varnitgoyal95/deployment-portal-be
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8f192f76895af1debf2e29284782c40cb7ce4fdf
deployment-portal-be/templates/cluster_values.jsonnet
Ankit Bhardwaj Bhardwaj c298a6d255 INFRA-3113 | Ankit Bhardwaj | changing heap dump bucket name for prod ml cluster. (#865) 
* INFRA-3113 | Ankit Bhardwaj | adding k8s-pvc-tagger/tags annotations

* INFRA-3113 | Ankit Bhardwaj | changing heap dump bucket for mlops cluster

* INFRA-3113 | Ankit Bhardwaj | changing heap dump bucket for mlops cluster

* INFRA-3113 | Ankit Bhardwaj | removed additional variable

* INFRA-3113 | Ankit Bhardwaj | merged master

* INFRA-3113 | Ankit Bhardwaj | removed default heapdumpbucketname
2024-04-03 09:26:17 +05:30

1488 lines
46 KiB
Jsonnet
Raw Blame History

{
baseCluster+:: {
loadBalancer+:: {
sourceRanges:: ['1.1.1.1/32'],
annotations+:: {
webAcl:: 'dummy-webacl',
deletionProtection:: false,
accessLog:: true,
subnets+:: {},
},
},
commonApiGateway+:: {
externalAuth:: {
config:: {
url:: 'dummyUrl',
},
},
},
sidecarEnabled:: true,
zalandoEnabled:: true,
isEfsSupported: false,
isFsxSupported: false,
isVpaDeployed:: true,
isSwApmEnabled:: false
},
// Perf Endpoints
perfDomainEndpoint:: {
lending: '.np.navi-tech.in',
insurance: '.np.navi-gi.in',
sa: '.np.navi-sa.in',
amc: '.np.navi-amc.in',
},
//Non Prod cluster
'nonprod.np.navi-tech.in':: {
default:: $.baseCluster {
additionalTags+:: {
product:: 'lending',
},
flinkBucket: 'navi-flink-nonprod',
isEfsSupported: true,
isFsxSupported: true,
awsAccountId: 571315076762,
loadBalancer+:: {
annotations+:: {
webAcl:: 'arn:aws:wafv2:ap-south-1:571315076762:regional/webacl/AclNonProd/9ad3e612-4125-42ec-ab83-9e83ce95ac22',
securityGroups+:: {
//This security group allows packets from everywhere
internetFacing:: 'sg-01bbd376d7004403e',
//This security group allows packets from office Ips(VPN, LAN etc)
officeIp:: 'sg-01a64c085bfdb2cbb',
//This security group allows inter k8 cluster communication
internal:: 'sg-0bc07e856d000a5f4',
//This security group allows HTTP traffic from everywhere
http:: 'sg-022aa76e816973224',
// Cloudflare ips
cdn:: 'sg-04abaea56b3db4697',
},
sslCert:: {
'np.navi-tech.in':: 'arn:aws:acm:ap-south-1:571315076762:certificate/a19c398a-639b-45ca-b885-4cf6002a16dc',
'np.navi-ext.com':: 'arn:aws:acm:ap-south-1:571315076762:certificate/d9f5aac3-daee-401a-9035-b3f89a348d21',
'navibank.ph':: 'arn:aws:acm:ap-south-1:571315076762:certificate/a19c398a-639b-45ca-b885-4cf6002a16dc',
'navi.com':: 'arn:aws:acm:ap-south-1:571315076762:certificate/a19c398a-639b-45ca-b885-4cf6002a16dc',
},
subnets:: {
internal:: 'internal-lb-ap-south-1a.nonprod.np.navi-tech.in,internal-lb-ap-south-1b.nonprod.np.navi-tech.in',
},
accessLogBucket:: 'navi-nonprod-lb-access-logs',
accessLog: true,
},
},
},
qa:: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-services-alb',
},
},
},
dev:: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-services-alb',
},
},
},
automation:: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'automation-services-alb',
},
fixedHostNames+:: {
'mobile-application': 'automation-api.navi.com',
},
},
},
'qa-internal':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-internal-services-alb',
},
},
},
perf:: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'perf-services-alb',
},
},
},
'dev-internal':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-internal-services-alb',
},
},
},
'dev-critical':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-critical-services-alb',
},
},
},
'qa-critical':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-critical-services-alb',
},
},
},
'dev-3p':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-3p-services-alb',
},
fixedHostNames+:: {
'mobile-application': 'dev-api.navi.com',
},
},
},
'qa-3p':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-3p-services-alb',
},
fixedHostNames+:: {
'mobile-application': 'qa-api.navi.com',
},
},
},
},
//CMD cluster
'prod.cmd.navi-tech.in':: {
default:: $.baseCluster {
additionalTags+:: {
product:: 'shared',
},
isVpaDeployed:: false,
awsAccountId: 193044292705,
loadBalancer+:: {
annotations+:: {
securityGroups+:: {
//This security group allows inter k8 cluster communication
internal:: 'sg-05a07c526f95eeb77',
//This security group allows packets from office Ips(VPN, LAN etc)
officeIp:: 'sg-07e815976f838974d',
// Cloudflare IPs
cdn:: 'sg-030f711a697aefbcd',
//This security group allows HTTP traffic from everywhere
http:: 'sg-0c46b6742d741ef56',
},
sslCert:: {
'cmd.navi-tech.in':: 'arn:aws:acm:ap-south-1:193044292705:certificate/f5746e77-f3e0-467b-b09e-3f6f2bd33d5d',
},
accessLog:: true,
accessLogBucket:: 'navi-cmd-lb-access-logs',
},
},
sidecarEnabled:: false,
},
},
//GI nonprod cluster
'aps1.np.navi-gi.in':: {
default:: $.baseCluster {
additionalTags+:: {
product:: 'gi',
},
commonApiGateway+:: {
externalAuth:: {
config:: {
url:: 'https://test-ops-auth-service.np.navi-gi.in/auth',
},
},
},
flinkBucket: 'navi-flink-gi-nonprod',
awsAccountId: 883430762451,
loadBalancer+:: {
annotations+:: {
webAcl:: 'arn:aws:wafv2:ap-south-1:883430762451:regional/webacl/AclNonProdGi/63c08952-a0ca-4f20-b237-ebebc3e6b45e',
securityGroups+:: {
//This security group allows inter k8 cluster communication
internal:: 'sg-095f4e72442a3b1cb',
//This security group allows packets from office Ips(VPN, LAN etc)
officeIp:: 'sg-092a892e2ed92f934',
//This security group allows packets from everywhere
internetFacing:: 'sg-00f702563af978c17',
natIp:: 'sg-0bbe47680861cb3af',
//This security group allows HTTP traffic from everywhere
http:: 'sg-05ed65ea26e845f6b',
// CF ips
cdn:: 'sg-0101e7a8058f3ff90',
},
sslCert:: {
'np.navi-gi.in':: 'arn:aws:acm:ap-south-1:883430762451:certificate/fc0dbd8e-7754-48ac-b5f1-dc5614f918f1',
'navi.com':: 'arn:aws:acm:ap-south-1:883430762451:certificate/cbd7d693-ef24-44c7-a26c-44cbe198cc89',
},
accessLog:: true,
accessLogBucket:: 'aps1.np.navi-gi.in-alb-access-logs',
subnets:: {
internal: 'internal-lb-ap-south-1a.aps1.np.navi-gi.in,internal-lb-ap-south-1b.aps1.np.navi-gi.in',
},
},
},
},
qa:: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-services-alb',
},
},
},
dev:: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-services-alb',
},
},
},
'qa-internal':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-internal-services-alb',
},
},
},
perf:: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'perf-services-alb',
},
},
},
'dev-internal':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-internal-services-alb',
},
},
},
'dev-critical':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-critical-services-alb',
},
},
},
'qa-critical':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-critical-services-alb',
},
},
},
'dev-3p':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-3p-services-alb',
},
},
},
'qa-3p':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-3p-services-alb',
},
},
},
},
'aps1.np.navi-amc.in':: {
default:: $.baseCluster {
additionalTags+:: {
product:: 'amc',
},
loadBalancer+:: {
annotations+:: {
webAcl:: 'arn:aws:wafv2:ap-south-1:667580634104:regional/webacl/AclNonProdAmc/354559db-49fc-465c-9b30-fd84d4583c40',
securityGroups+:: {
//This security group allows inter k8 cluster communication(nodes security group)
internal:: 'sg-02acb03253f80d846',
//This security group allows packets from office Ips(VPN, LAN etc)
officeIp:: 'sg-0655b24320f15a3c7',
//This security group allows packets from everywhere
internetFacing:: 'sg-0064b8d763e4ee8a6',
natIp:: 'sg-03986fe435275bce3',
//This security group allows HTTP traffic from everywhere
http:: 'sg-09c7dc317585f77fe',
},
sslCert:: {
'np.navi-amc.in':: 'arn:aws:acm:ap-south-1:667580634104:certificate/d6b73d36-d83b-4a75-aec3-bb05b8c995a4',
'navi.com':: 'arn:aws:acm:ap-south-1:667580634104:certificate/d6b73d36-d83b-4a75-aec3-bb05b8c995a4',
},
accessLog:: true,
accessLogBucket:: 'aps1.np.navi-amc.in-alb-access-logs',
subnets:: {
internal: 'ap-south-1a.aps1.np.navi-amc.in,ap-south-1b.aps1.np.navi-amc.in,ap-south-1c.aps1.np.navi-amc.in',
},
},
},
},
qa:: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-services-alb',
},
},
},
dev:: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-services-alb',
},
},
},
'qa-internal':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-internal-services-alb',
},
},
},
perf:: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'perf-services-alb',
},
},
},
'dev-internal':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-internal-services-alb',
},
},
},
'dev-critical':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-critical-services-alb',
},
},
},
'qa-critical':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-critical-services-alb',
},
},
},
'dev-3p':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-3p-services-alb',
},
},
},
'qa-3p':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-3p-services-alb',
},
},
},
},
'aps1.np.navi-sa.in':: {
default:: $.baseCluster {
additionalTags+:: {
product:: 'sa',
},
flinkBucket: 'navi-flink-sa-nonprod',
awsAccountId: 197185947855,
loadBalancer+:: {
annotations+:: {
webAcl:: 'arn:aws:wafv2:ap-south-1:197185947855:regional/webacl/AclNonProdSa/bbb07e35-7353-41d2-8603-fcbac4adf181',
securityGroups+:: {
//This security group allows inter k8 cluster communication(nodes security group)
internal:: 'sg-0800f97f9c4cf731b',
//This security group allows packets from office Ips(VPN, LAN etc)
officeIp:: 'sg-0c954334a33a84784',
//This security group allows packets from everywhere
internetFacing:: 'sg-00abfe4eb79cb607b',
natIp:: 'sg-01d5ec5d474097cae',
//This security group allows HTTP traffic from everywhere
http:: 'sg-079bf73b2288f63ae',
// Cloudflare ips
cdn:: 'sg-023c2b1a40cdae68d',
},
sslCert:: {
'np.navi-sa.in':: 'arn:aws:acm:ap-south-1:197185947855:certificate/a8025483-daf3-49f9-8528-4ffa4683ce88',
'navi.com':: 'arn:aws:acm:ap-south-1:197185947855:certificate/a8025483-daf3-49f9-8528-4ffa4683ce88',
'loangy.com':: 'arn:aws:acm:ap-south-1:197185947855:certificate/202f2edf-51ff-4b8d-97af-84750f8d15cf',
'nuford.com':: 'arn:aws:acm:ap-south-1:197185947855:certificate/68208769-4040-4b29-842f-a1034c5f338a',
},
accessLogBucket:: 'aps1.np.navi-sa.in-alb-access-logs',
accessLog:: true,
subnets:: {
internal: 'ap-south-1a.aps1.np.navi-sa.in,ap-south-1b.aps1.np.navi-sa.in,ap-south-1c.aps1.np.navi-sa.in',
},
},
},
isSwApmEnabled:: false,
},
qa:: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-services-alb',
},
},
},
'navi-ops-tech-qa':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-services-alb',
},
},
},
'navi-ops-tech-dev':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-services-alb',
},
},
},
dev:: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-services-alb',
},
},
},
'qa-internal':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-internal-services-alb',
},
},
},
perf:: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'perf-services-alb',
},
},
},
'dev-internal':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-internal-services-alb',
},
},
},
'dev-critical':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-critical-services-alb',
},
},
},
'qa-critical':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-critical-services-alb',
},
},
},
'dev-3p':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-3p-services-alb',
},
},
},
'qa-3p':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-3p-services-alb',
},
},
},
},
// sa-prod
'aps1.prod.navi-sa.in':: {
default:: $.baseCluster {
additionalTags+:: {
product:: 'sa',
},
flinkBucket: 'navi-flink-sa-prod',
awsAccountId: 120419666648,
isVpaDeployed:: true,
loadBalancer+: {
annotations+:: {
webAcl:: 'arn:aws:wafv2:ap-south-1:120419666648:regional/webacl/AclMASProdSa/3cd8ff0b-716b-4342-aa69-9592bc98055d',
securityGroups+:: {
//This security group allows packets from everywhere
internetFacing:: 'sg-0eefc892db09982c2',
//This security group allows packets from office Ips(VPN, LAN etc)
officeIp:: 'sg-0fe034c75aa465ef3',
//This security group allows inter k8 cluster communication
internal:: 'sg-011f3fb53e6506486',
//This security group allows communication from nat gateways of prod cluster
natIp:: 'sg-03b3400e9107cf8bc',
//This security group allows HTTP traffic from everywhere
http:: 'sg-0853dd98badfed3bd',
// Cloudflare ips
cdn:: 'sg-01ee5bcb8640e2a1a',
},
sslCert:: {
'prod.navi-sa.in':: 'arn:aws:acm:ap-south-1:120419666648:certificate/196a820c-feec-4005-a7fd-a51ed72d4329',
'navi.com':: 'arn:aws:acm:ap-south-1:120419666648:certificate/196a820c-feec-4005-a7fd-a51ed72d4329',
'navi.net':: 'arn:aws:acm:ap-south-1:120419666648:certificate/fdfab80c-fc67-4005-938c-05b1188508ee',
'loangy.com':: 'arn:aws:acm:ap-south-1:120419666648:certificate/a9494b99-c325-4058-bd51-807a3c8227a9',
'nuford.com':: 'arn:aws:acm:ap-south-1:120419666648:certificate/d96e7a0d-8a14-46a0-92da-95a13faedf3f',
'navifinserv.com':: 'arn:aws:acm:ap-south-1:120419666648:certificate/15f090d7-608c-4938-911c-6244a9922eb6',
},
subnets:: {
internal: 'ap-south-1a.aps1.prod.navi-sa.in,ap-south-1b.aps1.prod.navi-sa.in,ap-south-1c.aps1.prod.navi-sa.in',
},
accessLogBucket:: 'aps1.prod.navi-sa.in-alb-access-logs',
accessLog:: true,
deletionProtection:: false,
},
},
},
'prod-3p':: self.default {
loadBalancer+:: {
fixedHostNames+:: {
'mobile-application': 'sa-api.navi.com',
},
},
},
},
//PROD cluster
'aps1.prod.navi-tech.in':: {
default:: $.baseCluster {
additionalTags+:: {
product:: 'lending',
},
flinkBucket: 'navi-flink-prod',
isEfsSupported: true,
isFsxSupported: true,
awsAccountId: 492941056607,
isVpaDeployed:: true,
loadBalancer+: {
annotations+:: {
webAcl:: 'arn:aws:wafv2:ap-south-1:492941056607:regional/webacl/AclProd/fa85bcff-3c71-434c-be4f-dc4e0456c47d',
securityGroups+:: {
//This security group allows packets from everywhere
internetFacing:: 'sg-0a4e70d66a8a8bc34',
//This security group allows packets from office Ips(VPN, LAN etc)
officeIp:: 'sg-0df3121be8adc2fbc',
//This security group allows inter k8 cluster communication
internal:: 'sg-064d258429b99b518',
//This security group allows communication from nat gateways of prod cluster
natIp:: 'sg-0c7fb31b9b27e5e6f',
//This security group allows HTTP traffic from everywhere
http:: 'sg-032733713f4787bdc',
cdn:: 'sg-09317e0e354c7f81f',
},
sslCert:: {
'prod.navi-tech.in':: 'arn:aws:acm:ap-south-1:492941056607:certificate/07a548dc-249d-4475-8783-58e3060b0c3f',
'prod.navi-ext.com':: 'arn:aws:acm:ap-south-1:492941056607:certificate/0a3af671-4e93-415a-a05d-7f4d7dead5dc',
'navi-ext.com':: 'arn:aws:acm:ap-south-1:492941056607:certificate/0a3af671-4e93-415a-a05d-7f4d7dead5dc',
'navi.com':: 'arn:aws:acm:ap-south-1:492941056607:certificate/50681498-31f5-4117-8b42-8d0662ab5e93',
'go-nlc.com':: 'arn:aws:acm:ap-south-1:492941056607:certificate/0ae1b16f-855c-48ca-bcf8-8692a7893d95',
'navi.net':: 'arn:aws:acm:ap-south-1:492941056607:certificate/194e6d16-a263-4f08-bc2a-414e05bf5cd3',
'naviinsurance.com':: 'arn:aws:acm:ap-south-1:492941056607:certificate/6e9dfccd-9794-483f-a884-789abf81747d',
},
subnets:: {
internal: 'internal-lb-ap-south-1a.aps1.prod.navi-tech.in,internal-lb-ap-south-1b.aps1.prod.navi-tech.in,internal-lb-ap-south-1c.aps1.prod.navi-tech.in',
},
accessLogBucket:: 'navi-prod-lb-access-logs',
accessLog:: true,
deletionProtection:: false,
},
},
},
'prod-3p':: self.default {
loadBalancer+:: {
fixedHostNames+:: {
'mobile-application': 'api.navi.com',
},
},
},
},
// GI cluster
//PROD cluster
'aps1.prod.navi-gi.in':: {
default:: $.baseCluster {
additionalTags+:: {
product:: 'gi',
},
flinkBucket: 'navi-flink-gi-prod',
awsAccountId: 590617173486,
loadBalancer+: {
annotations+:: {
webAcl:: 'arn:aws:wafv2:ap-south-1:590617173486:regional/webacl/AclMASProdGi/284f5c83-ae37-4197-b885-37773aded948',
securityGroups+:: {
//This security group allows packets from everywhere
internetFacing:: 'sg-0b1ccba594a9d1119',
//This security group allows packets from office Ips(VPN, LAN etc)
officeIp:: 'sg-09598b733e28af8f1',
//This security group allows inter k8 cluster communication
internal:: 'sg-0c3570037bbe9e753',
//This security group allows communication from nat gateways of prod cluster
natIp:: 'sg-0c13df2b692dadfbc',
//This security group allows HTTP traffic from everywhere
http:: 'sg-0c325908ef9db57da',
// Cloudflare ips
cdn:: 'sg-0ecd8f0de802b40c2',
},
sslCert:: {
'prod.navi-gi.in':: 'arn:aws:acm:ap-south-1:590617173486:certificate/2ceb99d1-c50d-47d3-8e37-6743726fe48d',
'prod.navi-gi-ext.com':: 'arn:aws:acm:ap-south-1:590617173486:certificate/2ceb99d1-c50d-47d3-8e37-6743726fe48d',
'naviinsurance.com':: 'arn:aws:acm:ap-south-1:590617173486:certificate/b60efe78-e8da-43c0-ac7a-cb61adaffd43',
'navi-gi.in':: 'arn:aws:acm:ap-south-1:590617173486:certificate/b60efe78-e8da-43c0-ac7a-cb61adaffd43',
'navi.com':: 'arn:aws:acm:ap-south-1:590617173486:certificate/2ceb99d1-c50d-47d3-8e37-6743726fe48d',
'argohealthsure.com':: 'arn:aws:acm:ap-south-1:590617173486:certificate/481cebc0-897f-48d2-88a7-9a1eccbfe793',
'navi.net':: 'arn:aws:acm:ap-south-1:590617173486:certificate/904c0763-75ec-4c6c-8ac7-2094d72e778c',
},
subnets:: {
internal: 'ap-south-1a.aps1.prod.navi-gi.in,ap-south-1b.aps1.prod.navi-gi.in,ap-south-1c.aps1.prod.navi-gi.in',
},
accessLogBucket:: 'navi-prod-gi-lb-access-logs',
accessLog:: true,
deletionProtection:: false,
},
},
},
'prod-3p':: self.default {
loadBalancer+:: {
fixedHostNames+:: {
'mobile-application': 'gi-api.navi.com',
},
},
},
},
'aps1.prod.navi-amc.in':: {
default:: $.baseCluster {
additionalTags+:: {
product:: 'amc',
},
zalandoEnabled:: false,
flinkBucket: 'navi-flink-navi-amc-prod',
awsAccountId: 121661608696,
isVpaDeployed:: true,
loadBalancer+: {
annotations+:: {
webAcl:: 'WAF ACL is not required for this cluster. Use API Gateway or Cloudflare instead.',
securityGroups+:: {
//This security group allows packets from everywhere
internetFacing:: 'sg-084e3d4a23b307840',
//This security group allows packets from office Ips(VPN, LAN etc)
officeIp:: 'sg-0ba9c0e4dbb8c1e09',
//This security group allows inter k8 cluster communication
internal:: 'sg-064a66df84f58df82',
//This security group allows communication from nat gateways of prod cluster
natIp:: 'sg-045b3038d61746065',
//This security group allows HTTP traffic from everywhere
http:: 'sg-0a0499ba0ce2a488f',
},
sslCert:: {
'prod.navi-amc.in':: 'arn:aws:acm:ap-south-1:121661608696:certificate/20378b6a-0391-43f0-bd59-6ac83ebf7d60',
},
subnets:: {
internal: 'ap-south-1a.aps1.prod.navi-amc.in,ap-south-1b.aps1.prod.navi-amc.in,ap-south-1c.aps1.prod.navi-amc.in',
},
accessLogBucket:: 'navi-prod-amc-lb-access-logs',
accessLog:: true,
},
},
},
},
//colending PROD cluster
'aps1.prod.navi-colending.in':: {
default:: $.baseCluster {
additionalTags+:: {
product:: 'colending',
},
zalandoEnabled:: false,
loadBalancer+: {
annotations+:: {
webAcl:: 'arn:aws:wafv2:ap-south-1:903695743721:regional/webacl/AclMASProdColending/3c155013-3bd1-4198-b7fc-8d345acb2324',
securityGroups+:: {
//This security group allows packets from everywhere
internetFacing:: 'sg-030b62263df624188',
//This security group allows packets from office Ips(VPN, LAN etc)
officeIp:: 'sg-03b488d79b9bf1d40',
//This security group allows inter k8 cluster communication
internal:: 'sg-0e58f969aa60be012',
//This security group allows communication from nat gateways of prod cluster
natIp:: 'sg-00020a1085c55a380',
//This security group allows HTTP traffic from everywhere
http:: 'sg-05a801a9dcdcaeff2',
},
sslCert:: {
'prod.navi-colending.in':: 'arn:aws:acm:ap-south-1:903695743721:certificate/821aa0ec-ecfa-4432-af60-718fe249aede',
'go-nlc.com':: 'arn:aws:acm:ap-south-1:903695743721:certificate/2c8774fd-de94-47c9-96f5-377fcdd48c1c',
},
subnets:: {
internal: 'prod-colending-private-subnet01-ap-south-1a,prod-colending-private-subnet01-ap-south-1b,prod-colending-private-subnet01-ap-south-1c',
},
accessLogBucket:: 'aps1-prod-colending-alb-access-logs',
accessLog:: true,
deletionProtection:: false,
},
},
},
'prod-3p':: self.default {
loadBalancer+:: {
fixedHostNames+:: {
'mobile-application': 'colending-api.navi.com',
},
},
},
},
//colending nonprod cluster
'aps1.np.navi-colending.in':: {
default:: $.baseCluster {
additionalTags+:: {
product:: 'colending',
},
zalandoEnabled:: false,
loadBalancer+: {
annotations+:: {
webAcl:: 'arn:aws:wafv2:ap-south-1:942894539187:regional/webacl/AclNonProdColending/fb72041b-1136-4d51-a3af-2f3510c71763',
securityGroups+:: {
//This security group allows packets from everywhere
internetFacing:: 'sg-0001aca7a784a21aa',
//This security group allows packets from office Ips(VPN, LAN etc)
officeIp:: 'sg-0367bbf59da32f056',
//This security group allows inter k8 cluster communication
internal:: 'sg-01e48bdc4d14b4b71',
//This security group allows communication from nat gateways of nonprod cluster
natIp:: 'sg-00e7c7c3ae689c0bb',
//This security group allows HTTP traffic from everywhere
http:: 'sg-07a6684a8c4caf18e',
},
sslCert:: {
'np.navi-colending.in':: 'arn:aws:acm:ap-south-1:942894539187:certificate/c0588d27-8375-4795-89a4-b417f9b92ee4',
},
subnets:: {
internal: 'nonprod-colending-private-subnet01-ap-south-1a,nonprod-colending-private-subnet01-ap-south-1b,nonprod-colending-private-subnet01-ap-south-1c',
},
accessLogBucket:: 'aps1-np-colending-alb-access-logs',
accessLog:: true,
deletionProtection:: false,
},
},
},
qa:: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-services-alb',
},
},
},
dev:: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-services-alb',
},
},
},
'qa-internal':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-internal-services-alb',
},
},
},
perf:: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'perf-services-alb',
},
},
},
'dev-internal':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-internal-services-alb',
},
},
},
'dev-critical':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-critical-services-alb',
},
},
},
'qa-critical':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-critical-services-alb',
},
},
},
'dev-3p':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-3p-services-alb',
},
},
},
'qa-3p':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-3p-services-alb',
},
},
},
},
//navi-pay nonprod cluster
'aps1.np.navi-pay.in':: {
default:: $.baseCluster {
additionalTags+:: {
product:: 'navi-pay',
},
flinkBucket: 'navi-flink-navi-pay-nonprod',
awsAccountId: 840875920349,
zalandoEnabled:: false,
commonApiGateway+:: {
externalAuth:: {
config:: {
url:: 'https://dev-navipay-external-client.np.navi-pay.in/external-client-service/auth',
},
},
},
loadBalancer+: {
annotations+:: {
webAcl:: 'arn:aws:wafv2:ap-south-1:840875920349:regional/webacl/AclNonProdNaviPay/4066d790-24db-420b-8bef-18fab8aab41e',
securityGroups+:: {
//This security group allows packets from everywhere
internetFacing:: 'sg-0fa070f1f06716bff',
//This security group allows packets from office Ips(VPN, LAN etc)
officeIp:: 'sg-0e3a4d99b08f1af52',
//This security group allows inter k8 cluster communication
internal:: 'sg-08780f13445d3455d',
//This security group allows communication from nat gateways of nonprod cluster
natIp:: 'sg-0eb39100171bbde83',
//This security group allows HTTP traffic from everywhere
http:: 'sg-08721320e6adbdf1b',
// Cloudflare ips
cdn:: 'sg-04aa6cd49eed4a11d',
},
sslCert:: {
'np.navi-pay.in':: 'arn:aws:acm:ap-south-1:840875920349:certificate/9a655746-7db5-4c67-8941-22f0ff80026e',
},
subnets:: {
internal: 'nonprod-navi-pay-private-subnet01-ap-south-1a,nonprod-navi-pay-private-subnet01-ap-south-1b,nonprod-navi-pay-private-subnet01-ap-south-1c',
},
accessLogBucket:: 'aps1-np-navi-pay-alb-access-logs',
accessLog:: true,
deletionProtection:: false,
},
},
},
qa:: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-services-alb',
},
},
},
dev:: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-services-alb',
},
},
},
'qa-internal':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-internal-services-alb',
},
},
},
perf:: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'perf-services-alb',
},
},
},
'dev-internal':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-internal-services-alb',
},
},
},
'dev-critical':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-critical-services-alb',
},
},
},
'qa-critical':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-critical-services-alb',
},
},
},
'dev-3p':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-3p-services-alb',
},
},
},
'qa-3p':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-3p-services-alb',
},
},
},
},
//navi-saas nonprod cluster
'aps1.np.navi-saas.in':: {
default:: $.baseCluster {
additionalTags+:: {
product:: 'saas',
},
zalandoEnabled:: false,
loadBalancer+: {
annotations+:: {
webAcl:: 'arn:aws:wafv2:ap-south-1:334573405453:regional/webacl/AclNonProdNaviSaas/8f6e2e84-9c90-4956-825c-4cff20a38e18',
securityGroups+:: {
//This security group allows packets from everywhere
internetFacing:: 'sg-0478f9870d4a9c560',
//This security group allows packets from office Ips(VPN, LAN etc)
officeIp:: 'sg-02af9692b15baa4f3',
//This security group allows inter k8 cluster communication
internal:: 'sg-0c9b05d1d251ad6a4',
//This security group allows communication from nat gateways of nonprod cluster
natIp:: 'sg-0ba2f4125960ee4c9',
//This security group allows HTTP traffic from everywhere
http:: 'sg-00f43883eaa7a2ebb',
// Cloudflare ips
cdn:: 'sg-0d8654c7f61d13b36',
},
sslCert:: {
'np.navi-saas.in':: 'arn:aws:acm:ap-south-1:334573405453:certificate/7dc303c8-2fd6-40c9-89fd-d85676e00f74',
},
subnets:: {
internal: 'nonprod-navi-saas-private-subnet01-ap-south-1a,nonprod-navi-saas-private-subnet01-ap-south-1b,nonprod-navi-saas-private-subnet01-ap-south-1c',
},
accessLogBucket:: 'aps1-np-navi-saas-alb-access-logs',
accessLog:: true,
deletionProtection:: false,
},
},
},
qa:: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-services-alb',
},
},
},
dev:: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-services-alb',
},
},
},
'qa-internal':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-internal-services-alb',
},
},
},
perf:: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'perf-services-alb',
},
},
},
'dev-internal':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-internal-services-alb',
},
},
},
'dev-critical':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-critical-services-alb',
},
},
},
'qa-critical':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-critical-services-alb',
},
},
},
'dev-3p':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-3p-services-alb',
},
},
},
'qa-3p':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-3p-services-alb',
},
},
},
},
//Spike cluster
'spike.np.navi-tech.in':: {
default:: $.baseCluster {
additionalTags+:: {
product:: 'shared',
},
loadBalancer+:: {
annotations+:: {
webAcl:: 'arn:aws:wafv2:ap-south-1:571315076762:regional/webacl/AclNonProd/9ad3e612-4125-42ec-ab83-9e83ce95ac22',
securityGroups+:: {
//This security group allows packets from everywhere
internetFacing:: 'sg-0ebec8d9727618fd6',
//This security group allows packets from office Ips(VPN, LAN etc)
officeIp:: 'sg-0fd848902c4616550',
//This security group allows inter k8 cluster communication
internal:: 'sg-009129cbe138c921a',
// sg for http
http:: 'sg-06cc4240b0ffd8cc4',
// sg for CF ips
cdn:: 'sg-0b7563d6b962d6676',
},
sslCert:: {
'spike.navi-tech.in':: 'arn:aws:acm:ap-south-1:571315076762:certificate/4cbea2e2-2a83-4733-a822-29f44a6a16c4',
'spike.navi-ext.com':: 'arn:aws:acm:ap-south-1:571315076762:certificate/ccf17c74-a5eb-4470-9963-cff3c3296c97',
},
accessLogBucket:: 'navi-nonprod-lb-access-logs',
deletionProtection:: false,
},
},
},
},
//Data platform cluster
'aps1.dp.navi-tech.in':: {
default:: $.baseCluster {
sidecarEnabled:: false,
additionalTags+:: {
product:: 'DataPlatform',
},
flinkBucket: 'navi-flink-dp-prod',
awsAccountId: 594542361424,
isVpaDeployed:: false,
loadBalancer+:: {
annotations+:: {
webAcl:: 'WAF ACL is not required for this cluster. Use API Gateway or Cloudflare instead.',
securityGroups+:: {
//This security group allows inter k8 cluster communication(nodes security group)
internal:: 'sg-07a65dbfbd6c42341',
//This security group allows packets from office Ips(VPN, LAN etc)
officeIp:: 'sg-04b7d5863a360176c',
//This security group allows packets from everywhere
internetFacing:: 'sg-0473a1399a9671143',
natIp:: 'sg-0099e44dd1758ab89',
//This security group allows HTTP traffic from everywhere
http:: 'sg-03eaac3bc24db6738',
// Cloudflare SG
cdn:: 'sg-0a3d26e45c4d32787',
},
sslCert:: {
'dp.navi-tech.in':: 'arn:aws:acm:ap-south-1:594542361424:certificate/3646fee2-c07a-4e43-9683-14edb14cf694',
'prod.navi-tech.in':: 'arn:aws:acm:ap-south-1:492941056607:certificate/07a548dc-249d-4475-8783-58e3060b0c3f',
},
accessLog:: true,
accessLogBucket:: 'aps1-dp-navi-tech-alb-access-logs',
subnets:: {
internal: 'data-platform-eks-private-ap-south-1a,data-platform-eks-private-ap-south-1b,data-platform-eks-private-ap-south-1c',
},
},
},
},
},
//Data platform cluster
'aps1.np.dp.navi-tech.in':: {
default:: $.baseCluster {
sidecarEnabled:: false,
additionalTags+:: {
product:: 'DataPlatform',
},
flinkBucket: 'navi-flink-dp-nonprod',
awsAccountId: 644366753862,
isVpaDeployed:: false,
loadBalancer+:: {
annotations+:: {
webAcl:: 'WAF ACL is not required for this cluster. Use API Gateway or Cloudflare instead.',
securityGroups+:: {
//This security group allows inter k8 cluster communication(nodes security group)
internal:: 'sg-0694dbac4b980a99c',
//This security group allows packets from office Ips(VPN, LAN etc)
officeIp:: 'sg-05577e828628ad6fa',
//This security group allows packets from everywhere
internetFacing:: 'sg-0bc67bbc16eeaa7fc',
natIp:: 'sg-0b1c4e57f642bf766',
//This security group allows HTTP traffic from everywhere
http:: 'sg-00667a4f566c8ffc8',
// Cloudflare SG
cdn:: 'sg-015f6617b95d8448f',
},
sslCert:: {
'np.dp.navi-tech.in':: 'arn:aws:acm:ap-south-1:644366753862:certificate/1033dabd-c5c8-4e45-aad1-380d53c1d232',
},
accessLog:: true,
accessLogBucket:: 'aps1-np-dp-navi-tech-alb-access-logs',
subnets:: {
internal: 'data-platform-nonprod-private-subnet01-ap-south-1a,data-platform-nonprod-private-subnet01-ap-south-1b',
},
},
},
},
},
//Navi-pay prod cluster
'aps1.prod.navi-pay.in':: {
default:: $.baseCluster {
additionalTags+:: {
product:: 'navi-pay',
},
zalandoEnabled:: false,
flinkBucket: 'navi-flink-prod',
awsAccountId: 928489389470,
isVpaDeployed:: true,
loadBalancer+:: {
annotations+:: {
webAcl:: 'WAF ACL is not required for this cluster. Use API Gateway or Cloudflare instead.',
securityGroups+:: {
//This security group allows inter k8 cluster communication(nodes security group)
internal:: 'sg-038b43e1ec70f8e8f',
//This security group allows packets from office Ips(VPN, LAN etc)
officeIp:: 'sg-008cea2813bc422d0',
//This security group allows packets from everywhere
internetFacing:: 'sg-06e5131b85ed91eb6',
natIp:: 'sg-06476c7a084fc7994',
//This security group allows HTTP traffic from everywhere
http:: 'sg-0c4b2773323da9c66',
// Cloudflare SG
cdn:: 'sg-0971dd662e54a5722',
},
sslCert:: {
'prod.navi-pay.in':: 'arn:aws:acm:ap-south-1:928489389470:certificate/4c2826e3-5f7d-4dd6-a279-3584ee15d8fb',
},
accessLog:: true,
accessLogBucket:: 'aps1-prod-navi-pay-alb-access-logs',
subnets:: {
internal: 'prod-navi-pay-private-subnet01-ap-south-1a,prod-navi-pay-private-subnet01-ap-south-1b,prod-navi-pay-private-subnet01-ap-south-1c',
},
},
},
},
},
'aps1.prod.ml.navi-tech.in':: {
default:: $.baseCluster {
additionalTags+:: {
product:: 'blizzard',
},
flinkBucket: 'navi-flink-ml-prod',
heapDumpBucket: 'java-heap-dumps-ml-prod',
isEfsSupported: true,
isFsxSupported: true,
awsAccountId: 492941056607,
isVpaDeployed:: false,
loadBalancer+:: {
annotations+:: {
webAcl:: 'WAF ACL is not required for this cluster. Use API Gateway or Cloudflare instead.',
securityGroups+:: {
//This security group allows inter k8 cluster communication(nodes security group)
internal:: 'sg-05d9d3e66d55ed677',
//This security group allows packets from office Ips(VPN, LAN etc)
officeIp:: 'sg-0139d7eb8709a9fdc',
//This security group allows packets from everywhere
internetFacing:: 'sg-0e0cca12102820a81',
natIp:: 'sg-0efb731547402e4b2',
//This security group allows HTTP traffic from everywhere
http:: 'sg-0762245d9e914ceec',
// Cloudflare SG
cdn:: 'sg-0d429839605004d55',
},
sslCert:: {
'prod.ml.navi-tech.in':: 'arn:aws:acm:ap-south-1:492941056607:certificate/6bca6bec-e70b-4557-9f06-c7c4ac731ea1',
'prod.navi-tech.in':: 'arn:aws:acm:ap-south-1:492941056607:certificate/07a548dc-249d-4475-8783-58e3060b0c3f',
},
accessLog:: true,
accessLogBucket:: 'aps1-prod-mlops-alb-access-logs',
subnets:: {
internal: 'prod-mlops-private-subnet01-ap-south-1a,prod-mlops-private-subnet01-ap-south-1b,prod-mlops-private-subnet01-ap-south-1c',
},
},
},
zalandoEnabled:: false,
},
},
'aps1.np.navi-ppl.in'::{
default:: $.baseCluster {
additionalTags+:: {
product:: 'navi-ppl',
},
flinkBucket: 'navi-flink-navi-ppl-nonprod',
awsAccountId: 471112764652,
zalandoEnabled:: false,
isVpaDeployed:: true,
loadBalancer+:: {
annotations+:: {
webAcl:: 'WAF ACL is not required for this cluster. Use API Gateway or Cloudflare instead.',
securityGroups+:: {
//This security group allows inter k8 cluster communication(nodes security group)
internal:: 'sg-0051cb11fff4c5fb2',
//This security group allows packets from office Ips(VPN, LAN etc)
officeIp:: 'sg-0be3e60ef8a431589',
//This security group allows packets from everywhere
internetFacing:: 'sg-0a92ec85b904a120c',
//This security group allows communication from nat gateways of nonprod cluster
natIp:: 'sg-0ad9b23a6bce01619',
//This security group allows HTTP traffic from everywhere
http:: 'sg-0be7aeae9826fdd35',
// Cloudflare SG
cdn:: 'sg-0d45e72ff61d8dd53',
},
sslCert:: {
'np.navi-ppl.in':: 'arn:aws:acm:ap-south-1:471112764652:certificate/fd0e85af-3e19-4086-944a-3e12f3b91b31',
},
accessLog:: true,
accessLogBucket:: 'aps1-np-navi-ppl-alb-access-logs',
subnets:: {
internal: 'nonprod-navi-ppl-private-subnet01-ap-south-1a,nonprod-navi-ppl-private-subnet01-ap-south-1b,nonprod-navi-ppl-private-subnet01-ap-south-1c',
},
deletionProtection:: false,
},
},
},
qa:: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-services-alb',
},
},
},
dev:: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-services-alb',
},
},
},
'qa-internal':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-internal-services-alb',
},
},
},
perf:: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'perf-services-alb',
},
},
},
'dev-internal':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-internal-services-alb',
},
},
},
'dev-critical':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-critical-services-alb',
},
},
},
'qa-critical':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-critical-services-alb',
},
},
},
'dev-3p':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'dev-3p-services-alb',
},
},
},
'qa-3p':: self.default {
loadBalancer+:: {
annotations+:: {
alb:: 'qa-3p-services-alb',
},
},
},
},
'aps1.prod.navi-ppl.in':: {
default:: $.baseCluster {
additionalTags+:: {
product:: 'navi-ppl',
},
zalandoEnabled:: false,
flinkBucket: 'navi-flink-navi-ppl-prod',
awsAccountId: 471112770174,
isVpaDeployed:: true,
loadBalancer+:: {
annotations+:: {
webAcl:: 'WAF ACL is not required for this cluster. Use API Gateway or Cloudflare instead.',
securityGroups+:: {
//This security group allows inter k8 cluster communication(nodes security group)
internal:: 'sg-0f938fdee0487d9cb',
//This security group allows packets from office Ips(VPN, LAN etc)
officeIp:: 'sg-0b20b1e4d6bdaacd8',
//This security group allows packets from everywhere
internetFacing:: 'sg-0d203187e4a7fde6f',
natIp:: 'sg-0d6989b921d40fb98',
//This security group allows HTTP traffic from everywhere
http:: 'sg-0e2b16c7bc3151f47',
// Cloudflare SG
cdn:: 'sg-0dbefd59452817bc6',
},
sslCert:: {
'prod.navi-ppl.in':: 'arn:aws:acm:ap-south-1:471112770174:certificate/a9bacc24-150d-4725-a888-cdf340b15e60',
},
accessLog:: true,
accessLogBucket:: 'aps1-prod-navi-ppl-alb-access-logs',
subnets:: {
internal: 'prod-navi-ppl-private-subnet01-ap-south-1a,prod-navi-ppl-private-subnet01-ap-south-1b,prod-navi-ppl-private-subnet01-ap-south-1c',
},
},
},
},
}
}
Reference in New Issue View Git Blame Copy Permalink