github.com/openshift/installer@v1.4.17/upi/aws/cloudformation/05_cluster_master_nodes.yaml (about) 1 AWSTemplateFormatVersion: 2010-09-09 2 Description: Template for OpenShift Cluster Node Launch (EC2 master instances) 3 4 Parameters: 5 InfrastructureName: 6 AllowedPattern: ^([a-zA-Z][a-zA-Z0-9\-]{0,26})$ 7 MaxLength: 27 8 MinLength: 1 9 ConstraintDescription: Infrastructure name must be alphanumeric, start with a letter, and have a maximum of 27 characters. 10 Description: A short, unique cluster ID used to tag nodes for the kubelet cloud provider. 11 Type: String 12 RhcosAmi: 13 Description: Current Red Hat Enterprise Linux CoreOS AMI to use for bootstrap. 14 Type: AWS::EC2::Image::Id 15 AutoRegisterDNS: 16 Default: "" 17 Description: unused 18 Type: String 19 PrivateHostedZoneId: 20 Default: "" 21 Description: unused 22 Type: String 23 PrivateHostedZoneName: 24 Default: "" 25 Description: unused 26 Type: String 27 Master0Subnet: 28 Description: The subnets, recommend private, to launch the master nodes into. 29 Type: AWS::EC2::Subnet::Id 30 Master1Subnet: 31 Description: The subnets, recommend private, to launch the master nodes into. 32 Type: AWS::EC2::Subnet::Id 33 Master2Subnet: 34 Description: The subnets, recommend private, to launch the master nodes into. 35 Type: AWS::EC2::Subnet::Id 36 MasterSecurityGroupId: 37 Description: The master security group ID to associate with master nodes. 38 Type: AWS::EC2::SecurityGroup::Id 39 IgnitionLocation: 40 Default: https://api-int.$CLUSTER_NAME.$DOMAIN:22623/config/master 41 Description: Ignition config file location. 42 Type: String 43 CertificateAuthorities: 44 Default: data:text/plain;charset=utf-8;base64,ABC...xYz== 45 Description: Base64 encoded certificate authority string to use. 46 Type: String 47 MasterInstanceProfileName: 48 Description: IAM profile to associate with master nodes. 49 Type: String 50 MasterInstanceType: 51 Default: m5.xlarge 52 Type: String 53 54 AutoRegisterELB: 55 Default: "yes" 56 AllowedValues: 57 - "yes" 58 - "no" 59 Description: Do you want to invoke NLB registration, which requires a Lambda ARN parameter? 60 Type: String 61 RegisterNlbIpTargetsLambdaArn: 62 Description: ARN for NLB IP target registration lambda. Supply the value from the cluster infrastructure or select "no" for AutoRegisterELB. 63 Type: String 64 ExternalApiTargetGroupArn: 65 Description: ARN for external API load balancer target group. Supply the value from the cluster infrastructure or select "no" for AutoRegisterELB. 66 Type: String 67 InternalApiTargetGroupArn: 68 Description: ARN for internal API load balancer target group. Supply the value from the cluster infrastructure or select "no" for AutoRegisterELB. 69 Type: String 70 InternalServiceTargetGroupArn: 71 Description: ARN for internal service load balancer target group. Supply the value from the cluster infrastructure or select "no" for AutoRegisterELB. 72 Type: String 73 74 Metadata: 75 AWS::CloudFormation::Interface: 76 ParameterGroups: 77 - Label: 78 default: "Cluster Information" 79 Parameters: 80 - InfrastructureName 81 - Label: 82 default: "Host Information" 83 Parameters: 84 - MasterInstanceType 85 - RhcosAmi 86 - IgnitionLocation 87 - CertificateAuthorities 88 - MasterSecurityGroupId 89 - MasterInstanceProfileName 90 - Label: 91 default: "Network Configuration" 92 Parameters: 93 - VpcId 94 - AllowedBootstrapSshCidr 95 - Master0Subnet 96 - Master1Subnet 97 - Master2Subnet 98 - Label: 99 default: "Load Balancer Automation" 100 Parameters: 101 - AutoRegisterELB 102 - RegisterNlbIpTargetsLambdaArn 103 - ExternalApiTargetGroupArn 104 - InternalApiTargetGroupArn 105 - InternalServiceTargetGroupArn 106 ParameterLabels: 107 InfrastructureName: 108 default: "Infrastructure Name" 109 VpcId: 110 default: "VPC ID" 111 Master0Subnet: 112 default: "Master-0 Subnet" 113 Master1Subnet: 114 default: "Master-1 Subnet" 115 Master2Subnet: 116 default: "Master-2 Subnet" 117 MasterInstanceType: 118 default: "Master Instance Type" 119 MasterInstanceProfileName: 120 default: "Master Instance Profile Name" 121 RhcosAmi: 122 default: "Red Hat Enterprise Linux CoreOS AMI ID" 123 BootstrapIgnitionLocation: 124 default: "Master Ignition Source" 125 CertificateAuthorities: 126 default: "Ignition CA String" 127 MasterSecurityGroupId: 128 default: "Master Security Group ID" 129 AutoRegisterELB: 130 default: "Use Provided ELB Automation" 131 132 Conditions: 133 DoRegistration: !Equals ["yes", !Ref AutoRegisterELB] 134 135 Resources: 136 Master0: 137 Type: AWS::EC2::Instance 138 Properties: 139 ImageId: !Ref RhcosAmi 140 BlockDeviceMappings: 141 - DeviceName: /dev/xvda 142 Ebs: 143 VolumeSize: "120" 144 VolumeType: "gp2" 145 IamInstanceProfile: !Ref MasterInstanceProfileName 146 InstanceType: !Ref MasterInstanceType 147 NetworkInterfaces: 148 - AssociatePublicIpAddress: "false" 149 DeviceIndex: "0" 150 GroupSet: 151 - !Ref "MasterSecurityGroupId" 152 SubnetId: !Ref "Master0Subnet" 153 UserData: 154 Fn::Base64: !Sub 155 - '{"ignition":{"config":{"merge":[{"source":"${SOURCE}"}]},"security":{"tls":{"certificateAuthorities":[{"source":"${CA_BUNDLE}"}]}},"version":"3.1.0"}}' 156 - { 157 SOURCE: !Ref IgnitionLocation, 158 CA_BUNDLE: !Ref CertificateAuthorities, 159 } 160 Tags: 161 - Key: !Join ["", ["kubernetes.io/cluster/", !Ref InfrastructureName]] 162 Value: "shared" 163 164 RegisterMaster0: 165 Condition: DoRegistration 166 Type: Custom::NLBRegister 167 Properties: 168 ServiceToken: !Ref RegisterNlbIpTargetsLambdaArn 169 TargetArn: !Ref ExternalApiTargetGroupArn 170 TargetIp: !GetAtt Master0.PrivateIp 171 172 RegisterMaster0InternalApiTarget: 173 Condition: DoRegistration 174 Type: Custom::NLBRegister 175 Properties: 176 ServiceToken: !Ref RegisterNlbIpTargetsLambdaArn 177 TargetArn: !Ref InternalApiTargetGroupArn 178 TargetIp: !GetAtt Master0.PrivateIp 179 180 RegisterMaster0InternalServiceTarget: 181 Condition: DoRegistration 182 Type: Custom::NLBRegister 183 Properties: 184 ServiceToken: !Ref RegisterNlbIpTargetsLambdaArn 185 TargetArn: !Ref InternalServiceTargetGroupArn 186 TargetIp: !GetAtt Master0.PrivateIp 187 188 Master1: 189 Type: AWS::EC2::Instance 190 Properties: 191 ImageId: !Ref RhcosAmi 192 BlockDeviceMappings: 193 - DeviceName: /dev/xvda 194 Ebs: 195 VolumeSize: "120" 196 VolumeType: "gp2" 197 IamInstanceProfile: !Ref MasterInstanceProfileName 198 InstanceType: !Ref MasterInstanceType 199 NetworkInterfaces: 200 - AssociatePublicIpAddress: "false" 201 DeviceIndex: "0" 202 GroupSet: 203 - !Ref "MasterSecurityGroupId" 204 SubnetId: !Ref "Master1Subnet" 205 UserData: 206 Fn::Base64: !Sub 207 - '{"ignition":{"config":{"merge":[{"source":"${SOURCE}"}]},"security":{"tls":{"certificateAuthorities":[{"source":"${CA_BUNDLE}"}]}},"version":"3.1.0"}}' 208 - { 209 SOURCE: !Ref IgnitionLocation, 210 CA_BUNDLE: !Ref CertificateAuthorities, 211 } 212 Tags: 213 - Key: !Join ["", ["kubernetes.io/cluster/", !Ref InfrastructureName]] 214 Value: "shared" 215 216 RegisterMaster1: 217 Condition: DoRegistration 218 Type: Custom::NLBRegister 219 Properties: 220 ServiceToken: !Ref RegisterNlbIpTargetsLambdaArn 221 TargetArn: !Ref ExternalApiTargetGroupArn 222 TargetIp: !GetAtt Master1.PrivateIp 223 224 RegisterMaster1InternalApiTarget: 225 Condition: DoRegistration 226 Type: Custom::NLBRegister 227 Properties: 228 ServiceToken: !Ref RegisterNlbIpTargetsLambdaArn 229 TargetArn: !Ref InternalApiTargetGroupArn 230 TargetIp: !GetAtt Master1.PrivateIp 231 232 RegisterMaster1InternalServiceTarget: 233 Condition: DoRegistration 234 Type: Custom::NLBRegister 235 Properties: 236 ServiceToken: !Ref RegisterNlbIpTargetsLambdaArn 237 TargetArn: !Ref InternalServiceTargetGroupArn 238 TargetIp: !GetAtt Master1.PrivateIp 239 240 Master2: 241 Type: AWS::EC2::Instance 242 Properties: 243 ImageId: !Ref RhcosAmi 244 BlockDeviceMappings: 245 - DeviceName: /dev/xvda 246 Ebs: 247 VolumeSize: "120" 248 VolumeType: "gp2" 249 IamInstanceProfile: !Ref MasterInstanceProfileName 250 InstanceType: !Ref MasterInstanceType 251 NetworkInterfaces: 252 - AssociatePublicIpAddress: "false" 253 DeviceIndex: "0" 254 GroupSet: 255 - !Ref "MasterSecurityGroupId" 256 SubnetId: !Ref "Master2Subnet" 257 UserData: 258 Fn::Base64: !Sub 259 - '{"ignition":{"config":{"merge":[{"source":"${SOURCE}"}]},"security":{"tls":{"certificateAuthorities":[{"source":"${CA_BUNDLE}"}]}},"version":"3.1.0"}}' 260 - { 261 SOURCE: !Ref IgnitionLocation, 262 CA_BUNDLE: !Ref CertificateAuthorities, 263 } 264 Tags: 265 - Key: !Join ["", ["kubernetes.io/cluster/", !Ref InfrastructureName]] 266 Value: "shared" 267 268 RegisterMaster2: 269 Condition: DoRegistration 270 Type: Custom::NLBRegister 271 Properties: 272 ServiceToken: !Ref RegisterNlbIpTargetsLambdaArn 273 TargetArn: !Ref ExternalApiTargetGroupArn 274 TargetIp: !GetAtt Master2.PrivateIp 275 276 RegisterMaster2InternalApiTarget: 277 Condition: DoRegistration 278 Type: Custom::NLBRegister 279 Properties: 280 ServiceToken: !Ref RegisterNlbIpTargetsLambdaArn 281 TargetArn: !Ref InternalApiTargetGroupArn 282 TargetIp: !GetAtt Master2.PrivateIp 283 284 RegisterMaster2InternalServiceTarget: 285 Condition: DoRegistration 286 Type: Custom::NLBRegister 287 Properties: 288 ServiceToken: !Ref RegisterNlbIpTargetsLambdaArn 289 TargetArn: !Ref InternalServiceTargetGroupArn 290 TargetIp: !GetAtt Master2.PrivateIp 291 292 Outputs: 293 PrivateIPs: 294 Description: The control-plane node private IP addresses. 295 Value: 296 !Join [ 297 ",", 298 [!GetAtt Master0.PrivateIp, !GetAtt Master1.PrivateIp, !GetAtt Master2.PrivateIp] 299 ]