view | history | commit | commitdiff
Judd Maltin
2019-04-03 2406f312cb53f2c32f7e3fdaac30d196984624b2
commit | author | age
f8f75d 1 #
WK 2 # ansible inventory for OpenShift Container Platform  3.11.59
3 # AgnosticD ansible-config: ocp-ha-lab
4
5 [OSEv3:vars]
6
7 ###########################################################################
8 ### Ansible Vars
9 ###########################################################################
10 timeout=60
11 ansible_user={{ansible_user}}
12 ansible_become=yes
13
14 ###########################################################################
15 ### OpenShift Basic Vars
16 ###########################################################################
17
18 openshift_deployment_type=openshift-enterprise
19
20 openshift_disable_check="disk_availability,memory_availability,docker_image_availability"
21
22 # OpenShift Version:
23 # If you modify the openshift_image_tag or the openshift_pkg_version variables after the cluster is set up, then an upgrade can be triggered, resulting in downtime.
24 # If openshift_image_tag is set, its value is used for all hosts in system container environments, even those that have another version installed. If
25 # Use this variable to specify a container image tag to install or configure.
26 #openshift_pkg_version is set, its value is used for all hosts in RPM-based environments, even those that have another version installed.
27 openshift_image_tag=v{{ osrelease }}
28 # Use this variable to specify an RPM version to install or configure.
29 openshift_pkg_version=-{{ osrelease }}
30 openshift_release={{ osrelease }}
31
32 {% if container_runtime == "cri-o" %}
33 openshift_use_crio=True
34 openshift_crio_enable_docker_gc=True
35 openshift_crio_docker_gc_node_selector={'runtime': 'cri-o'}
36 {% endif %}
37
38 # Node Groups
39 openshift_node_groups=[{'name': 'node-config-master', 'labels': ['node-role.kubernetes.io/master=true','runtime={{container_runtime}}']}, {'name': 'node-config-infra', 'labels': ['node-role.kubernetes.io/infra=true','runtime={{container_runtime}}']}, {'name': 'node-config-compute', 'labels': ['node-role.kubernetes.io/compute=true','runtime={{container_runtime}}'], 'edits': [{ 'key': 'kubeletArguments.pods-per-core','value': ['20']}]}]
40 # Configure node kubelet arguments. pods-per-core is valid in OpenShift Origin 1.3 or OpenShift Container Platform 3.3 and later. -> These  need to go into the above
41 # openshift_node_kubelet_args={'pods-per-core': ['10'], 'max-pods': ['250'], 'image-gc-high-threshold': ['85'], 'image-gc-low-threshold': ['75']}
42
43 # Configure logrotate scripts
44 # See: https://github.com/nickhammond/ansible-logrotate
45 logrotate_scripts=[{"name": "syslog", "path": "/var/log/cron\n/var/log/maillog\n/var/log/messages\n/var/log/secure\n/var/log/spooler\n", "options": ["daily", "rotate 7","size 500M", "compress", "sharedscripts", "missingok"], "scripts": {"postrotate": "/bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null || true"}}]
46
47 # Deploy Operator Lifecycle Manager Tech Preview
48 openshift_enable_olm=true
49
2406f3 50 openshift_enable_unsupported_configurations=true
JM 51
f8f75d 52 ###########################################################################
WK 53 ### OpenShift Registries Locations
54 ###########################################################################
55
56 #oreg_url=registry.access.redhat.com/openshift3/ose-${component}:${version}
57 oreg_url=registry.redhat.io/openshift3/ose-${component}:${version}
58 oreg_auth_user={{ redhat_registry_user }}
59 oreg_auth_password={{ redhat_registry_password }}
60
61 # For Operator Framework Images
62 openshift_additional_registry_credentials=[{'host':'registry.connect.redhat.com','user':'{{ redhat_registry_user }}','password':'{{ redhat_registry_password }}','test_image':'mongodb/enterprise-operator:0.3.2'}]
63
64 openshift_examples_modify_imagestreams=true
65
66 {% if install_glusterfs|bool %}
67 ###########################################################################
68 ### OpenShift Container Storage
69 ###########################################################################
70
71 openshift_master_dynamic_provisioning_enabled=True
72
73 # CNS storage cluster
74 # From https://github.com/red-hat-storage/openshift-cic
75 openshift_storage_glusterfs_namespace=openshift-storage
76 openshift_storage_glusterfs_storageclass=true
77 openshift_storage_glusterfs_storageclass_default=false
78
79 openshift_storage_glusterfs_block_deploy=true
80 openshift_storage_glusterfs_block_host_vol_create=true
81 openshift_storage_glusterfs_block_host_vol_size=200
82 openshift_storage_glusterfs_block_storageclass=true
83 openshift_storage_glusterfs_block_storageclass_default=true
84
85 # Container image to use for glusterfs pods
86 openshift_storage_glusterfs_image="registry.access.redhat.com/rhgs3/rhgs-server-rhel7:{{ glusterfs_image_tag }}"
87
88 # Container image to use for glusterblock-provisioner pod
89 openshift_storage_glusterfs_block_image="registry.access.redhat.com/rhgs3/rhgs-gluster-block-prov-rhel7:{{ glusterfs_image_tag }}"
90
91 # Container image to use for heketi pods
92 openshift_storage_glusterfs_heketi_image="registry.access.redhat.com/rhgs3/rhgs-volmanager-rhel7:{{ glusterfs_image_tag }}"
93
94 # GlusterFS version
95 #  Knowledgebase
96 #   https://access.redhat.com/solutions/3617551
97 #  Bugzilla
98 #   https://bugzilla.redhat.com/show_bug.cgi?id=163.1057
99 #  Complete OpenShift GlusterFS Configuration README
100 #   https://github.com/openshift/openshift-ansible/tree/master/roles/openshift_storage_glusterfs
101 openshift_storage_glusterfs_version=v3.10
102 openshift_storage_glusterfs_block_version=v3.10
103 openshift_storage_glusterfs_s3_version=v3.10
104 openshift_storage_glusterfs_heketi_version=v3.10
105 # openshift_storage_glusterfs_registry_version=v3.10
106 # openshift_storage_glusterfs_registry_block_version=v3.10
107 # openshift_storage_glusterfs_registry_s3_version=v3.10
108 # openshift_storage_glusterfs_registry_heketi_version=v3.10
109 {% endif %}
110
111 {% if install_nfs|bool %}
112 # Set this line to enable NFS
113 openshift_enable_unsupported_configurations=True
114 {% endif %}
115
116 ###########################################################################
117 ### OpenShift Master Vars
118 ###########################################################################
119
120 openshift_master_api_port={{master_api_port}}
121 openshift_master_console_port={{master_api_port}}
122
123 #Default:  openshift_master_cluster_method=native
124 openshift_master_cluster_hostname=loadbalancer.{{guid}}.internal
125 openshift_master_cluster_public_hostname={{master_lb_dns}}
126 openshift_master_default_subdomain={{cloudapps_suffix}}
127 #openshift_master_ca_certificate={'certfile': '/root/intermediate_ca.crt', 'keyfile': '/root/intermediate_ca.key'}
128 openshift_master_overwrite_named_certificates={{openshift_master_overwrite_named_certificates}}
129
130 # Audit log
131 # openshift_master_audit_config={"enabled": true, "auditFilePath": "/var/log/openpaas-oscp-audit/openpaas-oscp-audit.log", "maximumFileRetentionDays": 14, "maximumFileSizeMegabytes": 500, "maximumRetainedFiles": 5}
132
133 # ocp-ha-lab
134 # AWS Autoscaler
135 #openshift_master_bootstrap_auto_approve=false
136 # This variable is a cluster identifier unique to the AWS Availability Zone. Using this avoids potential issues in Amazon Web Services (AWS) with multiple zones or multiple clusters.
137 #openshift_clusterid
138
139 ###########################################################################
140 ### OpenShift Network Vars
141 ###########################################################################
142
143 osm_cluster_network_cidr=10.1.0.0/16
144 openshift_portal_net=172.30.0.0/16
145
146 # os_sdn_network_plugin_name='redhat/openshift-ovs-networkpolicy'
147 {{multi_tenant_setting}}
148
149 ###########################################################################
150 ### OpenShift Authentication Vars
151 ###########################################################################
152
153
154 # LDAP AND HTPASSWD Authentication (download ipa-ca.crt first)
155 # openshift_master_identity_providers=[{'name': 'ldap', 'challenge': 'true', 'login': 'true', 'kind': 'LDAPPasswordIdentityProvider','attributes': {'id': ['dn'], 'email': ['mail'], 'name': ['cn'], 'preferredUsername': ['uid']}, 'bindDN': 'uid=admin,cn=users,cn=accounts,dc=shared,dc=example,dc=opentlc,dc=com', 'bindPassword': 'r3dh4t1!', 'ca': '/etc/origin/master/ipa-ca.crt','insecure': 'false', 'url': 'ldaps://ipa.shared.example.opentlc.com:636/cn=users,cn=accounts,dc=shared,dc=example,dc=opentlc,dc=com?uid?sub?(memberOf=cn=ocp-users,cn=groups,cn=accounts,dc=shared,dc=example,dc=opentlc,dc=com)'},{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider'}]
156
157 # Just LDAP
2406f3 158 #openshift_master_identity_providers=[{'name': 'ldap', 'challenge': 'true', 'login': 'true', 'kind': 'LDAPPasswordIdentityProvider','attributes': {'id': ['dn'], 'email': ['mail'], 'name': ['cn'], 'preferredUsername': ['uid']}, 'bindDN': 'uid=admin,cn=users,cn=accounts,dc=shared,dc=example,dc=opentlc,dc=com', 'bindPassword': 'r3dh4t1!', 'ca': '/etc/origin/master/ipa-ca.crt','insecure': 'false', 'url': 'ldaps://ipa.shared.example.opentlc.com:636/cn=users,cn=accounts,dc=shared,dc=example,dc=opentlc,dc=com?uid?sub?(memberOf=cn=ocp-users,cn=groups,cn=accounts,dc=shared,dc=example,dc=opentlc,dc=com)'}]
f8f75d 159
WK 160 # Just HTPASSWD
2406f3 161 openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider'}]
f8f75d 162
WK 163 # LDAP and HTPASSWD dependencies
164
165 openshift_master_htpasswd_file=/root/htpasswd.openshift
2406f3 166 #openshift_master_ldap_ca_file=/root/ipa-ca.crt
f8f75d 167
WK 168 {% if admission_plugin_config is defined %}
169 ###########################################################################
170 ### OpenShift admission plugin config
171 ###########################################################################
172
173 openshift_master_admission_plugin_config={{admission_plugin_config|to_json}}
174 {% endif %}
175
176 ###########################################################################
177 ### OpenShift Metrics and Logging Vars
178 ###########################################################################
179
180 #########################
181 # Prometheus Metrics
182 #########################
183
184 openshift_hosted_prometheus_deploy=true
185 openshift_prometheus_namespace=openshift-metrics
186 openshift_prometheus_node_selector={"node-role.kubernetes.io/infra":"true"}
187
188 openshift_cluster_monitoring_operator_install=true
189
190 {% if install_glusterfs|bool %}
191 openshift_cluster_monitoring_operator_prometheus_storage_capacity=20Gi
192 openshift_cluster_monitoring_operator_alertmanager_storage_capacity=2Gi
193 openshift_cluster_monitoring_operator_prometheus_storage_enabled=True
194 openshift_cluster_monitoring_operator_alertmanager_storage_enabled=True
195
196 # The next two will be enabled in 3.11.z
197 # will use deafult storage class until then
198 # so set the block storage class as default
199
200 # openshift_cluster_monitoring_operator_prometheus_storage_class_name='glusterfs-storage-block'
201 # openshift_cluster_monitoring_operator_alertmanager_storage_class_name='glusterfs-storage-block'
202 {% endif %}
203
204 ########################
205 # Cluster Metrics
206 ########################
207
208 openshift_metrics_install_metrics={{install_metrics}}
209
210 {% if install_nfs|bool and not install_glusterfs|bool %}
211 openshift_metrics_storage_kind=nfs
212 openshift_metrics_storage_access_modes=['ReadWriteOnce']
213 openshift_metrics_storage_nfs_directory=/srv/nfs
214 openshift_metrics_storage_nfs_options='*(rw,root_squash)'
215 openshift_metrics_storage_volume_name=metrics
216 openshift_metrics_storage_volume_size=10Gi
217 openshift_metrics_storage_labels={'storage': 'metrics'}
218 openshift_metrics_cassandra_pvc_storage_class_name=''
219 {% endif %}
220
221 {% if install_glusterfs|bool %}
222 openshift_metrics_cassandra_storage_type=dynamic
223 openshift_metrics_cassandra_pvc_storage_class_name='glusterfs-storage-block'
224 {% endif %}
225
226 openshift_metrics_hawkular_nodeselector={"node-role.kubernetes.io/infra": "true"}
227 openshift_metrics_cassandra_nodeselector={"node-role.kubernetes.io/infra": "true"}
228 openshift_metrics_heapster_nodeselector={"node-role.kubernetes.io/infra": "true"}
229
230 # Store Metrics for 2 days
231 openshift_metrics_duration=2
232
233 # Suggested Quotas and limits for Prometheus components:
234 openshift_prometheus_memory_requests=2Gi
235 openshift_prometheus_cpu_requests=750m
236 openshift_prometheus_memory_limit=2Gi
237 openshift_prometheus_cpu_limit=750m
238 openshift_prometheus_alertmanager_memory_requests=300Mi
239 openshift_prometheus_alertmanager_cpu_requests=200m
240 openshift_prometheus_alertmanager_memory_limit=300Mi
241 openshift_prometheus_alertmanager_cpu_limit=200m
242 openshift_prometheus_alertbuffer_memory_requests=300Mi
243 openshift_prometheus_alertbuffer_cpu_requests=200m
244 openshift_prometheus_alertbuffer_memory_limit=300Mi
245 openshift_prometheus_alertbuffer_cpu_limit=200m
246
247 {# The following file will need to be copied over to the bastion before deployment
248 # There is an example in ocp-workshop/files
249 # openshift_prometheus_additional_rules_file=/root/prometheus_alerts_rules.yml #}
250
251 # Grafana
252 openshift_grafana_node_selector={"node-role.kubernetes.io/infra":"true"}
253 openshift_grafana_storage_type=pvc
254 openshift_grafana_pvc_size=2Gi
255 openshift_grafana_node_exporter=true
256 {% if install_glusterfs|bool %}
257 openshift_grafana_sc_name=glusterfs-storage
258 {% endif %}
259
260 ########################
261 # Cluster Logging
262 ########################
263
264 openshift_logging_install_logging={{install_logging}}
265 openshift_logging_install_eventrouter={{install_logging}}
266
267 {% if install_nfs|bool and not install_glusterfs|bool %}
268 openshift_logging_storage_kind=nfs
269 openshift_logging_storage_access_modes=['ReadWriteOnce']
270 openshift_logging_storage_nfs_directory=/srv/nfs
271 openshift_logging_storage_nfs_options='*(rw,root_squash)'
272 openshift_logging_storage_volume_name=logging
273 openshift_logging_storage_volume_size=10Gi
274 openshift_logging_storage_labels={'storage': 'logging'}
275 openshift_logging_es_pvc_storage_class_name=''
276 {% endif %}
277 {% if install_glusterfs|bool %}
278 openshift_logging_es_pvc_dynamic=true
279 openshift_logging_es_pvc_size=20Gi
280 openshift_logging_es_pvc_storage_class_name='glusterfs-storage-block'
281 {% endif %}
282 openshift_logging_es_memory_limit=8Gi
283 openshift_logging_es_cluster_size=1
284 openshift_logging_curator_default_days=2
285
286 openshift_logging_kibana_nodeselector={"node-role.kubernetes.io/infra": "true"}
287 openshift_logging_curator_nodeselector={"node-role.kubernetes.io/infra": "true"}
288 openshift_logging_es_nodeselector={"node-role.kubernetes.io/infra": "true"}
289 openshift_logging_eventrouter_nodeselector={"node-role.kubernetes.io/infra": "true"}
290
291 ###########################################################################
292 ### OpenShift Router and Registry Vars
293 ###########################################################################
294
295 # default selectors for router and registry services
296 # openshift_router_selector='node-role.kubernetes.io/infra=true'
297 # openshift_registry_selector='node-role.kubernetes.io/infra=true'
298
299 openshift_hosted_router_replicas={{infranode_instance_count}}
300
301 # openshift_hosted_router_certificate={"certfile": "/path/to/router.crt", "keyfile": "/path/to/router.key", "cafile": "/path/to/router-ca.crt"}
302
303 openshift_hosted_registry_replicas=1
304 openshift_hosted_registry_pullthrough=true
305 openshift_hosted_registry_acceptschema2=true
306 openshift_hosted_registry_enforcequota=true
307
308 {% if install_glusterfs|bool %}
309 openshift_hosted_registry_storage_kind=glusterfs
310 openshift_hosted_registry_storage_volume_size=10Gi
311 openshift_hosted_registry_selector="node-role.kubernetes.io/infra=true"
312 {% endif %}
313
314 {% if install_nfs|bool %}
315 openshift_hosted_registry_storage_kind=nfs
316 openshift_hosted_registry_storage_access_modes=['ReadWriteMany']
317 openshift_hosted_registry_storage_nfs_directory=/srv/nfs
318 openshift_hosted_registry_storage_nfs_options='*(rw,root_squash)'
319 openshift_hosted_registry_storage_volume_name=registry
320 openshift_hosted_registry_storage_volume_size=20Gi
321 {% endif %}
322
323 ###########################################################################
324 ### OpenShift Service Catalog Vars
325 ###########################################################################
326
327 # default=true
328 openshift_enable_service_catalog=true
329
330 # default=true
331 template_service_broker_install=true
332 openshift_template_service_broker_namespaces=['openshift']
333
334 # default=true
335 ansible_service_broker_install=true
336 ansible_service_broker_local_registry_whitelist=['.*-apb$']
337
338 ###########################################################################
339 ### OpenShift Hosts
340 ###########################################################################
341 # openshift_node_labels DEPRECATED
342 # openshift_node_problem_detector_install
343
344 [OSEv3:children]
345 lb
346 masters
347 etcd
348 nodes
349 {% if install_nfs|bool %}
350 nfs
351 {% endif %}
352 {% if install_glusterfs|bool %}
353 glusterfs
354 {% endif %}
355
356 [lb]
357 {% for host in groups['loadbalancers'] %}
358 {{ hostvars[host].internaldns }}
359 {% endfor %}
360
361 [masters]
362 {% for host in groups['masters']|sort %}
363 {{ hostvars[host].internaldns }}
364 {% endfor %}
365
366 [etcd]
367 {% for host in groups['masters']|sort %}
368 {{ hostvars[host].internaldns }}
369 {% endfor %}
370
371 [nodes]
372 ## These are the masters
373 {% for host in groups['masters']|sort %}
374 {{ hostvars[host].internaldns }} openshift_node_group_name='node-config-master' openshift_node_problem_detector_install=true
375 {% endfor %}
376
377 ## These are infranodes
378 {% for host in groups['infranodes']|sort %}
379 {{ hostvars[host].internaldns }} openshift_node_group_name='node-config-infra' openshift_node_problem_detector_install=true
380 {% endfor %}
381
382 ## These are regular nodes
383 {% for host in groups['nodes']|sort %}
384 {{ hostvars[host].internaldns }} openshift_node_group_name='node-config-compute' openshift_node_problem_detector_install=true
385 {% endfor %}
386
387 {% if install_glusterfs|bool %}
388 ## These are OCS nodes
389 {% for host in groups['support']|sort %}
390 {{ hostvars[host].internaldns }} openshift_node_group_name='node-config-compute' openshift_node_problem_detector_install=true
391 {% endfor %}
392 {% endif %}
393
394 {% if install_nfs|bool %}
395 [nfs]
396 {% for host in [groups['support']|sort|first] %}
397 {{ hostvars[host].internaldns }}
398 {% endfor %}
399 {% endif %}
400
401 {% if install_glusterfs|bool %}
402 [glusterfs]
403 {% for host in groups['support']|sort %}
404 {{ hostvars[host].internaldns }} glusterfs_devices='[ "{{ glusterfs_app_device_name }}" ]'
405 {% endfor %}
406 {% endif %}