[Secure Azuredeploy Parameters template] updated to reference keyvault data #acs-engine
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", | |
| "contentVersion": "1.0.0.0", | |
| "parameters": { | |
| "agentpool1Count": { | |
| "value": 1 | |
| }, | |
| "agentpool1Subnet": { | |
| "value": "10.240.0.0/12" | |
| }, | |
| "agentpool1VMSize": { | |
| "value": "Standard_D2_v2" | |
| }, | |
| "agentpool1osImageOffer": { | |
| "value": "UbuntuServer" | |
| }, | |
| "agentpool1osImagePublisher": { | |
| "value": "Canonical" | |
| }, | |
| "agentpool1osImageSKU": { | |
| "value": "16.04-LTS" | |
| }, | |
| "agentpool1osImageVersion": { | |
| "value": "16.04.201711211" | |
| }, | |
| "apiServerCertificate": { | |
| "reference": { | |
| "keyVault": { | |
| "id": "/subscriptions/[SUBS_ID]/resourceGroups/[KEY_VAULT_RG]/providers/Microsoft.KeyVault/vaults/[KV_NAME]" | |
| }, | |
| "secretName": "kubernetes-api-crt" | |
| } | |
| }, | |
| "apiServerPrivateKey": { | |
| "reference": { | |
| "keyVault": { | |
| "id": "/subscriptions/[SUBS_ID]/resourceGroups/[KEY_VAULT_RG]/providers/Microsoft.KeyVault/vaults/[KV_NAME]" | |
| }, | |
| "secretName": "kubernetes-api-key" | |
| } | |
| }, | |
| "caCertificate": { | |
| "reference": { | |
| "keyVault": { | |
| "id": "/subscriptions/[SUBS_ID]/resourceGroups/[KEY_VAULT_RG]/providers/Microsoft.KeyVault/vaults/[KV_NAME]" | |
| }, | |
| "secretName": "ca-crt" | |
| } | |
| }, | |
| "caPrivateKey": { | |
| "reference": { | |
| "keyVault": { | |
| "id": "/subscriptions/[SUBS_ID]/resourceGroups/[KEY_VAULT_RG]/providers/Microsoft.KeyVault/vaults/[KV_NAME]" | |
| }, | |
| "secretName": "ca-key" | |
| } | |
| }, | |
| "clientCertificate": { | |
| "reference": { | |
| "keyVault": { | |
| "id": "/subscriptions/[SUBS_ID]/resourceGroups/[KEY_VAULT_RG]/providers/Microsoft.KeyVault/vaults/[KV_NAME]" | |
| }, | |
| "secretName": "kubernetes-client-crt" | |
| } | |
| }, | |
| "clientPrivateKey": { | |
| "reference": { | |
| "keyVault": { | |
| "id": "/subscriptions/[SUBS_ID]/resourceGroups/[KEY_VAULT_RG]/providers/Microsoft.KeyVault/vaults/[KV_NAME]" | |
| }, | |
| "secretName": "kubernetes-client-key" | |
| } | |
| }, | |
| "cloudProviderBackoff": { | |
| "value": "false" | |
| }, | |
| "cloudProviderBackoffDuration": { | |
| "value": "0" | |
| }, | |
| "cloudProviderBackoffExponent": { | |
| "value": "0" | |
| }, | |
| "cloudProviderBackoffJitter": { | |
| "value": "0" | |
| }, | |
| "cloudProviderBackoffRetries": { | |
| "value": "0" | |
| }, | |
| "cloudProviderRatelimit": { | |
| "value": "false" | |
| }, | |
| "cloudProviderRatelimitBucket": { | |
| "value": "0" | |
| }, | |
| "cloudProviderRatelimitQPS": { | |
| "value": "0" | |
| }, | |
| "cniPluginsURL": { | |
| "value": "https://acs-mirror.azureedge.net/cni/cni-plugins-amd64-latest.tgz" | |
| }, | |
| "dockerBridgeCidr": { | |
| "value": "172.17.0.1/16" | |
| }, | |
| "dockerEngineDownloadRepo": { | |
| "value": "https://aptdocker.azureedge.net/repo" | |
| }, | |
| "dockerEngineVersion": { | |
| "value": "1.12.*" | |
| }, | |
| "etcdDiskSizeGB": { | |
| "value": "128" | |
| }, | |
| "etcdDownloadURLBase": { | |
| "value": "https://acs-mirror.azureedge.net/github-coreos" | |
| }, | |
| "etcdVersion": { | |
| "value": "2.3.8" | |
| }, | |
| "firstConsecutiveStaticIP": { | |
| "value": "10.255.255.5" | |
| }, | |
| "fqdnEndpointSuffix": { | |
| "value": "cloudapp.azure.com" | |
| }, | |
| "gchighthreshold": { | |
| "value": 85 | |
| }, | |
| "gclowthreshold": { | |
| "value": 80 | |
| }, | |
| "generatorCode": { | |
| "value": "acsengine" | |
| }, | |
| "kubeClusterCidr": { | |
| "value": "10.240.0.0/12" | |
| }, | |
| "kubeConfigCertificate": { | |
| "reference": { | |
| "keyVault": { | |
| "id": "/subscriptions/[SUBS_ID]/resourceGroups/[KEY_VAULT_RG]/providers/Microsoft.KeyVault/vaults/[KV_NAME]" | |
| }, | |
| "secretName": "kubeconfig-crt" | |
| } | |
| }, | |
| "kubeConfigPrivateKey": { | |
| "reference": { | |
| "keyVault": { | |
| "id": "/subscriptions/[SUBS_ID]/resourceGroups/[KEY_VAULT_RG]/providers/Microsoft.KeyVault/vaults/[KV_NAME]" | |
| }, | |
| "secretName": "kubeconfig-key" | |
| } | |
| }, | |
| "kubeDNSServiceIP": { | |
| "value": "10.0.0.10" | |
| }, | |
| "kubeServiceCidr": { | |
| "value": "10.0.0.0/16" | |
| }, | |
| "kubernetesACIConnectorCPULimit": { | |
| "value": "50m" | |
| }, | |
| "kubernetesACIConnectorCPURequests": { | |
| "value": "50m" | |
| }, | |
| "kubernetesACIConnectorClientId": { | |
| "value": "" | |
| }, | |
| "kubernetesACIConnectorClientKey": { | |
| "value": "" | |
| }, | |
| "kubernetesACIConnectorMemoryLimit": { | |
| "value": "150Mi" | |
| }, | |
| "kubernetesACIConnectorMemoryRequests": { | |
| "value": "150Mi" | |
| }, | |
| "kubernetesACIConnectorNodeName": { | |
| "value": "aci-connector" | |
| }, | |
| "kubernetesACIConnectorOS": { | |
| "value": "Linux" | |
| }, | |
| "kubernetesACIConnectorRegion": { | |
| "value": "westus" | |
| }, | |
| "kubernetesACIConnectorResourceGroup": { | |
| "value": "" | |
| }, | |
| "kubernetesACIConnectorSpec": { | |
| "value": "microsoft/virtual-kubelet:latest" | |
| }, | |
| "kubernetesACIConnectorSubscriptionId": { | |
| "value": "" | |
| }, | |
| "kubernetesACIConnectorTaint": { | |
| "value": "azure.com/aci" | |
| }, | |
| "kubernetesACIConnectorTenantId": { | |
| "value": "" | |
| }, | |
| "kubernetesAddonManagerSpec": { | |
| "value": "gcrio.azureedge.net/google_containers/kube-addon-manager-amd64:v6.4-beta.2" | |
| }, | |
| "kubernetesAddonResizerSpec": { | |
| "value": "gcrio.azureedge.net/google_containers/addon-resizer:1.7" | |
| }, | |
| "kubernetesCtrlMgrNodeMonitorGracePeriod": { | |
| "value": "40s" | |
| }, | |
| "kubernetesCtrlMgrPodEvictionTimeout": { | |
| "value": "5m0s" | |
| }, | |
| "kubernetesCtrlMgrRouteReconciliationPeriod": { | |
| "value": "10s" | |
| }, | |
| "kubernetesDNSMasqSpec": { | |
| "value": "gcrio.azureedge.net/google_containers/k8s-dns-dnsmasq-nanny-amd64:1.14.5" | |
| }, | |
| "kubernetesDashboardCPULimit": { | |
| "value": "300m" | |
| }, | |
| "kubernetesDashboardCPURequests": { | |
| "value": "300m" | |
| }, | |
| "kubernetesDashboardMemoryLimit": { | |
| "value": "150Mi" | |
| }, | |
| "kubernetesDashboardMemoryRequests": { | |
| "value": "150Mi" | |
| }, | |
| "kubernetesDashboardSpec": { | |
| "value": "gcrio.azureedge.net/google_containers/kubernetes-dashboard-amd64:v1.6.3" | |
| }, | |
| "kubernetesExecHealthzSpec": { | |
| "value": "gcrio.azureedge.net/google_containers/exechealthz-amd64:1.2" | |
| }, | |
| "kubernetesHardEvictionThreshold": { | |
| "value": "memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%" | |
| }, | |
| "kubernetesHeapsterSpec": { | |
| "value": "gcrio.azureedge.net/google_containers/heapster-amd64:v1.4.2" | |
| }, | |
| "kubernetesHyperkubeSpec": { | |
| "value": "gcrio.azureedge.net/google_containers/hyperkube-amd64:v1.7.9" | |
| }, | |
| "kubernetesKubeDNSSpec": { | |
| "value": "gcrio.azureedge.net/google_containers/k8s-dns-kube-dns-amd64:1.14.5" | |
| }, | |
| "kubernetesNodeStatusUpdateFrequency": { | |
| "value": "10s" | |
| }, | |
| "kubernetesNonMasqueradeCidr": { | |
| "value": "10.0.0.0/8" | |
| }, | |
| "kubernetesPodInfraContainerSpec": { | |
| "value": "gcrio.azureedge.net/google_containers/pause-amd64:3.0" | |
| }, | |
| "kubernetesReschedulerCPULimit": { | |
| "value": "10m" | |
| }, | |
| "kubernetesReschedulerCPURequests": { | |
| "value": "10m" | |
| }, | |
| "kubernetesReschedulerMemoryLimit": { | |
| "value": "100Mi" | |
| }, | |
| "kubernetesReschedulerMemoryRequests": { | |
| "value": "100Mi" | |
| }, | |
| "kubernetesReschedulerSpec": { | |
| "value": "gcrio.azureedge.net/google_containers/rescheduler:v0.3.1" | |
| }, | |
| "kubernetesTillerCPULimit": { | |
| "value": "50m" | |
| }, | |
| "kubernetesTillerCPURequests": { | |
| "value": "50m" | |
| }, | |
| "kubernetesTillerMemoryLimit": { | |
| "value": "150Mi" | |
| }, | |
| "kubernetesTillerMemoryRequests": { | |
| "value": "150Mi" | |
| }, | |
| "kubernetesTillerSpec": { | |
| "value": "gcrio.azureedge.net/kubernetes-helm/tiller:v2.6.2" | |
| }, | |
| "linuxAdminUsername": { | |
| "value": "azureuser" | |
| }, | |
| "location": { | |
| "value": "westeurope" | |
| }, | |
| "masterEndpointDNSNamePrefix": { | |
| "value": "kubcvkv" | |
| }, | |
| "masterSubnet": { | |
| "value": "10.240.0.0/12" | |
| }, | |
| "masterVMSize": { | |
| "value": "Standard_D2_v2" | |
| }, | |
| "maxPods": { | |
| "value": 30 | |
| }, | |
| "networkPolicy": { | |
| "value": "azure" | |
| }, | |
| "orchestratorName": { | |
| "value": "k8s" | |
| }, | |
| "osImageOffer": { | |
| "value": "UbuntuServer" | |
| }, | |
| "osImagePublisher": { | |
| "value": "Canonical" | |
| }, | |
| "osImageSKU": { | |
| "value": "16.04-LTS" | |
| }, | |
| "osImageVersion": { | |
| "value": "16.04.201711211" | |
| }, | |
| "servicePrincipalClientId": { | |
| "value": "bc185868-ba6c-4e2c-a596-86bb48757f00" | |
| }, | |
| "servicePrincipalClientSecret": { | |
| "reference": { | |
| "keyVault": { | |
| "id": "/subscriptions/[SUBS_ID]/resourceGroups/[KEY_VAULT_RG]/providers/Microsoft.KeyVault/vaults/[KV_NAME]" | |
| }, | |
| "secretName": "sppasswordsecret" | |
| } | |
| }, | |
| "sshRSAPublicKey": { | |
| "value": "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAiRQv9YaLHnaWS/XowQDfZKt4WWo07Bfme1zg+LfMHHMYxVQih2xmDUVrfiNwkAKen4mHfKXVws6TTtTw47VDunQttM3g6Ywj1wxmH1eLpQrO6BPNjdXd2XJurdRdG/QlN6X6eZajJqgU/huXbqAaZg4F9/Q6gKn9TOkjUMtwTTmExdkT43IACQ+BvS4PNFx9pnDwBhKBSyMI1LHf53KJ2Bri49+onxlj0RO1yGUnm5fgtDiLD5oZcH8uXKdpjFwOJ79aofMD7Csef40NiJG7wMO+k2lUO58nCeIy4vugCklX6rx2Jp34E48Iexxd2kAsAcmndAvlmAi/zbpS+QCL4w== rsa-key-20180112" | |
| }, | |
| "targetEnvironment": { | |
| "value": "AzurePublicCloud" | |
| }, | |
| "vnetCniLinuxPluginsURL": { | |
| "value": "https://acs-mirror.azureedge.net/cni/azure-vnet-cni-linux-amd64-v0.91.tgz" | |
| }, | |
| "vnetCniWindowsPluginsURL": { | |
| "value": "https://acs-mirror.azureedge.net/cni/azure-vnet-cni-windows-amd64-v0.91.zip" | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment