---
install_jumphost: ch-jump

install:
  vm:
    memory: 1G
    numcpus: 1
    autostart: False
  disks:
    primary: /dev/sda
    scsi:
      sda:
        type: zfs
        name: root
        size: 50g
  interfaces:
  - bridge: br-svc
    name: svc0

network:
  nameservers: "{{ network_zones.svc.dns }}"
  domain: "{{ host_domain }}"
  systemd_link:
    interfaces: "{{ install.interfaces }}"
  primary: &_network_primary_
    name: svc0
    address: "{{ network_zones.svc.prefix | ipaddr(network_zones.svc.offsets[inventory_hostname]) | ipaddr('address/prefix') }}"
    gateway: "{{ network_zones.svc.gateway }}"
    static_routes:
    - destination: "{{ network_zones.lan.prefix }}"
      gateway: "{{ network_zones.svc.prefix | ipaddr(network_zones.svc.offsets['ch-gw-lan']) | ipaddr('address') }}"
  interfaces:
  - *_network_primary_


spreadspace_apt_repo_components:
  - prometheus


ntp_variant: chrony

ntp_client:
  pools:
  - name: at.pool.ntp.org
    options: iburst


prometheus_exporters_extra:
  - ssl

prometheus_exporter_node_textfile_collector_scripts:
  - deleted-libraries
  - chrony

prometheus_job_multitarget_blackbox__probe:
  ch-mon:
  - instance: "ssh-{{ inventory_hostname }}"
    target: "{{ network_zones.svc.prefix | ipaddr(network_zones.svc.offsets[inventory_hostname]) | ipaddr('address') }}:{{ ansible_port | default(22) }}"
    module: ssh_banner

prometheus_job_multitarget_ssl__probe:
  ch-testvm-prometheus:
  - instance: "sslcert-prometheus-{{ inventory_hostname }}"
    target: "/etc/ssl/prometheus/**/*.pem"
    module: file


containerd_storage:
  type: lvm
  vg: "{{ host_name }}"
  lv: containerd
  size: 20G
  fs: ext4

kubelet_storage:
  type: lvm
  vg: "{{ host_name }}"
  lv: kubelet
  size: 15G
  fs: ext4

kubernetes_version: 1.21.1
kubernetes_container_runtime: containerd
kubernetes_standalone_max_pods: 42
kubernetes_standalone_cni_variant: with-portmap