volume is set to true If null, the default of the IaaS environment will be used.

Type::

null or non-empty string

Default::

null

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.network_mtu

MTU for the network used for the cluster.

Type::

positive integer, meaning >0

Default::

1450

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.network_name

Name of the internal OpenStack network. This field becomes important if a VM is attached to two networks but the controller-manager should only pick up one. If you don’t understand the purpose of this field, there’s a very high chance you won’t need to touch it. Note: This network name isn’t fetched automagically (by terraform) on purpose because there might be situations where the CCM should not pick the managed network.

Type::

null or non-empty string

Default::

null

Example::

"${config.yk8s.infra.cluster_name}-network"

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.nodes

User defined attribute set of control plane and worker nodes to be created with specified values

At least one node with role=master must be given.

You may also specify those attributes or a subset of them using yk8s.openstack.{master,worker}_defaults.

Type::

attribute set of (submodule)

Default::

{ }

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.nodes.<name>.anti_affinity_group

Must not be set when role!=”worker”. If left empty no anti affinity group will be joined.

Type::

null or non-empty string

Default::

null

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.nodes.<name>.az

Type::

null or non-empty string

Default::

null

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.nodes.<name>.flavor

Type::

null or non-empty string

Default::

null

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.nodes.<name>.image

Type::

null or non-empty string

Default::

null

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.nodes.<name>.role

Type::

one of "master", "worker"

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.nodes.<name>.root_disk_size

Type::

null or (positive integer, meaning >0)

Default::

null

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.nodes.<name>.root_disk_volume_type

Type::

null or non-empty string

Default::

null

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.public_network

Name of the Openstack provider network to use

Type::

non-empty string

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.spread_gateways_across_azs

If true, spawn a gateway node in each availability zone listed in yk8s.openstack.spread_gateways_across_azs, Otherwise leave the distribution to the cloud controller.

Type::

boolean

Default::

true

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.thanos_delete_container

Whether to enable deletion of the Thanos object storage container in case yk8s.k8s-service-layer.prometheus.use_thanos AND yk8s.k8s-service-layer.prometheus.manage_thanos_bucket are switched off .

Type::

boolean

Default::

false

Example::

true

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.worker_defaults.anti_affinity_group

Leaving this empty means to not join any anti affinity group

Type::

null or non-empty string

Default::

null

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.worker_defaults.flavor

Type::

non-empty string

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.worker_defaults.image

Type::

non-empty string

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.worker_defaults.root_disk_size

Only applies if yk8s.openstack.create_root_disk_on_volume is set to true

Type::

positive integer, meaning >0

Default::

50

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix

yk8s.openstack.worker_defaults.root_disk_volume_type

Only applies if yk8s.openstack.create_root_disk_on_volume is set to true If null, the default of the IaaS environment will be used.

Type::

null or non-empty string

Default::

null

Declared by https://gitlab.com/alasca.cloud/tarook/tarook/-/tree/devel/nix/yk8s/openstack.nix