REDACTED-params.yaml

iaas: aws # aws or vsphere
vmware-id: dpfeffer
environment-name: tkg-aws-e2-lab # used for aws ssh key name
subdomain: tkg-aws-e2-lab.winterfell.live
lets-encrypt-acme-email: dpfeffer@vmware.com
dns:
  provider: aws-route53
tmc:
  cluster-group: se-dpfeffer-dev # scripts will create this cluster group if it doesn't already exist
  data-protection-backup-location-name: REDACTED # used by TMC data protection, fill in the name of a TMC data protection credential
acme-fitness:
  tmc-workspace: dpfeffer-acme-fitness-dev
  fqdn: acme-fitness.highgarden.tkg-aws-e2-lab.winterfell.live
aws:
  region: us-east-2
  access-key-id: REDACTED
  secret-access-key: REDACTED
  hosted-zone-id: Z00636703RP40GVIAWHLA # clear this value out to start, and script will generate a new zone for you
  control-plane-machine-type: c5.xlarge # eg. c5.xlarge or m4.xlarge
  node-machine-type: c5.xlarge # eg. c5.xlarge or m4.xlarge
azure:
  environment: "AzurePublicCloud" # NOTE: Always "AzurePublicCloud"
  location: # eg. canadacentral.  az account list-locations -o table
  control-plane-machine-type: # eg. Standard_D2s_v3
  node-machine-type: # eg. Standard_D2s_v3
  app-name: # set an app name or one will be set by the azure object script
vsphere:
  server: vcenter7.hyrulelab.com
  username: administrator@vsphere.local
  password: "REDACTED_VALUE_KEEP_DOUBLE_QUOTES"
  insecure: true
  datastore: datastore2
  template-folder: /Datacenter/vm/tkg
  datacenter: /Datacenter
  network: TKG-VLAN14-PG
  tls-thumbprint: F4:31:AC:BA:98:19:8C:94:BD:3E:49:63:C7:9C:66:0E:D6:61:1E:19
  resource-pool: /Datacenter/host/Cluster/Resources/tkg
  local-ova-folder: /Users/jaguilar/Code/tkg/
  node-os: photon
gcloud:
  project: fe-jaguilar
management-cluster:
  worker-replicas: 2
  name: dragonstone
  ingress-fqdn: '*.dragonstone.tkg-aws-e2-lab.winterfell.live'
  pinniped-fqdn: pinniped.dragonstone.tkg-aws-e2-lab.winterfell.live
  prometheus-fqdn: prometheus.dragonstone.tkg-aws-e2-lab.winterfell.live
  grafana-fqdn: grafana.dragonstone.tkg-aws-e2-lab.winterfell.live
  controlplane-endpoint: 192.168.7.180 # only required for vsphere iaas
shared-services-cluster:
  worker-replicas: 2
  name: dorn
  ingress-fqdn: '*.dorn.tkg-aws-e2-lab.winterfell.live'
  elasticsearch-fqdn: elasticsearch.dorn.tkg-aws-e2-lab.winterfell.live
  kibana-fqdn: logs.dorn.tkg-aws-e2-lab.winterfell.live
  prometheus-fqdn: prometheus.dorn.tkg-aws-e2-lab.winterfell.live
  grafana-fqdn: grafana.dorn.tkg-aws-e2-lab.winterfell.live
  controlplane-endpoint: 192.168.7.181 # only required for vsphere iaas
  kubernetes-version: v1.20.5---vmware.1-tkg.1 # To Explicitly set to v1.20.5---vmware.1-tkg.1 version (optional)
workload-cluster:
  worker-replicas: 2
  name: highgarden
  ingress-fqdn: '*.highgarden.tkg-aws-e2-lab.winterfell.live'
  prometheus-fqdn: prometheus.highgarden.tkg-vsphere-lab.winterfell.live # Leave this blank if you choose not to expose prometheus
  grafana-fqdn: grafana.highgarden.tkg-vsphere-lab.winterfell.live
  controlplane-endpoint: 192.168.7.182 # only required for vsphere iaas
okta:
  auth-server-fqdn: dev-677945.okta.com
  tkg-app-client-id: REDACTED
  tkg-app-client-secret: REDACTED
  harbor-app-client-id: REDACTED # if deploying harbor and using OIDC integration
  harbor-app-client-secret: REDACTED # if deploying harbor and using OIDC integration
  concourse-app-client-id: REDACTED # if deploying concourse and using OIDC integration
  concourse-app-client-secret: REDACTED # if deploying concourse and using OIDC integration
  kubeapps-dex-app-client-id: REDACTED # if deploying kubeapps and using OIDC integration
  kubeapps-dex-app-client-secret: REDACTED # if deploying kubeapps and using OIDC integration
wavefront:
  api-key: REDACTED
  url: https://surf.wavefront.com
  cluster-name-prefix: dpfeffer
  jaeger-app-name-prefix: dpfeffer-acme-fitness
velero:
  bucket: pa-dpfeffer-mgmt-velero
  region: us-east-2
harbor:
  admin-password: "VMware1!"
  harbor-cn: harbor.dorn.tkg-aws-e2-lab.winterfell.live
  notary-cn: notary.dorn.tkg-aws-e2-lab.winterfell.live
#  blob-storage:
#    type: s3 # Default is PVC, and can optionally be S3/MinIO
#    regionendpoint: http://minio.server:9000 # Not required for AWS S3
#    region: us-east-1
#    access-key-id: REDACTED
#    secret-access-key: REDACTED
#    bucket: harbor-storage
#    secure: false # set to true for HTTPS endpoints
argocd:
  server-fqdn: argocd.dorn.tkg-aws-e2-lab.winterfell.live
  password: REDACTED
concourse:
  namespace: concourse
  fqdn: concourse.dorn.tkg-aws-e2-lab.winterfell.live
  tmc-workspace: concourse-workspace
  admin-password: REDACTED
kubeapps:
  server-fqdn: kubeapps.highgarden.tkg-aws-e2-lab.winterfell.live
  oidc-issuer-fqdn: dex.highgarden.tkg-aws-e2-lab.winterfell.live
grafana:
  admin-password: REDACTED
avi:
  avi-enable: "true"
  avi-ca-data: encodedlongstring
  avi-cloud-name: Default-Cloud
  avi-controller: 192.168.14.190
  avi-data-network: VIP-VLAN15-PG
  avi-data-network-cidr: 192.168.15.0/24
  avi-labels: ""
  avi-password: "VMware1!"
  avi-service-engine-group: Default-Group
  avi-username: admin
dockerhub:
  username: REDACTED # Your dockerhub username
  password: REDACTED # Your dockerhub password
  email: REDACTED # Your dockerhub email