[OSEv3:vars]
|
|
###########################################################################
|
### Ansible Vars
|
###########################################################################
|
timeout=60
|
ansible_become=yes
|
ansible_ssh_user={{ansible_ssh_user}}
|
|
###########################################################################
|
### OpenShift Basic Vars
|
###########################################################################
|
deployment_type=openshift-enterprise
|
containerized=false
|
openshift_disable_check="disk_availability,memory_availability,docker_image_availability"
|
|
# default project node selector
|
osm_default_node_selector='env=app'
|
openshift_hosted_infra_selector="env=infra"
|
|
# Configure node kubelet arguments. pods-per-core is valid in OpenShift Origin 1.3 or OpenShift Container Platform 3.3 and later.
|
openshift_node_kubelet_args={'pods-per-core': ['10'], 'max-pods': ['250'], 'image-gc-high-threshold': ['85'], 'image-gc-low-threshold': ['75']}
|
|
# Configure logrotate scripts
|
# See: https://github.com/nickhammond/ansible-logrotate
|
logrotate_scripts=[{"name": "syslog", "path": "/var/log/cron\n/var/log/maillog\n/var/log/messages\n/var/log/secure\n/var/log/spooler\n", "options": ["daily", "rotate 7","size 500M", "compress", "sharedscripts", "missingok"], "scripts": {"postrotate": "/bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null || true"}}]
|
|
###########################################################################
|
### OpenShift Optional Vars
|
###########################################################################
|
|
# Enable cockpit
|
osm_use_cockpit=true
|
osm_cockpit_plugins=['cockpit-kubernetes']
|
|
###########################################################################
|
### OpenShift Master Vars
|
###########################################################################
|
|
openshift_master_api_port={{master_api_port}}
|
openshift_master_console_port={{master_api_port}}
|
|
openshift_master_cluster_method=native
|
openshift_master_cluster_hostname=loadbalancer1.{{guid}}.internal
|
openshift_master_cluster_public_hostname={{master_lb_dns}}
|
openshift_master_default_subdomain={{cloudapps_suffix}}
|
#openshift_master_ca_certificate={'certfile': '/root/intermediate_ca.crt', 'keyfile': '/root/intermediate_ca.key'}
|
openshift_master_overwrite_named_certificates={{openshift_master_overwrite_named_certificates}}
|
|
###########################################################################
|
### OpenShift Network Vars
|
###########################################################################
|
|
osm_cluster_network_cidr=10.1.0.0/16
|
openshift_portal_net=172.30.0.0/16
|
|
#os_sdn_network_plugin_name='redhat/openshift-ovs-multitenant'
|
{{multi_tenant_setting}}
|
|
##########################################################################
|
### Disconnected Install Vars
|
### Requires a docker registry at isolated1.{{guid}}.internal:5000
|
###########################################################################
|
# sets the debug level for all OpenShift components. Default is 2
|
#debug_level=8
|
|
# used for container-based install, not RPM
|
system_images_registry=isolated1.{{guid}}.internal:5000
|
|
# https://bugzilla.redhat.com/show_bug.cgi?id=1461465 target release 3.9
|
#the enterprise registry will not be added to the docker registries.
|
#also enables insecure registries, somehow.
|
openshift_docker_ent_reg=''
|
|
# https://bugzilla.redhat.com/show_bug.cgi?id=1516534 target release 3.10
|
oreg_url=isolated1.{{guid}}.internal:5000/openshift3/ose-${component}:${version}
|
|
openshift_examples_modify_imagestreams=true
|
openshift_docker_additional_registries=isolated1.{{guid}}.internal:5000
|
openshift_docker_insecure_registries=isolated1.{{guid}}.internal:5000
|
openshift_docker_blocked_registries=registry.access.redhat.com,docker.io
|
openshift_metrics_image_prefix=isolated1.{{guid}}.internal:5000/openshift3/
|
openshift_metrics_image_version=v3.9.14
|
openshift_logging_image_prefix=isolated1.{{guid}}.internal:5000/openshift3/
|
openshift_logging_image_version=v3.9.14
|
ansible_service_broker_image_prefix=isolated1.{{guid}}.internal:5000/openshift3/ose-
|
ansible_service_broker_image_tag=v3.9.14
|
ansible_service_broker_etcd_image_prefix=isolated1.{{guid}}.internal:5000/rhel7/
|
ansible_service_broker_etcd_image_tag=latest
|
openshift_service_catalog_image_prefix=isolated1.{{guid}}.internal:5000/openshift3/ose-
|
openshift_service_catalog_image_version=v3.9.14
|
openshift_cockpit_deployer_prefix=isolated1.{{guid}}.internal:5000/openshift3/
|
openshift_cockpit_deployer_version=v3.9.14
|
template_service_broker_prefix=isolated1.{{guid}}.internal:5000/openshift3/ose-
|
template_service_broker_version=v3.9.14
|
openshift_web_console_prefix=isolated1.{{guid}}.internal:5000/openshift3/ose-
|
openshift_web_console_version=v3.9.14
|
# PROMETHEUS SETTINGS
|
openshift_prometheus_image_prefix=isolated1.{{guid}}.internal:5000/openshift3/
|
openshift_prometheus_image_version=v3.9.14
|
openshift_prometheus_alertmanager_image_prefix=isolated1.{{guid}}.internal:5000/openshift3/
|
openshift_prometheus_alertmanager_image_version=v3.9.14
|
openshift_prometheus_alertbuffer_image_prefix=isolated1.{{guid}}.internal:5000/openshift3/
|
openshift_prometheus_alertbuffer_image_version=v3.9.14
|
openshift_prometheus_oauth_proxy_image_prefix=isolated1.{{guid}}.internal:5000/openshift3/
|
openshift_prometheus_oauth_proxy_image_version=v3.9.14
|
openshift_prometheus_node_exporter_image_prefix=isolated1.{{guid}}.internal:5000/openshift3/
|
openshift_prometheus_node_exporter_image_version=v3.9.14
|
|
|
##########################################################################
|
## OpenShift Authentication Vars
|
###########################################################################
|
|
{% if install_idm == "ldap" %}
|
openshift_master_identity_providers=[{'name': 'ldap', 'challenge': 'true', 'login': 'true', 'kind': 'LDAPPasswordIdentityProvider','attributes': {'id': ['dn'], 'email': ['mail'], 'name': ['cn'], 'preferredUsername': ['uid']}, 'bindDN': 'uid=ose-mwl-auth,cn=users,cn=accounts,dc=opentlc,dc=com', 'bindPassword': '{{bindPassword}}', 'ca': 'ipa-ca.crt','insecure': 'false', 'url': 'ldaps://ipa1.opentlc.com:636/cn=users,cn=accounts,dc=opentlc,dc=com?uid'}]
|
{{openshift_master_ldap_ca_file}}
|
{% endif %}
|
|
{% if install_idm == "allow_all" %}
|
openshift_master_identity_providers=[{'name': 'allow_all', 'login': 'true', 'challenge': 'true', 'kind': 'AllowAllPasswordIdentityProvider'}]
|
{% endif %}
|
|
{% if install_idm == "htpasswd" %}
|
# htpasswd auth
|
openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider', 'filename': '/etc/origin/master/htpasswd'}]
|
# Defining htpasswd users
|
#openshift_master_htpasswd_users={'user1': '<pre-hashed password>', 'user2': '<pre-hashed password>'}
|
# or
|
openshift_master_htpasswd_file=/root/htpasswd.openshift
|
{% endif %}
|
|
###########################################################################
|
### OpenShift Metrics and Logging Vars
|
###########################################################################
|
|
# Enable cluster metrics
|
openshift_metrics_install_metrics={{install_metrics}}
|
|
openshift_metrics_storage_kind=nfs
|
openshift_metrics_storage_access_modes=['ReadWriteOnce']
|
openshift_metrics_storage_nfs_directory=/srv/nfs
|
openshift_metrics_storage_nfs_options='*(rw,root_squash)'
|
openshift_metrics_storage_volume_name=metrics
|
openshift_metrics_storage_volume_size=10Gi
|
openshift_metrics_storage_labels={'storage': 'metrics'}
|
|
openshift_metrics_cassandra_nodeselector={"env":"infra"}
|
openshift_metrics_hawkular_nodeselector={"env":"infra"}
|
openshift_metrics_heapster_nodeselector={"env":"infra"}
|
|
## Add Prometheus Metrics:
|
openshift_hosted_prometheus_deploy=true
|
openshift_prometheus_node_selector={"env":"infra"}
|
openshift_prometheus_namespace=openshift-metrics
|
|
# Prometheus
|
openshift_prometheus_storage_kind=nfs
|
openshift_prometheus_storage_access_modes=['ReadWriteOnce']
|
openshift_prometheus_storage_nfs_directory=/srv/nfs
|
openshift_prometheus_storage_nfs_options='*(rw,root_squash)'
|
openshift_prometheus_storage_volume_name=prometheus
|
openshift_prometheus_storage_volume_size=10Gi
|
openshift_prometheus_storage_labels={'storage': 'prometheus'}
|
openshift_prometheus_storage_type='pvc'
|
# For prometheus-alertmanager
|
openshift_prometheus_alertmanager_storage_kind=nfs
|
openshift_prometheus_alertmanager_storage_access_modes=['ReadWriteOnce']
|
openshift_prometheus_alertmanager_storage_nfs_directory=/srv/nfs
|
openshift_prometheus_alertmanager_storage_nfs_options='*(rw,root_squash)'
|
openshift_prometheus_alertmanager_storage_volume_name=prometheus-alertmanager
|
openshift_prometheus_alertmanager_storage_volume_size=10Gi
|
openshift_prometheus_alertmanager_storage_labels={'storage': 'prometheus-alertmanager'}
|
openshift_prometheus_alertmanager_storage_type='pvc'
|
# For prometheus-alertbuffer
|
openshift_prometheus_alertbuffer_storage_kind=nfs
|
openshift_prometheus_alertbuffer_storage_access_modes=['ReadWriteOnce']
|
openshift_prometheus_alertbuffer_storage_nfs_directory=/srv/nfs
|
openshift_prometheus_alertbuffer_storage_nfs_options='*(rw,root_squash)'
|
openshift_prometheus_alertbuffer_storage_volume_name=prometheus-alertbuffer
|
openshift_prometheus_alertbuffer_storage_volume_size=10Gi
|
openshift_prometheus_alertbuffer_storage_labels={'storage': 'prometheus-alertbuffer'}
|
openshift_prometheus_alertbuffer_storage_type='pvc'
|
|
# Already set in the disconnected section
|
# openshift_prometheus_node_exporter_image_version=v3.9
|
|
# Enable cluster logging
|
openshift_logging_install_logging={{install_logging}}
|
|
openshift_logging_storage_kind=nfs
|
openshift_logging_storage_access_modes=['ReadWriteOnce']
|
openshift_logging_storage_nfs_directory=/srv/nfs
|
openshift_logging_storage_nfs_options='*(rw,root_squash)'
|
openshift_logging_storage_volume_name=logging
|
openshift_logging_storage_volume_size=10Gi
|
openshift_logging_storage_labels={'storage': 'logging'}
|
|
# openshift_logging_kibana_hostname=kibana.{{cloudapps_suffix}}
|
openshift_logging_es_cluster_size=1
|
|
openshift_logging_es_nodeselector={"env":"infra"}
|
openshift_logging_kibana_nodeselector={"env":"infra"}
|
openshift_logging_curator_nodeselector={"env":"infra"}
|
|
###########################################################################
|
### OpenShift Project Management Vars
|
###########################################################################
|
|
# Configure additional projects
|
openshift_additional_projects={'openshift-template-service-broker': {'default_node_selector': ''}}
|
|
|
###########################################################################
|
### OpenShift Router and Registry Vars
|
###########################################################################
|
|
openshift_hosted_router_replicas={{infranode_instance_count}}
|
#openshift_hosted_router_certificate={"certfile": "/path/to/router.crt", "keyfile": "/path/to/router.key", "cafile": "/path/to/router-ca.crt"}
|
|
openshift_hosted_registry_replicas=1
|
|
openshift_hosted_registry_storage_kind=nfs
|
openshift_hosted_registry_storage_access_modes=['ReadWriteMany']
|
openshift_hosted_registry_storage_nfs_directory=/srv/nfs
|
openshift_hosted_registry_storage_nfs_options='*(rw,root_squash)'
|
openshift_hosted_registry_storage_volume_name=registry
|
openshift_hosted_registry_storage_volume_size=20Gi
|
openshift_hosted_registry_pullthrough=true
|
openshift_hosted_registry_acceptschema2=true
|
openshift_hosted_registry_enforcequota=true
|
|
|
###########################################################################
|
### OpenShift Service Catalog Vars
|
###########################################################################
|
|
openshift_enable_service_catalog=true
|
|
template_service_broker_install=true
|
openshift_template_service_broker_namespaces=['openshift']
|
|
ansible_service_broker_install=true
|
ansible_service_broker_local_registry_whitelist=['.*-apb$']
|
|
openshift_hosted_etcd_storage_kind=nfs
|
openshift_hosted_etcd_storage_nfs_options="*(rw,root_squash,sync,no_wdelay)"
|
openshift_hosted_etcd_storage_nfs_directory=/srv/nfs
|
openshift_hosted_etcd_storage_labels={'storage': 'etcd-asb'}
|
openshift_hosted_etcd_storage_volume_name=etcd-asb
|
openshift_hosted_etcd_storage_access_modes=['ReadWriteOnce']
|
openshift_hosted_etcd_storage_volume_size=10G
|
|
###########################################################################
|
### OpenShift Hosts
|
###########################################################################
|
[OSEv3:children]
|
lb
|
masters
|
etcd
|
nodes
|
nfs
|
{% if new_node_instance_count > 0 %}
|
new_nodes
|
{% endif %}
|
|
[lb]
|
{% for host in groups['loadbalancers'] %}
|
{{ hostvars[host].internaldns }} host_zone={{hostvars[host].placement}}
|
{% endfor %}
|
|
[masters]
|
{% for host in groups['masters'] %}
|
{{ hostvars[host].internaldns }} host_zone={{hostvars[host]['placement']}}
|
{% endfor %}
|
|
[etcd]
|
{% for host in groups['masters'] %}
|
{{ hostvars[host].internaldns }} host_zone={{hostvars[host]['placement']}}
|
{% endfor %}
|
|
|
[nodes]
|
## These are the masters
|
{% for host in groups['masters'] %}
|
{{ hostvars[host].internaldns }} openshift_hostname={{ hostvars[host].internaldns }} openshift_node_labels="{'logging':'true','openshift_schedulable':'False','cluster': '{{guid}}', 'zone': '{{hostvars[host]['placement']}}'}"
|
{% endfor %}
|
|
## These are infranodes
|
{% for host in groups['infranodes'] %}
|
{{ hostvars[host].internaldns }} openshift_hostname={{ hostvars[host].internaldns }} openshift_node_labels="{'logging':'true','cluster': '{{guid}}', 'env':'infra', 'zone': '{{hostvars[host]['placement']}}'}"
|
{% endfor %}
|
|
## These are regular nodes
|
{% for host in groups['nodes'] %}
|
{{ hostvars[host].internaldns }} openshift_hostname={{ hostvars[host].internaldns }} openshift_node_labels="{'logging':'true','cluster': '{{guid}}', 'env':'app', 'zone': '{{hostvars[host]['placement']}}'}"
|
{% endfor %}
|
|
{% if new_node_instance_count > 0 %}
|
# scaleup performed, leave an empty group, see:
|
# https://docs.openshift.com/container-platform/3.5/install_config/adding_hosts_to_existing_cluster.html
|
[new_nodes]
|
{% endif %}
|
|
[nfs]
|
{% for host in groups['support'] %}
|
{{ hostvars[host].internaldns }} openshift_hostname={{ hostvars[host].internaldns }}
|
{% endfor %}
|