Merge pull request #26 from sassoftware/staging

1.1.0  - July 22, 2022

docs/CONFIG-VARS.md

@@ -81,8 +81,7 @@ cluster_domain         | Cluster domain suffix for DNS | string | | |
 
 | Name | Description | Type | Default | Notes |
 | :--- | :--- | :--- | :--- | :--- |
-kube_vip_version   | kube-vip version | string | "0.4.4" | |
-kube_vip_interface | kube-vip interface | string | | |
+kube_vip_version   | kube-vip version | string | "0.4.4" | The minimal supported version is 0.4.4 |
 kube_vip_ip        | kube-vip IP address | string | | |
 kube_vip_dns       | kube-vip DNS | string | | |
 kube_vip_range     | kube-vip IP address range | string | | |
@@ -255,9 +254,17 @@ nfs_ip        = ""    # Assigned values for static IP addresses
 | server_ip | Static IP address for PostgreSQL server | string | | This is a required field |
 | server_version | PostgreSQL version | number | 12 | |
 | server_ssl | Enable/disable SSL | string | "off" | |
+| server_ssl_cert_file | Path to the PostgreSQL SSL certificate file | string | "" | If `server_ssl` is on and this variable is not defined, the System default SSL cert will be used |
+| server_ssl_key_file | Path to the PostgreSQL SSL key file | string | "" | If `server_ssl` is on and this variable is not defined, the System default SSL key will be used |
 | administrator_login | Admin user | string | "postgres" | |
 | administrator_password | Admin password | string | "my$up3rS3cretPassw0rd" | |
 
+**NOTES**:
+
+1. If you set `server_ssl` to on, and you do not define either `server_ssl_cert_file` or `server_ssl_cert_file` the system's default SSL certificate and key will be used instead. By default, on Ubuntu systems we create a copy of those files and name them `ssl-cert-sas-${PG_HOST}.pem` and `ssl-cert-sas-${PG_HOST}.key`
+    * The Ansible tasks will take care of copying the certificate and key from the Postgres VM into your local workspace directory
+2. If you are planning on using the [viya4-deployment repository](https://github.com/sassoftware/viya4-deployment) to perform a Viya deployment where you have [full-stack TLS](https://github.com/sassoftware/viya4-deployment/blob/main/docs/CONFIG-VARS.md#tls), ensure in the viya4-deployment ansible-vars.yaml the `V4_CFG_TLS_TRUSTED_CA_CERTS` variable points to a directory that contains the `server_ssl_cert_file`.
+
 Sample:
 
 ```bash

docs/REQUIREMENTS.md

@@ -148,7 +148,6 @@ cluster_domain         = "sample.domain.foo.com"         # Cluster domain suffix
 
 # Kubernetes - Cluster Virtual IP Address and Cloud Provider
 kube_vip_version   = "0.4.4"
-kube_vip_interface = "ens160"
 kube_vip_ip        = "10.18.0.175"
 kube_vip_dns       = "vm-dev-oss-vip.sample.domain.foo.com"
 kube_vip_range     = "10.18.0.100-10.18.0.125"
@@ -181,7 +180,7 @@ node_pools = {
     count       = 3
     cpus        = 2
     memory      = 4096
-    disk        = 100
+    os_disk     = 100
     node_taints = []
     node_labels = {}
   },
@@ -192,7 +191,7 @@ node_pools = {
     count       = 1
     cpus        = 8
     memory      = 16384
-    disk        = 100
+    os_disk     = 100
     node_taints = []
     node_labels = {
       "kubernetes.azure.com/mode" = "system" # REQUIRED LABEL - DO NOT REMOVE
@@ -202,7 +201,11 @@ node_pools = {
     count       = 3
     cpus        = 16
     memory      = 131072
-    disk        = 350
+    os_disk     = 350
+    misc_disks  = [
+      150,
+      150,
+    ]
     node_taints = ["workload.sas.com/class=cas:NoSchedule"]
     node_labels = {
       "workload.sas.com/class" = "cas"
@@ -212,7 +215,7 @@ node_pools = {
     count       = 1
     cpus        = 16
     memory      = 131072
-    disk        = 100
+    os_disk     = 100
     node_taints = ["workload.sas.com/class=compute:NoSchedule"]
     node_labels = {
       "workload.sas.com/class"        = "compute"
@@ -223,7 +226,10 @@ node_pools = {
     count       = 1
     cpus        = 8
     memory      = 32768
-    disk        = 100
+    os_disk     = 100
+    misc_disks  = [
+      150,
+    ]
     node_taints = ["workload.sas.com/class=stateful:NoSchedule"]
     node_labels = {
       "workload.sas.com/class" = "stateful"
@@ -233,7 +239,10 @@ node_pools = {
     count       = 2
     cpus        = 8
     memory      = 32768
-    disk        = 100
+    os_disk     = 100
+    misc_disks  = [
+      150,
+    ]
     node_taints = ["workload.sas.com/class=stateless:NoSchedule"]
     node_labels = {
       "workload.sas.com/class" = "stateless"
@@ -494,7 +503,7 @@ INGRESS_NGINX_CONFIG:
   controller:
     service:
       externalTrafficPolicy: Cluster
-      # loadBalancerIP: # Optional : Assigns a static IP to the SAS Viya ingress controller
+      # loadBalancerIP: <your static ip> # Assigns a specific IP for your loadBalancer
       loadBalancerSourceRanges: [] # Not supported on open source kubernetes
       annotations:
 

examples/vsphere/sample-terraform.tfvars → examples/vsphere/sample-terraform-dhcp.tfvars

@@ -1,9 +1,9 @@
 # General items
 ansible_user     = ""
 ansible_password = ""
-prefix           = "viya4-k8s" # Infra prefix
-gateway          = ""          # Gateway for servers
-netmask          = ""          # Needed for any network outside the 10.12.0 location
+prefix           = "v4-k8s-dhcp" # Infra prefix
+gateway          = ""            # Gateway for servers
+netmask          = ""            # Needed for any network outside the 10.12.0 location
 
 # vSphere
 vsphere_server        = "" # Name of the vSphere server
@@ -28,7 +28,6 @@ cluster_domain         = ""             # Cluster domain suffix for DNS
 
 # Kubernetes - Cluster VIP and Cloud Provider
 kube_vip_version   = "0.4.4"
-kube_vip_interface = ""
 kube_vip_ip        = ""
 kube_vip_dns       = ""
 kube_vip_range     = ""
@@ -56,7 +55,7 @@ node_pools = {
     count       = 3
     cpus        = 2
     memory      = 4096
-    disk        = 100
+    os_disk     = 100
     node_taints = []
     node_labels = {}
   },
@@ -66,17 +65,21 @@ node_pools = {
     count       = 1
     cpus        = 8
     memory      = 16384
-    disk        = 100
+    os_disk     = 100
     node_taints = []
     node_labels = {
       "kubernetes.azure.com/mode" = "system" # REQUIRED LABEL - DO NOT REMOVE
     }
   },
   cas = {
-    count       = 3
-    cpus        = 16
-    memory      = 131072
-    disk        = 350
+    count   = 3
+    cpus    = 16
+    memory  = 131072
+    os_disk = 350
+    misc_disks = [
+      150,
+      150,
+    ]
     node_taints = ["workload.sas.com/class=cas:NoSchedule"]
     node_labels = {
       "workload.sas.com/class" = "cas"
@@ -86,28 +89,34 @@ node_pools = {
     count       = 1
     cpus        = 16
     memory      = 131072
-    disk        = 100
+    os_disk     = 100
     node_taints = ["workload.sas.com/class=compute:NoSchedule"]
     node_labels = {
       "workload.sas.com/class"        = "compute"
       "launcher.sas.com/prepullImage" = "sas-programming-environment"
     }
   },
   stateful = {
-    count       = 1
-    cpus        = 8
-    memory      = 32768
-    disk        = 100
+    count   = 1
+    cpus    = 8
+    memory  = 32768
+    os_disk = 100
+    misc_disks = [
+      150,
+    ]
     node_taints = ["workload.sas.com/class=stateful:NoSchedule"]
     node_labels = {
       "workload.sas.com/class" = "stateful"
     }
   },
   stateless = {
-    count       = 2
-    cpus        = 8
-    memory      = 32768
-    disk        = 100
+    count   = 2
+    cpus    = 8
+    memory  = 32768
+    os_disk = 100
+    misc_disks = [
+      150,
+    ]
     node_taints = ["workload.sas.com/class=stateless:NoSchedule"]
     node_labels = {
       "workload.sas.com/class" = "stateless"

examples/vsphere/sample-terraform-minimal.tfvars

@@ -1,9 +1,9 @@
 # General items
 ansible_user     = ""
 ansible_password = ""
-prefix           = "viya4-k8s" # Infra prefix
-gateway          = ""          # Gateway for servers
-netmask          = ""          # Needed for any network outside the 10.12.0 location
+prefix           = "v4-k8s-min" # Infra prefix
+gateway          = ""           # Gateway for servers
+netmask          = ""           # Needed for any network outside the 10.12.0 location
 
 # vSphere
 vsphere_server        = "" # Name of the vSphere server
@@ -28,7 +28,6 @@ cluster_domain         = ""             # Cluster domain suffix for DNS
 
 # Kubernetes - Cluster VIP and Cloud Provider
 kube_vip_version   = "0.4.4"
-kube_vip_interface = ""
 kube_vip_ip        = ""
 kube_vip_dns       = ""
 kube_vip_range     = ""
@@ -57,7 +56,7 @@ node_pools = {
     count       = 1
     cpus        = 2
     memory      = 4096
-    disk        = 100
+    os_disk     = 100
     node_taints = []
     node_labels = {}
   },
@@ -67,27 +66,34 @@ node_pools = {
     count       = 1
     cpus        = 8
     memory      = 16384
-    disk        = 100
+    os_disk     = 100
     node_taints = []
     node_labels = {
       "kubernetes.azure.com/mode" = "system" # REQUIRED LABEL - DO NOT REMOVE
     }
   },
   cas = {
-    count       = 3
-    cpus        = 8
-    memory      = 16384
-    disk        = 100
+    count   = 3
+    cpus    = 8
+    memory  = 16384
+    os_disk = 100
+    misc_disks = [
+      150,
+      150,
+    ]
     node_taints = ["workload.sas.com/class=cas:NoSchedule"]
     node_labels = {
       "workload.sas.com/class" = "cas"
     }
   },
   generic = {
-    count       = 5
-    cpus        = 24 # 16
-    memory      = 131072
-    disk        = 350 # 250
+    count   = 5
+    cpus    = 24
+    memory  = 131072
+    os_disk = 350
+    misc_disks = [
+      150,
+    ]
     node_taints = []
     node_labels = {
       "workload.sas.com/class"        = "compute"