commit | author | age
|
60154a
|
1 |
## TODO: What variables can we strip out of here to build complex variables? |
S |
2 |
## i.e. what can we add into group_vars as opposed to config_vars? |
|
3 |
## Example: We don't really need "subdomain_base_short". If we want to use this, |
|
4 |
## should just toss in group_vars/all. |
|
5 |
### Also, we should probably just create a variable reference in the README.md |
|
6 |
### For now, just tagging comments in line with configuration file. |
|
7 |
|
|
8 |
### Vars that can be removed: |
|
9 |
# use_satellite: true |
|
10 |
# use_subscription_manager: false |
|
11 |
# use_own_repos: false |
|
12 |
|
|
13 |
###### VARIABLES YOU SHOULD CONFIGURE FOR YOUR DEPLOYEMNT |
|
14 |
###### OR PASS as "-e" args to ansible-playbook command |
|
15 |
|
3cc138
|
16 |
|
60154a
|
17 |
### Common Host settings |
S |
18 |
|
|
19 |
repo_method: file # Other Options are: file, satellite and rhn |
|
20 |
|
5e0741
|
21 |
install_ipa_client: false |
eaa641
|
22 |
|
GC |
23 |
install_student_user: false |
60154a
|
24 |
# Do you want to run a full yum update |
S |
25 |
update_packages: false |
|
26 |
#If using repo_method: satellite, you must set these values as well. |
e494d6
|
27 |
# satellite_url: satellite.example.com |
60154a
|
28 |
# satellite_org: Sat_org_name |
S |
29 |
# satellite_activationkey: "rhel7basic" |
|
30 |
|
|
31 |
## guid is the deployment unique identifier, it will be appended to all tags, |
|
32 |
## files and anything that identifies this environment from another "just like it" |
|
33 |
guid: defaultguid |
3cc138
|
34 |
|
GC |
35 |
# This var is used to identify stack (cloudformation, azure resourcegroup, ...) |
|
36 |
project_tag: "{{ env_type }}-{{ guid }}" |
|
37 |
|
60154a
|
38 |
# This is where the ssh_config file will be created, this file is used to |
S |
39 |
# define the communication method to all the hosts in the deployment |
281c84
|
40 |
deploy_local_ssh_config_location: "{{output_dir}}/" |
60154a
|
41 |
|
S |
42 |
install_bastion: true |
|
43 |
install_common: true |
acbd9a
|
44 |
## SB Don't set software_to_deploy from here, always use extra vars (-e) or "none" will be used |
S |
45 |
#software_to_deploy:: none |
60154a
|
46 |
|
00ffb6
|
47 |
repo_version: "3.6" |
60154a
|
48 |
|
S |
49 |
### If you want a Key Pair name created and injected into the hosts, |
|
50 |
# set `set_env_authorized_key` to true and set the keyname in `env_authorized_key` |
|
51 |
# you can use the key used to create the environment or use your own self generated key |
|
52 |
# if you set "use_own_key" to false your PRIVATE key will be copied to the bastion. (This is {{key_name}}) |
|
53 |
use_own_key: true |
|
54 |
env_authorized_key: "{{guid}}key" |
|
55 |
ansible_ssh_private_key_file: ~/.ssh/{{key_name}}.pem |
|
56 |
set_env_authorized_key: true |
|
57 |
|
|
58 |
# Is this running from Red Hat Ansible Tower |
|
59 |
tower_run: false |
5e0741
|
60 |
### Azure |
3cc138
|
61 |
|
GC |
62 |
# Create a dedicated resourceGroup for this deployment |
|
63 |
az_destroy_method: resource_group |
|
64 |
az_resource_group: "{{ project_tag }}" |
|
65 |
|
|
66 |
# you can operate differently: if you share on resourceGroup for all you deployments, |
|
67 |
# you can specify a different resourceGroup and method: |
|
68 |
#az_destroy_method: deployment |
|
69 |
#az_resource_group: my-shared-resource-group |
60154a
|
70 |
|
S |
71 |
### AWS EC2 Environment settings |
|
72 |
|
|
73 |
### Route 53 Zone ID (AWS) |
|
74 |
# This is the Route53 HostedZoneId where you will create your Public DNS entries |
|
75 |
# This only needs to be defined if your CF template uses route53 |
|
76 |
HostedZoneId: Z3IHLWJZOU9SRT |
|
77 |
# The region to be used, if not specified by -e in the command line |
|
78 |
aws_region: ap-southeast-2 |
|
79 |
# The key that is used to |
|
80 |
key_name: "default_key_name" |
|
81 |
|
|
82 |
## Networking (AWS) |
|
83 |
subdomain_base_short: "{{ guid }}" |
|
84 |
subdomain_base_suffix: ".example.opentlc.com" |
|
85 |
subdomain_base: "{{subdomain_base_short}}{{subdomain_base_suffix}}" |
|
86 |
|
|
87 |
## Environment Sizing |
|
88 |
|
|
89 |
bastion_instance_type: "t2.medium" |
|
90 |
|
|
91 |
frontend_instance_type: "t2.small" |
|
92 |
app_instance_type: "{{frontend_instance_type}}" |
|
93 |
appdb_instance_type: "{{frontend_instance_type}}" |
00ffb6
|
94 |
support_instance_type: "t2.small" |
60154a
|
95 |
|
S |
96 |
frontend_instance_count: 1 |
|
97 |
app_instance_count: 2 |
|
98 |
appdb_instance_count: 1 |
00ffb6
|
99 |
support_instance_count: 1 |
928f77
|
100 |
rootfs_size_bastion: 50 |
bc1ba6
|
101 |
|
00ffb6
|
102 |
instances: |
928f77
|
103 |
- name: "bastion" |
GC |
104 |
count: 1 |
|
105 |
unique: true |
|
106 |
public_dns: true |
|
107 |
dns_loadbalancer: true |
45ecdb
|
108 |
image_id: RHELAMI |
928f77
|
109 |
flavor: |
GC |
110 |
ec2: "{{bastion_instance_type}}" |
|
111 |
azure: Standard_A2_V2 |
|
112 |
tags: |
|
113 |
- key: "AnsibleGroup" |
|
114 |
value: "bastions" |
|
115 |
- key: "ostype" |
|
116 |
value: "linux" |
95ab35
|
117 |
- key: "instance_filter" |
5e0741
|
118 |
value: "{{ env_type }}-{{ email }}" |
928f77
|
119 |
rootfs_size: "{{ rootfs_size_bastion }}" |
GC |
120 |
|
00ffb6
|
121 |
- name: "frontend" |
S |
122 |
count: "{{frontend_instance_count}}" |
|
123 |
public_dns: true |
c72173
|
124 |
dns_loadbalancer: true |
45ecdb
|
125 |
image_id: RHELAMI |
00ffb6
|
126 |
flavor: |
928f77
|
127 |
ec2: "{{frontend_instance_type}}" |
GC |
128 |
azure: "Standard_A2_V2" |
00ffb6
|
129 |
tags: |
S |
130 |
- key: "AnsibleGroup" |
|
131 |
value: "frontends" |
|
132 |
- key: "ostype" |
bc1ba6
|
133 |
value: "linux" |
95ab35
|
134 |
- key: "instance_filter" |
PS |
135 |
value: "{{ env_type }}-{{ email }}" |
928f77
|
136 |
|
00ffb6
|
137 |
- name: "app" |
S |
138 |
count: "{{app_instance_count}}" |
|
139 |
public_dns: true |
45ecdb
|
140 |
image_id: RHELAMI |
00ffb6
|
141 |
flavor: |
928f77
|
142 |
ec2: "{{app_instance_type}}" |
GC |
143 |
azure: "Standard_A2_V2" |
00ffb6
|
144 |
tags: |
S |
145 |
- key: "AnsibleGroup" |
|
146 |
value: "apps" |
|
147 |
- key: "ostype" |
|
148 |
value: "rhel" |
95ab35
|
149 |
- key: "instance_filter" |
PS |
150 |
value: "{{ env_type }}-{{ email }}" |
00ffb6
|
151 |
key_name: "{{key_name}}" |
928f77
|
152 |
|
00ffb6
|
153 |
- name: "appdb" |
S |
154 |
count: "{{appdb_instance_count}}" |
|
155 |
public_dns: true |
45ecdb
|
156 |
image_id: RHELAMI |
00ffb6
|
157 |
flavor: |
928f77
|
158 |
ec2: "{{appdb_instance_type}}" |
GC |
159 |
azure: "Standard_A2_V2" |
00ffb6
|
160 |
tags: |
S |
161 |
- key: "AnsibleGroup" |
|
162 |
value: "appdbs" |
|
163 |
- key: "ostype" |
|
164 |
value: "rhel" |
95ab35
|
165 |
- key: "instance_filter" |
5e0741
|
166 |
value: "{{ env_type }}-{{ email }}" |
00ffb6
|
167 |
key_name: "{{key_name}}" |
928f77
|
168 |
|
00ffb6
|
169 |
- name: "support" |
S |
170 |
count: "{{support_instance_count}}" |
|
171 |
public_dns: true |
45ecdb
|
172 |
image_id: RHELAMI |
00ffb6
|
173 |
flavor: |
928f77
|
174 |
ec2: "{{support_instance_type}}" |
GC |
175 |
azure: "Standard_A2_V2" |
00ffb6
|
176 |
tags: |
S |
177 |
- key: "AnsibleGroup" |
|
178 |
value: "support" |
|
179 |
- key: "ostype" |
|
180 |
value: "rhel" |
95ab35
|
181 |
- key: "instance_filter" |
PS |
182 |
value: "{{ env_type }}-{{ email }}" |
00ffb6
|
183 |
key_name: "{{key_name}}" |
60154a
|
184 |
|
S |
185 |
###### VARIABLES YOU SHOULD ***NOT*** CONFIGURE FOR YOUR DEPLOYEMNT |
|
186 |
###### You can, but you usually wouldn't need to. |
8fa982
|
187 |
ansible_user: ec2-user |
60154a
|
188 |
remote_user: ec2-user |
S |
189 |
|
|
190 |
common_packages: |
|
191 |
- python |
|
192 |
- unzip |
|
193 |
- bash-completion |
|
194 |
- tmux |
|
195 |
- bind-utils |
|
196 |
- wget |
|
197 |
- git |
|
198 |
- vim-enhanced |
|
199 |
- at |
|
200 |
- ansible |
|
201 |
|
|
202 |
rhel_repos: |
|
203 |
- rhel-7-server-rpms |
|
204 |
- rhel-7-server-extras-rpms |
|
205 |
- epel-release-latest-7 |
|
206 |
## Currently there is no NFS created for this Environment - See ocp-workshop for clues. |
|
207 |
# ## NFS Server settings |
|
208 |
# nfs_vg: nfsvg |
|
209 |
# nfs_pvs: /dev/xvdb |
|
210 |
# nfs_export_path: /srv/nfs |
|
211 |
# |
|
212 |
# nfs_shares: |
|
213 |
# - es-storage |
|
214 |
# - user-vols |
|
215 |
# - jenkins |
|
216 |
# - nexus |
|
217 |
# - nexus2 |
|
218 |
|
feca86
|
219 |
|
60154a
|
220 |
zone_internal_dns: "{{guid}}.internal." |
S |
221 |
chomped_zone_internal_dns: "{{guid}}.internal" |
feca86
|
222 |
|
60154a
|
223 |
frontend_public_dns: "frontendlb.{{subdomain_base}}." |
S |
224 |
#tower_public_dns: "tower.{{subdomain_base}}." |
|
225 |
bastion_public_dns: "bastion.{{subdomain_base}}." |
|
226 |
bastion_public_dns_chomped: "bastion.{{subdomain_base}}" |
|
227 |
vpcid_cidr_block: "192.168.0.0/16" |
|
228 |
vpcid_name_tag: "{{subdomain_base}}" |
|
229 |
|
|
230 |
az_1_name: "{{ aws_region }}a" |
|
231 |
az_2_name: "{{ aws_region }}b" |
|
232 |
|
|
233 |
subnet_private_1_cidr_block: "192.168.2.0/24" |
|
234 |
subnet_private_1_az: "{{ az_2_name }}" |
|
235 |
subnet_private_1_name_tag: "{{subdomain_base}}-private" |
|
236 |
|
|
237 |
subnet_private_2_cidr_block: "192.168.1.0/24" |
|
238 |
subnet_private_2_az: "{{ az_1_name }}" |
|
239 |
subnet_private_2_name_tag: "{{subdomain_base}}-private" |
|
240 |
|
|
241 |
subnet_public_1_cidr_block: "192.168.10.0/24" |
|
242 |
subnet_public_1_az: "{{ az_1_name }}" |
|
243 |
subnet_public_1_name_tag: "{{subdomain_base}}-public" |
|
244 |
|
|
245 |
subnet_public_2_cidr_block: "192.168.20.0/24" |
|
246 |
subnet_public_2_az: "{{ az_2_name }}" |
|
247 |
subnet_public_2_name_tag: "{{subdomain_base}}-public" |
|
248 |
|
|
249 |
dopt_domain_name: "{{ aws_region }}.compute.internal" |
|
250 |
|
|
251 |
rtb_public_name_tag: "{{subdomain_base}}-public" |
|
252 |
rtb_private_name_tag: "{{subdomain_base}}-private" |
|
253 |
|
|
254 |
|
|
255 |
cf_template_description: "{{ env_type }}-{{ guid }} Ansible Agnostic Deployer " |