-
Notifications
You must be signed in to change notification settings - Fork 18
/
pnda_env_example.yaml
153 lines (118 loc) · 5.32 KB
/
pnda_env_example.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
ec2_access:
# API key for full API access for use creating PNDA
# These keys are only ever stored on the client
AWS_ACCESS_KEY_ID: xxxx
AWS_SECRET_ACCESS_KEY: xxxx
# AWS region to create PNDA ec2 instances in
AWS_REGION: eu-west-1
AWS_AVAILABILITY_ZONE: eu-west-1a
# The user name to use when logging into the AWS ec2 instances
# Ubuntu: ubuntu
# Redhat: ec2-user
# CentOS: centos
OS_USER: ubuntu
cloud_formation_parameters:
# Settings in this section are passed through as parameters when
# creating the cloud formation template. The cloud formation template must
# define a matching input parameter for each value listed here.
# Base image to use, use the default AWS Ubuntu/Redhat image for the AWS region
# Ubuntu: 64-bit Ubuntu 14.04
# Redhat: Red Hat Enterprise Linux 7
imageId: ami-f95ef58a
# CIDR specifying the address range that may access the created PNDA instances
whitelistSshAccess: 0.0.0.0/0
# CIDR specifying the address range for the VPC
vpcCidr: 10.0.0.0/16
# CIDR specifying the address range for the public subnet (bastion access)
publicSubnetCidr: 10.0.0.0/24
# CIDR specifying the address range for the private subnet (PNDA)
privateSubnetCidr: 10.0.1.0/24
# CIDR specifying the address range for the public producer subnet (Kafka ingress)
publicProducerSubnetCidr: 10.0.2.0/24
# Address of gateway for Kakfa interface on private subnet
privateSubnetGateway: 10.0.1.1
# Address of gateway for Kakfa interface on public producer subnet
publicProducerSubnetGateway: 10.0.2.1
platform_salt:
# Use either PLATFORM_GIT_REPO_URI + PLATFORM_GIT_BRANCH or PLATFORM_SALT_LOCAL
# URI of platform salt git repository
PLATFORM_GIT_REPO_URI: https://github.com/pndaproject/platform-salt.git
# Host name of server for platform salt git repository. Make sure to set this if
# authenticated ssh access (using git.pem) to the git repo is desired.
PLATFORM_GIT_REPO_HOST: github.com
# The branch to select from PLATFORM_GIT_REPO_URI
PLATFORM_GIT_BRANCH: master
# Local path to folder containing a clone of the platform salt repository
# PLATFORM_SALT_LOCAL: /path/to/platform-salt
# Beacon timeout to check system reboot
PLATFORM_SALT_BEACON_TIMEOUT: 30
pnda_application_repo:
# Type of storage to use for PNDA application packages
# s3 - AWS S3. Also set PNDA_APPS_CONTAINER, PNDA_APPS_FOLDER, PNDA_APPS_REGION, PNDA_APPS_ACCESS_KEY_ID, PNDA_APPS_SECRET_ACCESS_KEY
# sshfs - standard file system. Also set PR_FS_LOCATION_PATH, PR_SSHFS_USER, PR_SSHFS_HOST, PR_SSHFS_PATH and PR_SSHFS_KEY
# local - local filesystem on the package repository service server. Also set PR_FS_LOCATION_PATH.
PR_FS_TYPE: s3
# S3 container to use for PNDA application packages
PNDA_APPS_CONTAINER: pnda-apps
# Name of folder within PNDA_APPS_CONTAINER that contains the PNDA application packages
PNDA_APPS_FOLDER: releases
# AWS region that contains the PNDA_APPS_CONTAINER bucket
PNDA_APPS_REGION: eu-west-1
# API key for s3 access to PNDA_APPS_CONTAINER. These keys are stored on the cloud instances so should be restricted
# only allow access to the PNDA_APPS_CONTAINER bucket
PNDA_APPS_ACCESS_KEY_ID: xxxx
PNDA_APPS_SECRET_ACCESS_KEY: xxxx
# Path on file system if PR_FS_TYPE is 'local' or 'sshfs'
PR_FS_LOCATION_PATH: /opt/pnda/packages
# SSH accessed file system to use for PNDA application packages
PR_SSHFS_USER: ubuntu
PR_SSHFS_HOST: 127.0.0.1
PR_SSHFS_PATH: /mnt/packages
PR_SSHFS_KEY: key.pem
pnda_data_archive:
# S3 container to use for archiving PNDA datasets
PNDA_ARCHIVE_CONTAINER: pnda-archive
# AWS region that contains the PNDA_ARCHIVE_CONTAINER bucket
PNDA_ARCHIVE_REGION: eu-west-1
# API key for s3 access to PNDA_ARCHIVE_CONTAINER. These keys are stored on the cloud instances so should be restricted
# only allow access to the PNDA_ARCHIVE_CONTAINER bucket
PNDA_ARCHIVE_ACCESS_KEY_ID: xxxx
PNDA_ARCHIVE_SECRET_ACCESS_KEY: xxxx
mirrors:
# Mirror of resources required for provisioning PNDA, see PNDA guide for instructions on how to set this up
PNDA_MIRROR: http://x.x.x.x
ntp:
# Optional ntp servers. Use this if the standard Ubuntu NTP servers on the Internet cannot be reached
# and a local NTP server has been configured. PNDA will not work without NTP.
NTP_SERVERS: ''
hadoop:
# Hadoop distribution to install
# Valid values are:
# - HDP
# - CDH
HADOOP_DISTRO: CDH
elk-cluster:
# number of master nodes
MASTER_NODES: 0
# number of data nodes
DATA_NODES: 0
# number of ingest nodes
INGEST_NODES: 0
# number of coordinating nodes
COORDINATING_NODES: 0
# How many nodes that do all roles (simple setup). Please use eithar this simple setup or the above advanced setup. DON'T USE BOTH
MULTI_ROLE_NODES: 0
# number of logstash nodes
LOGSTASH_NODES: 0
connectivity:
# Deploy an iptables ruleset to every node preventing outbound access to all hosts except the PNDA_MIRROR, NTP_SERVER and specified CLIENT_IP. Specify YES to enable.
REJECT_OUTBOUND: YES
# If using REJECT_OUTBOUND, the IP address of the client that created PNDA
CLIENT_IP: 1.1.1.1
# Add online repositories for yum, apt-get, pip, etc alongside PNDA mirror
ADD_ONLINE_REPOS: NO
mine_functions:
MINE_FUNCTIONS_NETWORK_IP_ADDRS_NIC: eth0
network_interfaces:
PNDA_INTERNAL_NETWORK: eth0
PNDA_INGEST_NETWORK: eth1