---
|
become_override: False
|
ocp_username: "system:admin"
|
silent: False
|
|
ocp4_workload_authentication_defaults:
|
# idm_type: 'none', 'ldap' or 'httpasswd'
|
# admin_user: wkulhane-redhat.com
|
idm_type: htpasswd
|
|
# Base of the users for htpasswd
|
htpasswd_user_base: user
|
htpasswd_user_count: 100
|
# Set a password for all htpasswd users
|
# If no password set a 16 character random password will be generated
|
# htpasswd_user_password: openshift
|
|
# admin_user for LDAP will need to exist in LDAP
|
# admin_user for htpasswd will be created
|
admin_user: admin
|
# Set a password for the admin user (only htpasswd)
|
# If no password set a 16 character random password will be generated
|
# htpasswd_admin_password: openshift_admin
|
|
# LDAP settings
|
ldap_url: ldaps://ipa1.opentlc.com:636/cn=users,cn=accounts,dc=opentlc,dc=com?uid
|
ldap_ca_url: http://ipa.opentlc.com/ipa/config/ca.crt
|
ldap_bind_dn: "uid=ose-mwl-auth,cn=users,cn=accounts,dc=opentlc,dc=com"
|
|
# Remove Kubeadmin user upon successful installation of Authentication
|
remove_kubeadmin: true
|
|
# Override the defaults by setting the overrides in
|
# ocp4_workload_logging_vars: {}
|
#
|
# For example to set up LDAP:
|
# ocp4_workload_authentication_vars:
|
# idm_type: ldap
|
# admin_user: wkulhane-redhat.com
|
|
# Secret Variables should come from secrets file
|
# ocp4_workload_authentication_secrets:
|
# ldap_bind_password: <should come from secrets>
|