| commit | author | age | ||
| 60154a | 1 | ## TODO: What variables can we strip out of here to build complex variables? |
| S | 2 | ## i.e. what can we add into group_vars as opposed to config_vars? |
| 3 | ## Example: We don't really need "subdomain_base_short". If we want to use this, | |
| 4 | ## should just toss in group_vars/all. | |
| 5 | ### Also, we should probably just create a variable reference in the README.md | |
| 6 | ### For now, just tagging comments in line with configuration file. | |
| 7 | ||
| 8 | ### Vars that can be removed: | |
| 9 | # use_satellite: true | |
| 10 | # use_subscription_manager: false | |
| 11 | # use_own_repos: false | |
| 12 | ||
| 13 | ###### VARIABLES YOU SHOULD CONFIGURE FOR YOUR DEPLOYEMNT | |
| 14 | ###### OR PASS as "-e" args to ansible-playbook command | |
| 15 | ||
| 3cc138 | 16 | |
| 60154a | 17 | ### Common Host settings |
| S | 18 | |
| 19 | repo_method: file # Other Options are: file, satellite and rhn | |
| 20 | ||
| 5e0741 | 21 | install_ipa_client: false |
| eaa641 | 22 | |
| GC | 23 | install_student_user: false |
| 60154a | 24 | # Do you want to run a full yum update |
| S | 25 | update_packages: false |
| 26 | #If using repo_method: satellite, you must set these values as well. | |
| e494d6 | 27 | # satellite_url: satellite.example.com |
| 60154a | 28 | # satellite_org: Sat_org_name |
| S | 29 | # satellite_activationkey: "rhel7basic" |
| 30 | ||
| 31 | ## guid is the deployment unique identifier, it will be appended to all tags, | |
| 32 | ## files and anything that identifies this environment from another "just like it" | |
| 33 | guid: defaultguid | |
| 3cc138 | 34 | |
| GC | 35 | # This var is used to identify stack (cloudformation, azure resourcegroup, ...) |
| 36 | project_tag: "{{ env_type }}-{{ guid }}" | |
| 37 | ||
| 60154a | 38 | # This is where the ssh_config file will be created, this file is used to |
| S | 39 | # define the communication method to all the hosts in the deployment |
| 281c84 | 40 | deploy_local_ssh_config_location: "{{output_dir}}/" |
| 60154a | 41 | |
| S | 42 | install_bastion: true |
| 43 | install_common: true | |
| acbd9a | 44 | ## SB Don't set software_to_deploy from here, always use extra vars (-e) or "none" will be used |
| S | 45 | #software_to_deploy:: none |
| 60154a | 46 | |
| 00ffb6 | 47 | repo_version: "3.6" |
| 60154a | 48 | |
| S | 49 | ### If you want a Key Pair name created and injected into the hosts, |
| 50 | # set `set_env_authorized_key` to true and set the keyname in `env_authorized_key` | |
| 51 | # you can use the key used to create the environment or use your own self generated key | |
| 52 | # if you set "use_own_key" to false your PRIVATE key will be copied to the bastion. (This is {{key_name}}) | |
| 53 | use_own_key: true | |
| 54 | env_authorized_key: "{{guid}}key" | |
| 55 | ansible_ssh_private_key_file: ~/.ssh/{{key_name}}.pem | |
| 56 | set_env_authorized_key: true | |
| 57 | ||
| 58 | # Is this running from Red Hat Ansible Tower | |
| 59 | tower_run: false | |
| 5e0741 | 60 | ### Azure |
| 3cc138 | 61 | |
| GC | 62 | # Create a dedicated resourceGroup for this deployment |
| 63 | az_destroy_method: resource_group | |
| 64 | az_resource_group: "{{ project_tag }}" | |
| 65 | ||
| 66 | # you can operate differently: if you share on resourceGroup for all you deployments, | |
| 67 | # you can specify a different resourceGroup and method: | |
| 68 | #az_destroy_method: deployment | |
| 69 | #az_resource_group: my-shared-resource-group | |
| 60154a | 70 | |
| S | 71 | ### AWS EC2 Environment settings |
| 72 | ||
| 73 | ### Route 53 Zone ID (AWS) | |
| 74 | # This is the Route53 HostedZoneId where you will create your Public DNS entries | |
| 75 | # This only needs to be defined if your CF template uses route53 | |
| 76 | HostedZoneId: Z3IHLWJZOU9SRT | |
| 77 | # The region to be used, if not specified by -e in the command line | |
| 78 | aws_region: ap-southeast-2 | |
| 79 | # The key that is used to | |
| 80 | key_name: "default_key_name" | |
| 81 | ||
| 82 | ## Networking (AWS) | |
| 83 | subdomain_base_short: "{{ guid }}" | |
| 84 | subdomain_base_suffix: ".example.opentlc.com" | |
| 85 | subdomain_base: "{{subdomain_base_short}}{{subdomain_base_suffix}}" | |
| 86 | ||
| 87 | ## Environment Sizing | |
| 88 | ||
| 89 | bastion_instance_type: "t2.medium" | |
| 90 | ||
| 91 | frontend_instance_type: "t2.small" | |
| 92 | app_instance_type: "{{frontend_instance_type}}" | |
| 93 | appdb_instance_type: "{{frontend_instance_type}}" | |
| 00ffb6 | 94 | support_instance_type: "t2.small" |
| 60154a | 95 | |
| S | 96 | frontend_instance_count: 1 |
| 97 | app_instance_count: 2 | |
| 98 | appdb_instance_count: 1 | |
| 00ffb6 | 99 | support_instance_count: 1 |
| 928f77 | 100 | rootfs_size_bastion: 50 |
| bc1ba6 | 101 | |
| 00ffb6 | 102 | instances: |
| 928f77 | 103 | - name: "bastion" |
| GC | 104 | count: 1 |
| 105 | unique: true | |
| 106 | public_dns: true | |
| 107 | dns_loadbalancer: true | |
| 45ecdb | 108 | image_id: RHELAMI |
| 928f77 | 109 | flavor: |
| GC | 110 | ec2: "{{bastion_instance_type}}" |
| 111 | azure: Standard_A2_V2 | |
| 112 | tags: | |
| 113 | - key: "AnsibleGroup" | |
| 114 | value: "bastions" | |
| 115 | - key: "ostype" | |
| 116 | value: "linux" | |
| 95ab35 | 117 | - key: "instance_filter" |
| 5e0741 | 118 | value: "{{ env_type }}-{{ email }}" |
| 928f77 | 119 | rootfs_size: "{{ rootfs_size_bastion }}" |
| GC | 120 | |
| 00ffb6 | 121 | - name: "frontend" |
| S | 122 | count: "{{frontend_instance_count}}" |
| 123 | public_dns: true | |
| c72173 | 124 | dns_loadbalancer: true |
| 45ecdb | 125 | image_id: RHELAMI |
| 00ffb6 | 126 | flavor: |
| 928f77 | 127 | ec2: "{{frontend_instance_type}}" |
| GC | 128 | azure: "Standard_A2_V2" |
| 00ffb6 | 129 | tags: |
| S | 130 | - key: "AnsibleGroup" |
| 131 | value: "frontends" | |
| 132 | - key: "ostype" | |
| bc1ba6 | 133 | value: "linux" |
| 95ab35 | 134 | - key: "instance_filter" |
| PS | 135 | value: "{{ env_type }}-{{ email }}" |
| 928f77 | 136 | |
| 00ffb6 | 137 | - name: "app" |
| S | 138 | count: "{{app_instance_count}}" |
| 139 | public_dns: true | |
| 45ecdb | 140 | image_id: RHELAMI |
| 00ffb6 | 141 | flavor: |
| 928f77 | 142 | ec2: "{{app_instance_type}}" |
| GC | 143 | azure: "Standard_A2_V2" |
| 00ffb6 | 144 | tags: |
| S | 145 | - key: "AnsibleGroup" |
| 146 | value: "apps" | |
| 147 | - key: "ostype" | |
| 148 | value: "rhel" | |
| 95ab35 | 149 | - key: "instance_filter" |
| PS | 150 | value: "{{ env_type }}-{{ email }}" |
| 00ffb6 | 151 | key_name: "{{key_name}}" |
| 928f77 | 152 | |
| 00ffb6 | 153 | - name: "appdb" |
| S | 154 | count: "{{appdb_instance_count}}" |
| 155 | public_dns: true | |
| 45ecdb | 156 | image_id: RHELAMI |
| 00ffb6 | 157 | flavor: |
| 928f77 | 158 | ec2: "{{appdb_instance_type}}" |
| GC | 159 | azure: "Standard_A2_V2" |
| 00ffb6 | 160 | tags: |
| S | 161 | - key: "AnsibleGroup" |
| 162 | value: "appdbs" | |
| 163 | - key: "ostype" | |
| 164 | value: "rhel" | |
| 95ab35 | 165 | - key: "instance_filter" |
| 5e0741 | 166 | value: "{{ env_type }}-{{ email }}" |
| 00ffb6 | 167 | key_name: "{{key_name}}" |
| 928f77 | 168 | |
| 00ffb6 | 169 | - name: "support" |
| S | 170 | count: "{{support_instance_count}}" |
| 171 | public_dns: true | |
| 45ecdb | 172 | image_id: RHELAMI |
| 00ffb6 | 173 | flavor: |
| 928f77 | 174 | ec2: "{{support_instance_type}}" |
| GC | 175 | azure: "Standard_A2_V2" |
| 00ffb6 | 176 | tags: |
| S | 177 | - key: "AnsibleGroup" |
| 178 | value: "support" | |
| 179 | - key: "ostype" | |
| 180 | value: "rhel" | |
| 95ab35 | 181 | - key: "instance_filter" |
| PS | 182 | value: "{{ env_type }}-{{ email }}" |
| 00ffb6 | 183 | key_name: "{{key_name}}" |
| 60154a | 184 | |
| S | 185 | ###### VARIABLES YOU SHOULD ***NOT*** CONFIGURE FOR YOUR DEPLOYEMNT |
| 186 | ###### You can, but you usually wouldn't need to. | |
| 8fa982 | 187 | ansible_user: ec2-user |
| 60154a | 188 | remote_user: ec2-user |
| S | 189 | |
| 190 | common_packages: | |
| 191 | - python | |
| 192 | - unzip | |
| 193 | - bash-completion | |
| 194 | - tmux | |
| 195 | - bind-utils | |
| 196 | - wget | |
| 197 | - git | |
| 198 | - vim-enhanced | |
| 199 | - at | |
| 200 | - ansible | |
| 201 | ||
| 202 | rhel_repos: | |
| 203 | - rhel-7-server-rpms | |
| 204 | - rhel-7-server-extras-rpms | |
| 205 | - epel-release-latest-7 | |
| 206 | ## Currently there is no NFS created for this Environment - See ocp-workshop for clues. | |
| 207 | # ## NFS Server settings | |
| 208 | # nfs_vg: nfsvg | |
| 209 | # nfs_pvs: /dev/xvdb | |
| 210 | # nfs_export_path: /srv/nfs | |
| 211 | # | |
| 212 | # nfs_shares: | |
| 213 | # - es-storage | |
| 214 | # - user-vols | |
| 215 | # - jenkins | |
| 216 | # - nexus | |
| 217 | # - nexus2 | |
| 218 | ||
| feca86 | 219 | |
| 60154a | 220 | zone_internal_dns: "{{guid}}.internal." |
| S | 221 | chomped_zone_internal_dns: "{{guid}}.internal" |
| feca86 | 222 | |
| 60154a | 223 | frontend_public_dns: "frontendlb.{{subdomain_base}}." |
| S | 224 | #tower_public_dns: "tower.{{subdomain_base}}." |
| 225 | bastion_public_dns: "bastion.{{subdomain_base}}." | |
| 226 | bastion_public_dns_chomped: "bastion.{{subdomain_base}}" | |
| 227 | vpcid_cidr_block: "192.168.0.0/16" | |
| 228 | vpcid_name_tag: "{{subdomain_base}}" | |
| 229 | ||
| 230 | az_1_name: "{{ aws_region }}a" | |
| 231 | az_2_name: "{{ aws_region }}b" | |
| 232 | ||
| 233 | subnet_private_1_cidr_block: "192.168.2.0/24" | |
| 234 | subnet_private_1_az: "{{ az_2_name }}" | |
| 235 | subnet_private_1_name_tag: "{{subdomain_base}}-private" | |
| 236 | ||
| 237 | subnet_private_2_cidr_block: "192.168.1.0/24" | |
| 238 | subnet_private_2_az: "{{ az_1_name }}" | |
| 239 | subnet_private_2_name_tag: "{{subdomain_base}}-private" | |
| 240 | ||
| 241 | subnet_public_1_cidr_block: "192.168.10.0/24" | |
| 242 | subnet_public_1_az: "{{ az_1_name }}" | |
| 243 | subnet_public_1_name_tag: "{{subdomain_base}}-public" | |
| 244 | ||
| 245 | subnet_public_2_cidr_block: "192.168.20.0/24" | |
| 246 | subnet_public_2_az: "{{ az_2_name }}" | |
| 247 | subnet_public_2_name_tag: "{{subdomain_base}}-public" | |
| 248 | ||
| 249 | dopt_domain_name: "{{ aws_region }}.compute.internal" | |
| 250 | ||
| 251 | rtb_public_name_tag: "{{subdomain_base}}-public" | |
| 252 | rtb_private_name_tag: "{{subdomain_base}}-private" | |
| 253 | ||
| 254 | ||
| 255 | cf_template_description: "{{ env_type }}-{{ guid }} Ansible Agnostic Deployer " | |
