-
Notifications
You must be signed in to change notification settings - Fork 23
/
Copy pathextra_vars.yml
322 lines (301 loc) · 11.5 KB
/
extra_vars.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
#
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
#
---
# General
cloudera_manager_host: ${NODE_0}
cloudera_manager_user: admin
cloudera_manager_password: admin
cm_version: ${CM_VERSION}
database_host: ${NODE_0}
postgres_version: ${DATABASE_VERSION}
pvc_version: ${PVC_VERSION}
cluster_name: ${CLUSTER_NAME}
cluster_name_pvc: ${CLUSTER_NAME_PVC}
ipa_server: ${NODE_IPA}
free_ipa: ${FREE_IPA}
debug: ${DEBUG}
realm: ${REALM}
ipa_bind_password: ${DEFAULT_PASSWORD}
ipa_admin_password: ${DEFAULT_PASSWORD}
kube_config_path: ${KUBECONFIG_PATH}
docker_registry: container.repository.cloudera.com
docker_registry_user: ${PAYWALL_USER}
docker_registry_password: ${PAYWALL_PASSWORD}
paywall_user: ${PAYWALL_USER}
paywall_password: ${PAYWALL_PASSWORD}
cdw: ${CREATE_CDW}
cde: ${CREATE_CDE}
cml: ${CREATE_CML}
cmlr: ${CREATE_CML_REGISTRY}
dataviz: ${CREATE_VIZ}
pvc_type: ${PVC_TYPE}
pvc_ecs_server_host: ${PVC_ECS_SERVER_HOST}
auto_tls: ${TLS}
use_root_ca: ${USE_ROOT_CA}
root_ca_cert: ${ROOT_CA_CERT}
root_ca_key: ${ROOT_CA_KEY}
oc_tar_file_path: ${OC_TAR_FILE_PATH}
configure_oc: ${CONFIGURE_OC}
setup_dns_ecs: ${SETUP_DNS_ECS}
skip_pvc_prereqs: ${SKIP_PVC_PREREQS}
pvc_eco_resources: ${PVC_ECO_RESOURCES}
setup_pvc_tools: ${SETUP_PVC_TOOLS}
pvc_app_domain: ${PVC_APP_DOMAIN}
default_admin_user: ${DEFAULT_ADMIN_USER}
ecs_ssd_dedicated_nodes: ${ECS_SSD_DEDICATED_NODES}
ecs_gpu_dedicated_nodes: ${ECS_GPU_DEDICATED_NODES}
#####################
# Environments
#####################
environments:
- name: "{{ cluster_name_pvc }}-env"
cm_address: "https://{{ cloudera_manager_host }}:{{ cloudera_manager_port }}/"
cm_user: "{{ cloudera_manager_user }}"
cm_password: "{{ cloudera_manager_password }}"
cluster_names: "{{ cluster_name }}"
to_delete: false
#####################
# CDW
#####################
local_block_storage_class: ocs-storagecluster-cephfs
delegation_username: admin
delegation_password: "{{ ipa_bind_password }}"
setup_server_settings: true
warehouses:
- name: "hive-1-{{ cluster_name }}"
database_catalog_name: "{{ cluster_name_pvc }}-env" # Since 1.5.1, DBC name should be the same than Env name
env_name: "{{ cluster_name_pvc }}-env"
low_resource_mode: true
type: "hive"
# Optional
size: "xsmall" # default = xsmall
dbc_queue: root.default.finance # default = root.default
vw_queue: root.default.finance # default = root.default
min_nodes: 1 # default = 1
max_nodes: 5 # default = 5
# Advanced
auto_suspend_timeout: 300 # default = 300
wait_time: 60 # default = 60
disable_auto_suspend: false # default = false
use_dedicated_nodes: false # default = false
max_queries: 2 # default = 2
max_nodes_per_query: 4 # default = 4
node_count: 3 # default = 3
enable_query_isolation: false # default = false
auto_scale_type: "Wait Time" # default = Wait Time
query_isolation_max_queries: 0 # default = 0
query_isolation_max_nodes_per_query: 0 # default = 0
allowed_group: "admin_group" # default = ''
# - name: "impala-1-{{ cluster_name }}"
# database_catalog_name: "{{ cluster_name_pvc }}-env" # Since 1.5.1, DBC name should be the same than Env name
# env_name: "{{ cluster_name_pvc }}-env"
# low_resource_mode: true
# type: "impala"
# # Optional
# size: "xsmall" # default = xsmall
# dbc_queue: root.default.finance # default = root.default
# vw_queue: root.default.finance # default = root.default
# min_nodes: 1 # default = 1
# max_nodes: 5 # default = 5
# # Advanced
# auto_suspend_timeout: 300 # default = 300
# enable_ha: true # default = true
# scale_up_delay: 20 # default = 20
# scale_down_delay: 20 # default = 20
# wait_time: 60 # default = 60
# disable_auto_suspend: false # default = false
# legacy_multithreading: false # default = false
# query_isolation_max_queries: 0 # default = 0
# query_isolation_max_nodes_per_query: 0 # default = 0
# allowed_group: "admin_group" # default = ''
# ha_type: "activepassive" # default = activepassive
# enable_catalog_ha: true # default = true
# enable_proxy: false # default = false
# enable_shutdown: false # default = false
# shutdown_delay: 300 # default = 300
# all_coordinators_active: false # default = false
# num_active_coordinators: 2 # default = 2
#####################
# Data Viz
#####################
vizs:
- name: "viz-1-{{ cluster_name }}"
env_name: "{{ cluster_name_pvc }}-env"
size: "small" # default = small
queue: root.default.finance # default = root.default
admin_group: "admin_group" # (WARNING: It must exists in Control Plane) Group that will be added to be admin and access data viz
user_group: "admin_group" # (WARNING: It must exists in Control Plane) Group that will be added to access data viz
#####################
# CML
#####################
oc_nfs_storage_class: ocs-storagecluster-cephfs
workspaces:
- name: "{{ cluster_name_pvc }}-workspace"
env_name: "{{ cluster_name_pvc }}-env"
# Optional
disable_tls: false # default = false
enable_monitoring: true # default = true
enable_governance: true # default = false
enable_model_metrics: true # default = false
static_sub_domain: workspace # default = ''
nfs_disk_size: 100 # default = 1000 (It is in GiB, so 1000 = 1 TiB)
nfs_storage_class: longhorn # default = longhorn (change it if running on OC)
ml_gov_principal: mlgov # default = mlgov
queue: root.default.customer # default = root.default
mem_quota: 100 # default = 50
cpu_quota: 40 # default = 20
ml_registries:
- name: "mlr"
env_name: "{{ cluster_name_pvc }}-env"
#####################
# CDE
#####################
virtual_clusters:
- name: "spark-3-{{ cluster_name }}"
env_name: "{{ cluster_name_pvc }}-env"
cde_service_name: "cde-service-1"
spark_version: "3.3.2" # From 1.5.3, it is 3.3.2, From 1.5.1, it is 3.2.3, From 1.4.1, it is 3.2.1, before it is 3.2.0
# Optional
tier: tier-2 # default = tier-2
session_timeout: 8h # default = 8h
iceberg_enabled: true # default = false
queue: root.default.industry # default = root.default
service_pool_quota_cpu: 32 # default = 32
service_pool_quota_mem: 100Gi # default = 100Gi
service_pool_quota_gpu: 0 # default = 0
service_base_quota_cpu: 8 # default = 8
service_base_quota_mem: 20Gi # default = 20Gi
service_base_quota_gpu: 0 # default = 0
vc_quota_cpu: 24 # default = 12
vc_quota_mem: 96Gi # default = 32Gi
vc_quota_gpu: 0 # default = 0
vc_quota_min_cpu: 16 # default = 8
vc_quota_min_mem: 48Gi # default = 24Gi
vc_quota_min_gpu: 0 # default = 0
log_retention_enabled: true # default = true
log_retention_days: 30 # default = 10
# Spark 2 is becoming deprecated, so just comment creation of its VC
# - name: "spark-2-{{ cluster_name }}"
# env_name: "{{ cluster_name_pvc }}-env"
# cde_service_name: "cde-service-1"
# spark_version: "2.4.8" # From 1.5.3, it is 2.4.8,, before it is 2.4.7
# tier: tier-2
# session_timeout: 8h
# queue: root.default.customer
# service_pool_quota_cpu: 32
# service_pool_quota_mem: 100Gi
# service_base_quota_cpu: 8
# service_base_quota_mem: 20Gi
# vc_quota_cpu: 16
# vc_quota_mem: 48Gi
# vc_quota_min_cpu: 8
# vc_quota_min_mem: 32Gi
# Below user/password is used to authentify against a CDE Service to download CDE tools (it only needs to be a valid LDAP user)
cde_user: ${DEFAULT_ADMIN_USER}
cde_password: ${DEFAULT_PASSWORD}
# Below user is used to configure ozone aws s3 cli
ozone_user_keytab: /home/${DEFAULT_ADMIN_USER}/${DEFAULT_ADMIN_USER}.keytab
ozone_user: ${DEFAULT_ADMIN_USER}
#####################
# User's Rights
#####################
user_rights:
- name: ${DEFAULT_ADMIN_USER}
keytab: /home/${DEFAULT_ADMIN_USER}/${DEFAULT_ADMIN_USER}.keytab # Used if defined to push keytab to CML and CDE
password: ${DEFAULT_PASSWORD}
roles: [ "EnvironmentAdmin", "EnvironmentUser", "IamUser", "IamViewer", "DataCatalogCspRuleManager", "DataCatalogCspRuleViewer", "PowerUser" ] # Optionnal: Used to define "admin" roles on CP for this user
envs:
- name: "{{ cluster_name_pvc }}-env"
roles: [ "DEAdmin", "DEUser", "DWAdmin", "DWUser", "MLAdmin", "MLUser"]
workspaces: # Optionnal: If not defined no keytab pushed to workspace
- name: "{{ cluster_name_pvc }}-workspace"
env_name: "{{ cluster_name_pvc }}-env"
virtual_clusters: # Optionnal: If not defined no keytab pushed to cde
- name: "spark-3-{{ cluster_name }}"
env_name: "{{ cluster_name_pvc }}-env"
cde_service_name: "cde-service-1"
# - name: "spark-2-{{ cluster_name }}"
# env_name: "{{ cluster_name_pvc }}-env"
# cde_service_name: "cde-service-1"
- name: batman
keytab: /home/batman/batman.keytab
password: ${DEFAULT_PASSWORD}
roles: [ "EnvironmentUser", "IamUser" ]
envs:
- name: "{{ cluster_name_pvc }}-env"
roles: [ "DEUser", "DWUser", "MLUser" ]
virtual_clusters:
- name: "spark-3-{{ cluster_name }}"
env_name: "{{ cluster_name_pvc }}-env"
cde_service_name: "cde-service-1"
# - name: "spark-2-{{ cluster_name }}"
# env_name: "{{ cluster_name_pvc }}-env"
# cde_service_name: "cde-service-1"
#####################
# Yunikorn Queues
#####################
setup_yunikorn_queues: true
yunikorn_root_queue:
mem: 1T
cpu: 1000
gpu: 2
yunikorn_child_queues:
- name: finance # Required
# Optional
mem_max: 500G # Optionnal default to 100G
cpu_max: 250 # Optionnal defautl to 25
gpu_max: 2 # Optionnal defautl to 0
mem_guaranteed: 200G # Optionnal defautl to 100G
cpu_guaranteed: 100 # Optionnal defautl to 25
gpu_guaranteed: 0 # Optionnal defautl to 0
# Advanced
validity: NEVER EXPIRES # Optionnal defautl to NEVER EXPIRES
elasticity: INELASTIC # Optionnal defautl to INELASTIC
preemption: true # Optionnal defautl to true
preemption_fencing: false # Optionnal defautl to false
preemption_delay: 30 # Optionnal defautl to 30
priority: true # Optionnal defautl to true
priority_fencing: false # Optionnal defautl to false
priority_offset: 0 # Optionnal defautl to 0
# Optional: Tags can be used for many reasons (including setting quota management for CML with this tag)
tags:
- "experience:cml"
- name: customer
mem_max: 250G
cpu_max: 150
gpu_max: 2
mem_guaranteed: 100G
cpu_guaranteed: 50
gpu_guaranteed: 0
tags:
- "experience:cml"
- name: industry
mem_max: 350G
cpu_max: 300
mem_guaranteed: 150G
cpu_guaranteed: 100
#####################
# Classic Clusters
#####################
setup_classic_clusters: true
classic_clusters:
- cm_url: "https://${NODE_0}:7183"
cm_user: admin
cm_password: admin
user_to_register: admin