Skip to content

Instantly share code, notes, and snippets.

@rinormaloku
Created January 14, 2018 10:22
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save rinormaloku/7528027d936b73f298e280d334329a2e to your computer and use it in GitHub Desktop.
Save rinormaloku/7528027d936b73f298e280d334329a2e to your computer and use it in GitHub Desktop.
[Secure Azuredeploy Parameters template] updated to reference keyvault data #acs-engine
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"agentpool1Count": {
"value": 1
},
"agentpool1Subnet": {
"value": "10.240.0.0/12"
},
"agentpool1VMSize": {
"value": "Standard_D2_v2"
},
"agentpool1osImageOffer": {
"value": "UbuntuServer"
},
"agentpool1osImagePublisher": {
"value": "Canonical"
},
"agentpool1osImageSKU": {
"value": "16.04-LTS"
},
"agentpool1osImageVersion": {
"value": "16.04.201711211"
},
"apiServerCertificate": {
"reference": {
"keyVault": {
"id": "/subscriptions/[SUBS_ID]/resourceGroups/[KEY_VAULT_RG]/providers/Microsoft.KeyVault/vaults/[KV_NAME]"
},
"secretName": "kubernetes-api-crt"
}
},
"apiServerPrivateKey": {
"reference": {
"keyVault": {
"id": "/subscriptions/[SUBS_ID]/resourceGroups/[KEY_VAULT_RG]/providers/Microsoft.KeyVault/vaults/[KV_NAME]"
},
"secretName": "kubernetes-api-key"
}
},
"caCertificate": {
"reference": {
"keyVault": {
"id": "/subscriptions/[SUBS_ID]/resourceGroups/[KEY_VAULT_RG]/providers/Microsoft.KeyVault/vaults/[KV_NAME]"
},
"secretName": "ca-crt"
}
},
"caPrivateKey": {
"reference": {
"keyVault": {
"id": "/subscriptions/[SUBS_ID]/resourceGroups/[KEY_VAULT_RG]/providers/Microsoft.KeyVault/vaults/[KV_NAME]"
},
"secretName": "ca-key"
}
},
"clientCertificate": {
"reference": {
"keyVault": {
"id": "/subscriptions/[SUBS_ID]/resourceGroups/[KEY_VAULT_RG]/providers/Microsoft.KeyVault/vaults/[KV_NAME]"
},
"secretName": "kubernetes-client-crt"
}
},
"clientPrivateKey": {
"reference": {
"keyVault": {
"id": "/subscriptions/[SUBS_ID]/resourceGroups/[KEY_VAULT_RG]/providers/Microsoft.KeyVault/vaults/[KV_NAME]"
},
"secretName": "kubernetes-client-key"
}
},
"cloudProviderBackoff": {
"value": "false"
},
"cloudProviderBackoffDuration": {
"value": "0"
},
"cloudProviderBackoffExponent": {
"value": "0"
},
"cloudProviderBackoffJitter": {
"value": "0"
},
"cloudProviderBackoffRetries": {
"value": "0"
},
"cloudProviderRatelimit": {
"value": "false"
},
"cloudProviderRatelimitBucket": {
"value": "0"
},
"cloudProviderRatelimitQPS": {
"value": "0"
},
"cniPluginsURL": {
"value": "https://acs-mirror.azureedge.net/cni/cni-plugins-amd64-latest.tgz"
},
"dockerBridgeCidr": {
"value": "172.17.0.1/16"
},
"dockerEngineDownloadRepo": {
"value": "https://aptdocker.azureedge.net/repo"
},
"dockerEngineVersion": {
"value": "1.12.*"
},
"etcdDiskSizeGB": {
"value": "128"
},
"etcdDownloadURLBase": {
"value": "https://acs-mirror.azureedge.net/github-coreos"
},
"etcdVersion": {
"value": "2.3.8"
},
"firstConsecutiveStaticIP": {
"value": "10.255.255.5"
},
"fqdnEndpointSuffix": {
"value": "cloudapp.azure.com"
},
"gchighthreshold": {
"value": 85
},
"gclowthreshold": {
"value": 80
},
"generatorCode": {
"value": "acsengine"
},
"kubeClusterCidr": {
"value": "10.240.0.0/12"
},
"kubeConfigCertificate": {
"reference": {
"keyVault": {
"id": "/subscriptions/[SUBS_ID]/resourceGroups/[KEY_VAULT_RG]/providers/Microsoft.KeyVault/vaults/[KV_NAME]"
},
"secretName": "kubeconfig-crt"
}
},
"kubeConfigPrivateKey": {
"reference": {
"keyVault": {
"id": "/subscriptions/[SUBS_ID]/resourceGroups/[KEY_VAULT_RG]/providers/Microsoft.KeyVault/vaults/[KV_NAME]"
},
"secretName": "kubeconfig-key"
}
},
"kubeDNSServiceIP": {
"value": "10.0.0.10"
},
"kubeServiceCidr": {
"value": "10.0.0.0/16"
},
"kubernetesACIConnectorCPULimit": {
"value": "50m"
},
"kubernetesACIConnectorCPURequests": {
"value": "50m"
},
"kubernetesACIConnectorClientId": {
"value": ""
},
"kubernetesACIConnectorClientKey": {
"value": ""
},
"kubernetesACIConnectorMemoryLimit": {
"value": "150Mi"
},
"kubernetesACIConnectorMemoryRequests": {
"value": "150Mi"
},
"kubernetesACIConnectorNodeName": {
"value": "aci-connector"
},
"kubernetesACIConnectorOS": {
"value": "Linux"
},
"kubernetesACIConnectorRegion": {
"value": "westus"
},
"kubernetesACIConnectorResourceGroup": {
"value": ""
},
"kubernetesACIConnectorSpec": {
"value": "microsoft/virtual-kubelet:latest"
},
"kubernetesACIConnectorSubscriptionId": {
"value": ""
},
"kubernetesACIConnectorTaint": {
"value": "azure.com/aci"
},
"kubernetesACIConnectorTenantId": {
"value": ""
},
"kubernetesAddonManagerSpec": {
"value": "gcrio.azureedge.net/google_containers/kube-addon-manager-amd64:v6.4-beta.2"
},
"kubernetesAddonResizerSpec": {
"value": "gcrio.azureedge.net/google_containers/addon-resizer:1.7"
},
"kubernetesCtrlMgrNodeMonitorGracePeriod": {
"value": "40s"
},
"kubernetesCtrlMgrPodEvictionTimeout": {
"value": "5m0s"
},
"kubernetesCtrlMgrRouteReconciliationPeriod": {
"value": "10s"
},
"kubernetesDNSMasqSpec": {
"value": "gcrio.azureedge.net/google_containers/k8s-dns-dnsmasq-nanny-amd64:1.14.5"
},
"kubernetesDashboardCPULimit": {
"value": "300m"
},
"kubernetesDashboardCPURequests": {
"value": "300m"
},
"kubernetesDashboardMemoryLimit": {
"value": "150Mi"
},
"kubernetesDashboardMemoryRequests": {
"value": "150Mi"
},
"kubernetesDashboardSpec": {
"value": "gcrio.azureedge.net/google_containers/kubernetes-dashboard-amd64:v1.6.3"
},
"kubernetesExecHealthzSpec": {
"value": "gcrio.azureedge.net/google_containers/exechealthz-amd64:1.2"
},
"kubernetesHardEvictionThreshold": {
"value": "memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%"
},
"kubernetesHeapsterSpec": {
"value": "gcrio.azureedge.net/google_containers/heapster-amd64:v1.4.2"
},
"kubernetesHyperkubeSpec": {
"value": "gcrio.azureedge.net/google_containers/hyperkube-amd64:v1.7.9"
},
"kubernetesKubeDNSSpec": {
"value": "gcrio.azureedge.net/google_containers/k8s-dns-kube-dns-amd64:1.14.5"
},
"kubernetesNodeStatusUpdateFrequency": {
"value": "10s"
},
"kubernetesNonMasqueradeCidr": {
"value": "10.0.0.0/8"
},
"kubernetesPodInfraContainerSpec": {
"value": "gcrio.azureedge.net/google_containers/pause-amd64:3.0"
},
"kubernetesReschedulerCPULimit": {
"value": "10m"
},
"kubernetesReschedulerCPURequests": {
"value": "10m"
},
"kubernetesReschedulerMemoryLimit": {
"value": "100Mi"
},
"kubernetesReschedulerMemoryRequests": {
"value": "100Mi"
},
"kubernetesReschedulerSpec": {
"value": "gcrio.azureedge.net/google_containers/rescheduler:v0.3.1"
},
"kubernetesTillerCPULimit": {
"value": "50m"
},
"kubernetesTillerCPURequests": {
"value": "50m"
},
"kubernetesTillerMemoryLimit": {
"value": "150Mi"
},
"kubernetesTillerMemoryRequests": {
"value": "150Mi"
},
"kubernetesTillerSpec": {
"value": "gcrio.azureedge.net/kubernetes-helm/tiller:v2.6.2"
},
"linuxAdminUsername": {
"value": "azureuser"
},
"location": {
"value": "westeurope"
},
"masterEndpointDNSNamePrefix": {
"value": "kubcvkv"
},
"masterSubnet": {
"value": "10.240.0.0/12"
},
"masterVMSize": {
"value": "Standard_D2_v2"
},
"maxPods": {
"value": 30
},
"networkPolicy": {
"value": "azure"
},
"orchestratorName": {
"value": "k8s"
},
"osImageOffer": {
"value": "UbuntuServer"
},
"osImagePublisher": {
"value": "Canonical"
},
"osImageSKU": {
"value": "16.04-LTS"
},
"osImageVersion": {
"value": "16.04.201711211"
},
"servicePrincipalClientId": {
"value": "bc185868-ba6c-4e2c-a596-86bb48757f00"
},
"servicePrincipalClientSecret": {
"reference": {
"keyVault": {
"id": "/subscriptions/[SUBS_ID]/resourceGroups/[KEY_VAULT_RG]/providers/Microsoft.KeyVault/vaults/[KV_NAME]"
},
"secretName": "sppasswordsecret"
}
},
"sshRSAPublicKey": {
"value": "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAiRQv9YaLHnaWS/XowQDfZKt4WWo07Bfme1zg+LfMHHMYxVQih2xmDUVrfiNwkAKen4mHfKXVws6TTtTw47VDunQttM3g6Ywj1wxmH1eLpQrO6BPNjdXd2XJurdRdG/QlN6X6eZajJqgU/huXbqAaZg4F9/Q6gKn9TOkjUMtwTTmExdkT43IACQ+BvS4PNFx9pnDwBhKBSyMI1LHf53KJ2Bri49+onxlj0RO1yGUnm5fgtDiLD5oZcH8uXKdpjFwOJ79aofMD7Csef40NiJG7wMO+k2lUO58nCeIy4vugCklX6rx2Jp34E48Iexxd2kAsAcmndAvlmAi/zbpS+QCL4w== rsa-key-20180112"
},
"targetEnvironment": {
"value": "AzurePublicCloud"
},
"vnetCniLinuxPluginsURL": {
"value": "https://acs-mirror.azureedge.net/cni/azure-vnet-cni-linux-amd64-v0.91.tgz"
},
"vnetCniWindowsPluginsURL": {
"value": "https://acs-mirror.azureedge.net/cni/azure-vnet-cni-windows-amd64-v0.91.zip"
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment