#
|
# /etc/ansible/hosts file for OpenShift Container Platform 3.10.14
|
#
|
|
[OSEv3:vars]
|
|
###########################################################################
|
### Ansible Vars
|
###########################################################################
|
timeout=60
|
ansible_user={{ansible_ssh_user}}
|
ansible_become=yes
|
|
###########################################################################
|
### OpenShift Basic Vars
|
###########################################################################
|
|
openshift_deployment_type=openshift-enterprise
|
|
openshift_disable_check="disk_availability,memory_availability,docker_image_availability"
|
|
openshift_image_tag=v{{ osrelease }}
|
openshift_release={{ osrelease }}
|
oreg_url=registry.access.redhat.com/openshift3/ose-${component}:${version}
|
openshift_examples_modify_imagestreams=true
|
|
{% if container_runtime == "cri-o" %}
|
openshift_use_crio=True
|
openshift_crio_use_rpm=True
|
openshift_crio_enable_docker_gc=True
|
openshift_crio_docker_gc_node_selector={'runtime': 'cri-o'}
|
{% endif %}
|
|
openshift_node_groups=[{'name': 'node-config-master', 'labels': ['node-role.kubernetes.io/master=true','runtime={{container_runtime}}']}, {'name': 'node-config-infra', 'labels': ['node-role.kubernetes.io/infra=true','runtime={{container_runtime}}']}, {'name': 'node-config-glusterfs', 'labels': ['runtime={{container_runtime}}']}, {'name': 'node-config-compute', 'labels': ['node-role.kubernetes.io/compute=true','runtime={{container_runtime}}'], 'edits': [{ 'key': 'kubeletArguments.pods-per-core','value': ['20']}]}]
|
# Configure node kubelet arguments. pods-per-core is valid in OpenShift Origin 1.3 or OpenShift Container Platform 3.3 and later. -> These need to go into the above
|
# openshift_node_kubelet_args={'pods-per-core': ['10'], 'max-pods': ['250'], 'image-gc-high-threshold': ['85'], 'image-gc-low-threshold': ['75']}
|
|
# Configure logrotate scripts
|
# See: https://github.com/nickhammond/ansible-logrotate
|
logrotate_scripts=[{"name": "syslog", "path": "/var/log/cron\n/var/log/maillog\n/var/log/messages\n/var/log/secure\n/var/log/spooler\n", "options": ["daily", "rotate 7","size 500M", "compress", "sharedscripts", "missingok"], "scripts": {"postrotate": "/bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null || true"}}]
|
|
{% if install_glusterfs|bool %}
|
###########################################################################
|
### OpenShift Container Storage
|
###########################################################################
|
|
openshift_master_dynamic_provisioning_enabled=True
|
|
# CNS storage cluster
|
# From https://github.com/red-hat-storage/openshift-cic
|
openshift_storage_glusterfs_namespace=openshift-storage
|
openshift_storage_glusterfs_storageclass=true
|
openshift_storage_glusterfs_storageclass_default=true
|
|
openshift_storage_glusterfs_block_deploy=true
|
openshift_storage_glusterfs_block_host_vol_create=true
|
openshift_storage_glusterfs_block_host_vol_size=200
|
openshift_storage_glusterfs_block_storageclass=true
|
openshift_storage_glusterfs_block_storageclass_default=false
|
|
# Container image to use for glusterfs pods
|
openshift_storage_glusterfs_image="registry.access.redhat.com/rhgs3/rhgs-server-rhel7:v3.9"
|
|
# Container image to use for glusterblock-provisioner pod
|
openshift_storage_glusterfs_block_image="registry.access.redhat.com/rhgs3/rhgs-gluster-block-prov-rhel7:v3.9"
|
|
# Container image to use for heketi pods
|
openshift_storage_glusterfs_heketi_image="registry.access.redhat.com/rhgs3/rhgs-volmanager-rhel7:v3.9"
|
{% endif %}
|
|
{% if install_nfs|bool %}
|
# Set this line to enable NFS
|
openshift_enable_unsupported_configurations=True
|
{% endif %}
|
|
###########################################################################
|
### OpenShift Cockpit Vars
|
###########################################################################
|
|
# Enable cockpit
|
osm_use_cockpit=true
|
osm_cockpit_plugins=['cockpit-kubernetes']
|
|
###########################################################################
|
### OpenShift Master Vars
|
###########################################################################
|
|
openshift_master_api_port={{master_api_port}}
|
openshift_master_console_port={{master_api_port}}
|
|
openshift_master_cluster_method=native
|
openshift_master_cluster_hostname={{master_lb_dns}}
|
openshift_master_cluster_public_hostname={{master_lb_dns}}
|
openshift_master_default_subdomain={{cloudapps_suffix}}
|
openshift_master_overwrite_named_certificates={{openshift_master_overwrite_named_certificates}}
|
|
{% if install_lets_encrypt_certificates|bool %}
|
openshift_master_named_certificates={{lets_encrypt_openshift_master_named_certificates|to_json}}
|
{% endif %}
|
|
openshift_set_hostname=True
|
|
###########################################################################
|
### OpenShift Network Vars
|
###########################################################################
|
|
osm_cluster_network_cidr=10.1.0.0/16
|
openshift_portal_net=172.30.0.0/16
|
|
# os_sdn_network_plugin_name='redhat/openshift-ovs-networkpolicy'
|
{{multi_tenant_setting}}
|
|
###########################################################################
|
### OpenShift Authentication Vars
|
###########################################################################
|
|
{% if install_idm == "ldap" or 'ldap' in install_idms|d([]) %}
|
{{openshift_master_ldap_ca_file}}
|
{% endif %}
|
|
{% if install_idm == "htpasswd" or 'htpasswd' in install_idms|d([]) %}
|
openshift_master_htpasswd_file=/root/htpasswd.openshift
|
{% endif %}
|
|
openshift_master_identity_providers={{identity_providers|to_json}}
|
|
{% if admission_plugin_config is defined %}
|
###########################################################################
|
### OpenShift admission plugin config
|
###########################################################################
|
|
openshift_master_admission_plugin_config={{admission_plugin_config|to_json}}
|
{% endif %}
|
|
###########################################################################
|
### OpenShift Metrics and Logging Vars
|
###########################################################################
|
|
########################
|
# Enable cluster metrics
|
########################
|
openshift_metrics_install_metrics={{install_metrics}}
|
|
{% if install_nfs|bool and not install_glusterfs|bool %}
|
openshift_metrics_storage_kind=nfs
|
openshift_metrics_storage_access_modes=['ReadWriteOnce']
|
openshift_metrics_storage_nfs_directory=/srv/nfs
|
openshift_metrics_storage_nfs_options='*(rw,root_squash)'
|
openshift_metrics_storage_volume_name=metrics
|
openshift_metrics_storage_volume_size=10Gi
|
openshift_metrics_storage_labels={'storage': 'metrics'}
|
openshift_metrics_cassanda_pvc_storage_class_name=''
|
{% endif %}
|
|
{% if install_glusterfs|bool %}
|
openshift_metrics_storage_kind=dynamic
|
openshift_metrics_storage_volume_size=20Gi
|
openshift_metrics_cassandra_pvc_storage_class_name='glusterfs-storage-block'
|
{% endif %}
|
|
openshift_metrics_hawkular_nodeselector={"node-role.kubernetes.io/infra": "true"}
|
openshift_metrics_cassandra_nodeselector={"node-role.kubernetes.io/infra": "true"}
|
openshift_metrics_heapster_nodeselector={"node-role.kubernetes.io/infra": "true"}
|
|
# Store Metrics for 2 days
|
openshift_metrics_duration=2
|
|
{% if install_prometheus|bool %}
|
#########################
|
# Add Prometheus Metrics:
|
#########################
|
openshift_hosted_prometheus_deploy=true
|
openshift_prometheus_namespace=openshift-metrics
|
openshift_prometheus_node_selector={"node-role.kubernetes.io/infra":"true"}
|
|
# Prometheus
|
{% if install_glusterfs|bool %}
|
openshift_prometheus_storage_type='pvc'
|
openshift_prometheus_storage_kind=dynamic
|
openshift_prometheus_storage_class='glusterfs-storage-block'
|
openshift_prometheus_storage_volume_size=20Gi
|
openshift_prometheus_storage_access_modes=['ReadWriteOnce']
|
openshift_prometheus_storage_volume_name=prometheus
|
{% elif install_nfs|bool %}
|
openshift_prometheus_storage_type='emptydir'
|
{% endif %}
|
|
# For prometheus-alertmanager
|
{% if install_glusterfs|bool %}
|
openshift_prometheus_alertmanager_storage_type='pvc'
|
openshift_prometheus_alertmanager_storage_kind=dynamic
|
openshift_prometheus_alertmanager_storage_class='glusterfs-storage-block'
|
openshift_prometheus_alertmanager_storage_access_modes=['ReadWriteOnce']
|
openshift_prometheus_alertmanager_storage_volume_size=10Gi
|
openshift_prometheus_alertmanager_storage_volume_name=prometheus-alertmanager
|
{% elif install_nfs|bool %}
|
openshift_prometheus_alertmanager_storage_type='emptydir'
|
{% endif %}
|
|
# For prometheus-alertbuffer
|
{% if install_glusterfs|bool %}
|
openshift_prometheus_alertbuffer_storage_type='pvc'
|
openshift_prometheus_alertbuffer_storage_kind=dynamic
|
openshift_prometheus_alertbuffer_storage_class='glusterfs-storage-block'
|
openshift_prometheus_alertbuffer_storage_access_modes=['ReadWriteOnce']
|
openshift_prometheus_alertbuffer_storage_volume_name=prometheus-alertbuffer
|
openshift_prometheus_alertbuffer_storage_volume_size=10Gi
|
{% elif install_nfs|bool %}
|
openshift_prometheus_alertbuffer_storage_type='emptydir'
|
{% endif %}
|
|
# Suggested Quotas and limits for Prometheus components:
|
openshift_prometheus_memory_requests=2Gi
|
openshift_prometheus_cpu_requests=750m
|
openshift_prometheus_memory_limit=2Gi
|
openshift_prometheus_cpu_limit=750m
|
openshift_prometheus_alertmanager_memory_requests=300Mi
|
openshift_prometheus_alertmanager_cpu_requests=200m
|
openshift_prometheus_alertmanager_memory_limit=300Mi
|
openshift_prometheus_alertmanager_cpu_limit=200m
|
openshift_prometheus_alertbuffer_memory_requests=300Mi
|
openshift_prometheus_alertbuffer_cpu_requests=200m
|
openshift_prometheus_alertbuffer_memory_limit=300Mi
|
openshift_prometheus_alertbuffer_cpu_limit=200m
|
# The following file will need to be copied over to the bastion before deployment
|
# There is an example in ocp-workshop/files
|
# openshift_prometheus_additional_rules_file=/root/prometheus_alerts_rules.yml
|
|
# Grafana
|
openshift_grafana_node_selector={"node-role.kubernetes.io/infra":"true"}
|
openshift_grafana_storage_type=pvc
|
openshift_grafana_pvc_size=2Gi
|
openshift_grafana_node_exporter=true
|
{% if install_glusterfs|bool %}
|
openshift_grafana_sc_name=glusterfs-storage
|
{% endif %}
|
|
{% endif %}
|
|
# Enable cluster logging
|
########################
|
openshift_logging_install_logging={{install_logging}}
|
|
{% if install_nfs|bool and not install_glusterfs|bool %}
|
openshift_logging_storage_kind=nfs
|
openshift_logging_storage_access_modes=['ReadWriteOnce']
|
openshift_logging_storage_nfs_directory=/srv/nfs
|
openshift_logging_storage_nfs_options='*(rw,root_squash)'
|
openshift_logging_storage_volume_name=logging
|
openshift_logging_storage_volume_size=10Gi
|
openshift_logging_storage_labels={'storage': 'logging'}
|
openshift_logging_es_pvc_storage_class_name=''
|
{% endif %}
|
{% if install_glusterfs|bool %}
|
openshift_logging_es_pvc_dynamic=true
|
openshift_logging_es_pvc_size=20Gi
|
openshift_logging_es_cluster_size=1
|
openshift_logging_es_pvc_storage_class_name='glusterfs-storage-block'
|
{% endif %}
|
|
openshift_logging_kibana_nodeselector={"node-role.kubernetes.io/infra": "true"}
|
openshift_logging_curator_nodeselector={"node-role.kubernetes.io/infra": "true"}
|
openshift_logging_es_nodeselector={"node-role.kubernetes.io/infra": "true"}
|
|
openshift_logging_es_cluster_size=1
|
openshift_logging_curator_default_days=3
|
|
###########################################################################
|
### OpenShift Router and Registry Vars
|
###########################################################################
|
|
openshift_hosted_router_replicas={{infranode_instance_count}}
|
|
{% if install_lets_encrypt_certificates|bool %}
|
openshift_hosted_router_certificate={{lets_encrypt_openshift_hosted_router_certificate|to_json}}
|
{% endif %}
|
|
openshift_hosted_registry_replicas=1
|
openshift_hosted_registry_pullthrough=true
|
openshift_hosted_registry_acceptschema2=true
|
openshift_hosted_registry_enforcequota=true
|
|
{% if s3user_access_key is defined %}
|
# Registry AWS S3
|
# S3 bucket must already exist.
|
openshift_hosted_registry_storage_kind=object
|
openshift_hosted_registry_storage_provider=s3
|
openshift_hosted_registry_storage_s3_accesskey={{ s3user_access_key }}
|
openshift_hosted_registry_storage_s3_secretkey={{ s3user_secret_access_key }}
|
openshift_hosted_registry_storage_s3_bucket={{ project_tag }}
|
openshift_hosted_registry_storage_s3_region={{ aws_region_final|d(aws_region) }}
|
openshift_hosted_registry_storage_s3_chunksize=26214400
|
openshift_hosted_registry_storage_s3_rootdirectory=/registry
|
{% endif %}
|
|
###########################################################################
|
### OpenShift Service Catalog Vars
|
###########################################################################
|
|
openshift_enable_service_catalog=true
|
|
template_service_broker_install=true
|
# openshift_template_service_broker_namespaces=['openshift']
|
|
ansible_service_broker_install=true
|
ansible_service_broker_local_registry_whitelist=['.*-apb$']
|
|
###########################################################################
|
### OpenShift Hosts
|
###########################################################################
|
[OSEv3:children]
|
masters
|
etcd
|
nodes
|
{% if install_nfs|bool %}
|
nfs
|
{% endif %}
|
{% if install_glusterfs|bool %}
|
glusterfs
|
{% endif %}
|
{% if groups['newnodes']|d([])|length > 0 %}
|
new_nodes
|
{% endif %}
|
|
[masters]
|
{% for host in groups['masters']|sort %}
|
{{ hostvars[host].internaldns }}
|
{% endfor %}
|
|
[etcd]
|
{% for host in groups['masters']|sort %}
|
{{ hostvars[host].internaldns }}
|
{% endfor %}
|
|
[nodes]
|
## These are the masters
|
{% for host in groups['masters']|sort %}
|
{{ hostvars[host].internaldns }} openshift_node_group_name='node-config-master'
|
{% endfor %}
|
|
## These are infranodes
|
{% for host in groups['infranodes']|sort %}
|
{{ hostvars[host].internaldns }} openshift_node_group_name='node-config-infra'
|
{% endfor %}
|
|
## These are regular nodes
|
{% for host in groups['nodes']|sort
|
if host not in groups['newnodes']|d([])
|
and host not in groups['glusterfs']|d([])
|
%}
|
{{ hostvars[host].internaldns }} openshift_node_group_name='node-config-compute'
|
{% endfor %}
|
|
{% if groups['glusterfs']|d([])|length > 0 %}
|
## These are glusterfs nodes
|
{% for host in groups['glusterfs']|sort %}
|
{{ hostvars[host].internaldns }} openshift_node_group_name='node-config-compute'
|
{% endfor %}
|
{% endif %}
|
|
{% if groups['newnodes']|d([])|length > 0 %}
|
# scaleup performed, leave an empty group, see:
|
# https://docs.openshift.com/container-platform/3.7/install_config/adding_hosts_to_existing_cluster.html
|
[new_nodes]
|
{% for host in groups['newnodes']|sort %}
|
{{ hostvars[host].internaldns }} ansible_ssh_user={{remote_user}} ansible_ssh_private_key_file=~/.ssh/{{key_name}}.pem openshift_node_group_name='node-config-compute'
|
{% endfor %}
|
{% endif %}
|
|
{% if install_nfs|bool %}
|
[nfs]
|
{% for host in [groups['support']|sort|first] %}
|
{{ hostvars[host].internaldns }}
|
{% endfor %}
|
{% endif %}
|
|
{% if install_glusterfs|bool %}
|
{% set query = "[?name=='support']|[0].volumes[?purpose=='glusterfs'].device_name" %}
|
[glusterfs]
|
{% for host in groups['glusterfs']|sort %}
|
{% if loop.index % 3 == 1 %}
|
{% set glusterfs_zone = 1 %}
|
{% elif loop.index % 3 == 2 %}
|
{% set glusterfs_zone = 2 %}
|
{% elif loop.index % 3 == 0 %}
|
{% set glusterfs_zone = 3 %}
|
{% endif %}
|
{% if cloud_provider == 'ec2' %}
|
{{ hostvars[host].internaldns }} glusterfs_zone={{ glusterfs_zone }} glusterfs_devices='{{instances|json_query(query)|to_json}}'
|
{% elif cloud_provider == 'azure' %}
|
{{ hostvars[host].internaldns }} glusterfs_zone={{ glusterfs_zone }} glusterfs_devices='{{ [ hostvars[host].glusterfs_device_name ] |to_json}}'
|
{% endif %}
|
{% endfor %}
|
{% endif %}
|