Example yaml file
example.yaml
name: ExampleManifest
# Providers field is used for defining the providers.
# Every supported provider has an example in this input manifest.
# All of the sensitive credentials are dummy values, similar to the ones user will supply.
providers:
# Hetzner DNS provider.
# Definition specification:
# - name: # Name of this provider instance.
# apiToken: # API token of this provider instance.
# Example definition:
hetznerdns:
- name: hetznerdns-1
apiToken: kslISA878a6etYAfXYcg5iYyrFGNlCxc
# Cloudflare DNS provider.
# Definition specification:
# - name: # Name of this provider instance.
# apiToken: # API token of this provider instance.
# Example definition:
cloudflare:
- name: cloudflare-1
apiToken: kslISA878a6etYAfXYcg5iYyrFGNlCxc
# Hetzner Cloud provider.
# Definition specification:
# - name: # Name of this provider instance.
# credentials: # API token of this provider instance.
# Example definition:
hetzner:
- name: hetzner-1
credentials: kslISA878a6etYAfXYcg5iYyrFGNlCxcICo060HVEygjFs21nske76ksjKko21lp
# GCP cloud provider.
# Definition specification:
# - name: # Name of this provider instance.
# credentials: # Service account key in JSON format.
# gcpProject: # GCP project of this service account.
# Example definition:
gcp:
- name: gcp-1
credentials: |
{
"type": "service_account",
"project_id": "project-claudie",
"private_key_id": "bskdlo875s9087394763eb84e407903lskdimp439",
"private_key": "-----BEGIN PRIVATE KEY-----\nSKLOosKJUSDANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad\nMIIEvQIBADANBgkqhki\n-----END PRIVATE KEY-----\n",
"client_email": "[email protected]",
"client_id": "109876543211234567890","auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://oauth2.googleapis.com/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/claudie%40claudie-project-123456.iam.gserviceaccount.com"
}
gcpProject: project-id
# OCI cloud provider.
# Definition specification:
# - name: # Name of this provider instance.
# privateKey: # Private key of this user account.
# keyFingerprint: # Fingerprint of the key pair.
# tenancyOcid: # OCID of the tenancy.
# userOcid: # OCID of the user.
# compartmentOcid: # OCID of the compartment, where resources will be created.
# Example definition:
oci:
- name: oci-1
privateKey: |
-----BEGIN RSA PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/askJSLosad
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCj2/==
-----END RSA PRIVATE KEY-----
keyFingerprint: ab:cd:3f:34:33:22:32:34:54:54:45:76:76:78:98:aa
tenancyOcid: ocid2.tenancy.oc2..aaaaaaaayrsfvlvxc34o060kfdygsds21nske76ksjkko21lpsdfsfsgbrtghs
userOcid: ocid2.user.oc2..aaaaaaaaaanyrsfvlvxc34o060kfdygsds21nske76ksjkko21lpsdfsf
compartmentOcid: ocid2.compartment.oc2..aaaaaaaaa2rsfvlvxc34o060kfdygsds21nske76ksjkko21lpsdfsf
# AWS cloud provider.
# Definition specification:
# - name: # Name of this provider instance.
# accessKey: # Access key for the service account
# secretKey: # Secret key for the service account.
# Example definition:
aws:
- name: aws-1
accessKey: SLDUTKSHFDMSJKDIALASSD
secretKey: iuhbOIJN+oin/olikDSadsnoiSVSDsacoinOUSHD
# Azure cloud provider.
# Definition specification:
# - name: # Name of this provider instance.
# clientSecret: # Service principal secret.
# subscriptionId: # ID of the subscription.
# tenantId: # ID of the tenancy.
# clientId: # ID of the client.
# Example definition:
azure:
- name: azure-1
clientSecret: Abcd~EFg~H6Ijkls~ABC15sEFGK54s78X~Olk9
subscriptionId: 6a4dfsg7-sd4v-f4ad-dsva-ad4v616fd512
tenantId: 54cdafa5-sdvs-45ds-546s-df651sfdt614
clientId: 0255sc23-76we-87g6-964f-abc1def2gh3l
# Nodepools field is used for defining the nodepool specification.
# You can think of them as a blueprints, not actual nodepools that will be created.
nodePools:
# Dynamic nodepools are created by Claudie, in one of the cloud providers specified.
# Definition specification:
# dynamic:
# - name: # Name of the nodepool, which is used as a refference to it. Needs to be unique.
# providerSpec: # Provider specification for this nodepool.
# name: # Name of the provider instance, referencing one of the providers define above.
# region: # Region of the nodepool.
# zone: # Zone of the nodepool.
# count: # Static number of nodes in this nodepool.
# serverType: # Machine type of the nodes in this nodepool.
# image: # OS image of the nodes in the nodepool.
# storageDiskSize: # Disk size of the storage disk for compute nodepool.
# autoscaler: # Autoscaler configuration. Mutually exclusive with Count.
# min: # Minimum number of nodes in nodepool.
# max: # Maximum number of nodes in nodepool.
#
# Example definitions for each provider
dynamic:
- name: control-hetzner
providerSpec:
name: hetzner-1
region: hel1
zone: hel1-dc2
count: 3
serverType: cpx11
image: ubuntu-22.04
- name: compute-hetzner
providerSpec:
name: hetzner-1
region: hel1
zone: hel1-dc2
count: 2
serverType: cpx11
image: ubuntu-22.04
storageDiskSize: 50
- name: compute-hetzner-autoscaled
providerSpec:
name: hetzner-1
region: hel1
zone: hel1-dc2
serverType: cpx11
image: ubuntu-22.04
storageDiskSize: 50
autoscaler:
min: 1
max: 5
- name: control-gcp
providerSpec:
name: gcp-1
region: europe-west1
zone: europe-west1-c
count: 3
serverType: e2-medium
image: ubuntu-os-cloud/ubuntu-2204-jammy-v20221206
- name: compute-gcp
providerSpec:
name: gcp-1
region: europe-west1
zone: europe-west1-c
count: 2
serverType: e2-small
image: ubuntu-os-cloud/ubuntu-2204-jammy-v20221206
storageDiskSize: 50
- name: control-oci
providerSpec:
name: oci-1
region: eu-milan-1
zone: hsVQ:EU-MILAN-1-AD-1
count: 3
serverType: VM.Standard2.1
image: ocid1.image.oc1.eu-frankfurt-1.aaaaaaaavvsjwcjstxt4sb25na65yx6i34bzdy5oess3pkgwyfa4hxmzpqeq
- name: compute-oci
providerSpec:
name: oci-1
region: eu-milan-1
zone: hsVQ:EU-MILAN-1-AD-1
count: 2
serverType: VM.Standard2.1
image: ocid1.image.oc1.eu-frankfurt-1.aaaaaaaavvsjwcjstxt4sb25na65yx6i34bzdy5oess3pkgwyfa4hxmzpqeq
storageDiskSize: 50
- name: control-aws
providerSpec:
name: aws-1
region: eu-central-1
zone: eu-central-1c
count: 2
serverType: t3.medium
image: ami-0965bd5ba4d59211c
- name: compute-aws
providerSpec:
name: aws-1
region: eu-central-1
zone: eu-central-1c
count: 2
serverType: t3.medium
image: ami-0965bd5ba4d59211c
storageDiskSize: 50
- name: control-azure
providerSpec:
name: azure-1
region: West Europe
zone: 1
count: 2
serverType: Standard_B2s
image: Canonical:0001-com-ubuntu-minimal-jammy:minimal-22_04-lts:22.04.202212120
- name: compute-azure
providerSpec:
name: azure-1
region: West Europe
zone: 1
count: 2
serverType: Standard_B2s
image: Canonical:0001-com-ubuntu-minimal-jammy:minimal-22_04-lts:22.04.202212120
storageDiskSize: 50
- name: loadbalancer-1
provider:
providerSpec:
name: gcp-1
region: europe-west1
zone: europe-west1-c
count: 2
serverType: e2-small
image: ubuntu-os-cloud/ubuntu-2004-focal-v20220610
- name: loadbalancer-2
providerSpec:
name: hetzner-1
region: hel1
zone: hel1-dc2
count: 2
serverType: cpx11
image: ubuntu-20.04
# Kubernetes field is used to define the kubernetes clusters.
# Definition specification:
#
# clusters:
# - name: # Name of the cluster. The name will be appended to the created node name.
# version: # Kubernetes version in semver scheme, must be supported by KubeOne.
# network: # Private network IP range.
# pools: # Nodepool names which cluster will be composed of. User can reuse same nodepool specification on multiple clusters.
# control: # List of nodepool names, which will be used as control nodes.
# compute: # List of nodepool names, which will be used as compute nodes.
#
# Example definitions:
kubernetes:
clusters:
- name: dev-cluster
version: v1.24.0
network: 192.168.2.0/24
pools:
control:
- control-hetzner
- control-gcp
compute:
- compute-hetzner
- compute-gcp
- compute-azure
- name: prod-cluster
version: v1.24.0
network: 192.168.2.0/24
pools:
control:
- control-hetzner
- control-gcp
- control-oci
- control-aws
- control-azure
compute:
- compute-hetzner
- compute-gcp
- compute-oci
- compute-aws
- compute-azure
# Loadbalancers field defines loadbalancers used for the kubernetes clusters and roles for the loadbalancers.
# Definition specification for role:
#
# roles:
# - name: # Name of the role, used as a reference later. Must be unique.
# protocol: # Protocol, this role will use.
# port: # Port, where trafic will be coming.
# targetPort: # Port, where loadbalancer will forward traffic to.
# target: # Targeted nodes on kubernetes cluster. Can be "k8sControlPlane", "k8sComputePlane" or "k8sAllNodes".
#
# Definition specification for loadbalancer:
#
# clusters:
# - name: # Loadbalancer cluster name
# roles: # List of role names this loadbalancer will fullfil.
# dns: # DNS specification, where DNS records will be created.
# dnsZone: # DNS zone name in your provider.
# provider: # Provider name for the DNS.
# hostname: # Hostname for the DNS record. Keep in mind the zone will be included automaticaly. If left empty the Claudie will create random hash as a hostname.
# targetedK8s: # Name of the targeted kubernetes cluster
# pools: # List of nodepool names used for loadbalancer
# Example definitons:
loadBalancers:
roles:
- name: apiserver
protocol: tcp
port: 6443
targetPort: 6443
target: k8sControlPlane
clusters:
- name: apiserver-lb-dev
roles:
- apiserver
dns:
dnsZone: dns-zone
provider: hetznerdns-1
targetedK8s: dev-cluster
pools:
- loadbalancer-1
- name: apiserver-lb-prod
roles:
- apiserver
dns:
dnsZone: dns-zone
provider: cloudflare-1
hostname: my.fancy.url
targetedK8s: prod-cluster
pools:
- loadbalancer-2