5bfdc700b2
- Refactored "default" value from multiline format to single string format to fix the issue with the values not being populated in the template if someone simply selects the catalog item, then clicks submit without making any adjustments.
119 lines
3.7 KiB
YAML
Executable File
119 lines
3.7 KiB
YAML
Executable File
version: '2'
|
|
catalog:
|
|
name: Vault
|
|
version: 1.0-rancher1
|
|
description: |
|
|
Installs a Vault container, internal (Rancher) load-balancer, and allows connection to a Consul cluster
|
|
uuid: vault-rac-0
|
|
questions:
|
|
- variable: VAULT_CLUSTER_NAME
|
|
label: Vault Cluster Name
|
|
description: |
|
|
Provide a name for this Vault cluster
|
|
type: string
|
|
default: myCluster
|
|
required: true
|
|
- variable: VAULT_LISTEN_PORT
|
|
label: Vault Listen Port
|
|
description: |
|
|
This is the port number you want Vault to listen on. Actually, Vault ALWAYS listens on port 8200, but it isn't exposed, so you can set the port you want the LoadBalancer to listen on.
|
|
default: 8200
|
|
type: int
|
|
required: true
|
|
- variable: VAULT_CLUSTER_PORT
|
|
label: Vault Cluster Port
|
|
description: |
|
|
Similar to the Vault Listen Port, this is the VAULT CLUSTER listen port to use.
|
|
default: 8201
|
|
type: int
|
|
required: true
|
|
- variable: VAULT_BACKEND
|
|
label: Select a backend for Vault
|
|
description: |
|
|
Vault supports several different backend storage engines. Please select the one you are interested in using. (NOTE: Must be pre-installed or added to a different stack)
|
|
default: file
|
|
type: enum
|
|
required: true
|
|
options:
|
|
- azure
|
|
- cockroachdb
|
|
- consul
|
|
- couchdb
|
|
- dynamodb
|
|
- etcd
|
|
- file
|
|
- gcs
|
|
- inmem
|
|
- manta
|
|
- mysql
|
|
- postgresql
|
|
- spanner
|
|
- cassandra
|
|
- s3
|
|
- swift
|
|
- zookeeper
|
|
- variable: BACKEND_SERVICE
|
|
label: Specify the Backend service to connect to
|
|
description: |
|
|
The pre-installed Backend server to back to. To reference, you can use the memory variable "SERVICE" in your URLs. For example: "consul://SERVICE:8500"
|
|
type: service
|
|
- variable: BACKEND_CONFIGURATION
|
|
label: Specify the backend configuration in valid JSON format
|
|
default: '"path":"/vault/file"'
|
|
required: true
|
|
description: |
|
|
Enter the configuration block for the backend (Refer to Vault documentation for valid backend configuration elements) in JSON format
|
|
type: string
|
|
- variable: HOST_LABEL
|
|
label: Optional Host label to bind LoadBalancer to
|
|
description: |
|
|
If you wish to bind your LoadBalancer to a specific host node, you can specify the label and value here in name=value pair format
|
|
default: "lbhost=true"
|
|
type: string
|
|
- variable: CLUSTER_SCALE
|
|
label: How many Vault servers do you want in your cluster?
|
|
description: |
|
|
Select the number of VAULT servers you want to set up in your cluster
|
|
default: 1
|
|
type: int
|
|
required: true
|
|
- variable: VOLUME_DRIVER
|
|
label: Driver for volumes
|
|
description: |
|
|
How/Where to store your vault config and logs
|
|
default: local
|
|
type: enum
|
|
options:
|
|
- local
|
|
- rancher-nfs
|
|
- rancher-efs
|
|
- rancher-ebs
|
|
services:
|
|
vault-lb:
|
|
scale: 1
|
|
start_on_create: true
|
|
lb_config:
|
|
certs: []
|
|
port_rules:
|
|
- priority: 1
|
|
protocol: tcp
|
|
service: vault
|
|
source_port: ${VAULT_LISTEN_PORT}
|
|
target_port: 8200
|
|
- priority: 2
|
|
protocol: tcp
|
|
service: vault
|
|
source_port: ${VAULT_CLUSTER_PORT}
|
|
target_port: 8201
|
|
health_check:
|
|
response_timeout: 2000
|
|
healthy_threshold: 2
|
|
port: 42
|
|
unhealthy_threshold: 3
|
|
initializing_timeout: 60000
|
|
interval: 2000
|
|
reinitializing_timeout: 60000
|
|
vault:
|
|
scale: ${CLUSTER_SCALE}
|
|
start_on_create: true
|