New file |
| | |
| | | # |
| | | # ansible inventory for OpenShift Container Platform 3.11.129 |
| | | # AgnosticD ansible-config: ocp-ha-disconnected-lab |
| | | |
| | | [OSEv3:vars] |
| | | |
| | | ########################################################################### |
| | | ### Ansible Vars |
| | | ########################################################################### |
| | | timeout=60 |
| | | ansible_user={{ansible_user}} |
| | | ansible_become=yes |
| | | |
| | | ########################################################################### |
| | | ### OpenShift Basic Vars |
| | | ########################################################################### |
| | | |
| | | openshift_deployment_type=openshift-enterprise |
| | | |
| | | openshift_disable_check="disk_availability,memory_availability,docker_image_availability" |
| | | |
| | | # OpenShift Version: |
| | | # If you modify the openshift_image_tag or the openshift_pkg_version variables after the cluster is set up, then an upgrade can be triggered, resulting in downtime. |
| | | # If openshift_image_tag is set, its value is used for all hosts in system container environments, even those that have another version installed. If |
| | | # Use this variable to specify a container image tag to install or configure. |
| | | #openshift_pkg_version is set, its value is used for all hosts in RPM-based environments, even those that have another version installed. |
| | | openshift_image_tag=v{{ osrelease }} |
| | | # Use this variable to specify an RPM version to install or configure. |
| | | openshift_pkg_version=-{{ osrelease }} |
| | | openshift_release="{{ osrelease }}" |
| | | |
| | | {% if container_runtime == "cri-o" %} |
| | | openshift_use_crio=True |
| | | openshift_crio_enable_docker_gc=True |
| | | openshift_crio_docker_gc_node_selector={'runtime': 'cri-o'} |
| | | {% endif %} |
| | | |
| | | # Node Groups |
| | | openshift_node_groups=[{'name': 'node-config-master', 'labels': ['node-role.kubernetes.io/master=true','runtime={{container_runtime}}']}, {'name': 'node-config-infra', 'labels': ['node-role.kubernetes.io/infra=true','runtime={{container_runtime}}']}, {'name': 'node-config-compute', 'labels': ['node-role.kubernetes.io/compute=true','runtime={{container_runtime}}'], 'edits': [{ 'key': 'kubeletArguments.pods-per-core','value': ['20']}]}] |
| | | # Configure node kubelet arguments. pods-per-core is valid in OpenShift Origin 1.3 or OpenShift Container Platform 3.3 and later. -> These need to go into the above |
| | | # openshift_node_kubelet_args={'pods-per-core': ['10'], 'max-pods': ['250'], 'image-gc-high-threshold': ['85'], 'image-gc-low-threshold': ['75']} |
| | | |
| | | # Configure logrotate scripts |
| | | # See: https://github.com/nickhammond/ansible-logrotate |
| | | logrotate_scripts=[{"name": "syslog", "path": "/var/log/cron\n/var/log/maillog\n/var/log/messages\n/var/log/secure\n/var/log/spooler\n", "options": ["daily", "rotate 7","size 500M", "compress", "sharedscripts", "missingok"], "scripts": {"postrotate": "/bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null || true"}}] |
| | | |
| | | # Deploy Operator Lifecycle Manager Tech Preview |
| | | #openshift_enable_olm=false |
| | | |
| | | ########################################################################### |
| | | ### OpenShift Registries Locations |
| | | ########################################################################### |
| | | |
| | | #oreg_url=registry.access.redhat.com/openshift3/ose-${component}:${version} |
| | | oreg_url=isolated1.{{ guid }}.internal:5000/openshift3/ose-${component}:${version} |
| | | #oreg_auth_user={{ redhat_registry_user }} |
| | | #oreg_auth_password={{ redhat_registry_password }} |
| | | |
| | | openshift_docker_insecure_registries=isolated1.{{ guid }}.internal:5000 |
| | | openshift_docker_blocked_registries=registry.redhat.io,registry.access.redhat.com,docker.io |
| | | # openshift_docker_additional_registries= |
| | | |
| | | openshift_examples_modify_imagestreams=true |
| | | |
| | | {% if install_glusterfs|bool %} |
| | | ########################################################################### |
| | | ### OpenShift Container Storage |
| | | ########################################################################### |
| | | |
| | | openshift_master_dynamic_provisioning_enabled=True |
| | | |
| | | # CNS storage cluster |
| | | # From https://github.com/red-hat-storage/openshift-cic |
| | | openshift_storage_glusterfs_namespace=openshift-storage |
| | | openshift_storage_glusterfs_storageclass=true |
| | | openshift_storage_glusterfs_storageclass_default=false |
| | | |
| | | openshift_storage_glusterfs_block_deploy=true |
| | | openshift_storage_glusterfs_block_host_vol_create=true |
| | | openshift_storage_glusterfs_block_host_vol_size=200 |
| | | openshift_storage_glusterfs_block_storageclass=true |
| | | openshift_storage_glusterfs_block_storageclass_default=true |
| | | |
| | | # Container image to use for glusterfs pods |
| | | openshift_storage_glusterfs_image="registry.access.redhat.com/rhgs3/rhgs-server-rhel7:{{ glusterfs_image_tag }}" |
| | | |
| | | # Container image to use for glusterblock-provisioner pod |
| | | openshift_storage_glusterfs_block_image="registry.access.redhat.com/rhgs3/rhgs-gluster-block-prov-rhel7:{{ glusterfs_image_tag }}" |
| | | |
| | | # Container image to use for heketi pods |
| | | openshift_storage_glusterfs_heketi_image="registry.access.redhat.com/rhgs3/rhgs-volmanager-rhel7:{{ glusterfs_image_tag }}" |
| | | |
| | | # GlusterFS version |
| | | # Knowledgebase |
| | | # https://access.redhat.com/solutions/3617551 |
| | | # Bugzilla |
| | | # https://bugzilla.redhat.com/show_bug.cgi?id=163.1057 |
| | | # Complete OpenShift GlusterFS Configuration README |
| | | # https://github.com/openshift/openshift-ansible/tree/master/roles/openshift_storage_glusterfs |
| | | openshift_storage_glusterfs_version=v3.10 |
| | | openshift_storage_glusterfs_block_version=v3.10 |
| | | openshift_storage_glusterfs_s3_version=v3.10 |
| | | openshift_storage_glusterfs_heketi_version=v3.10 |
| | | # openshift_storage_glusterfs_registry_version=v3.10 |
| | | # openshift_storage_glusterfs_registry_block_version=v3.10 |
| | | # openshift_storage_glusterfs_registry_s3_version=v3.10 |
| | | # openshift_storage_glusterfs_registry_heketi_version=v3.10 |
| | | {% endif %} |
| | | |
| | | {% if install_nfs|bool %} |
| | | # Set this line to enable NFS |
| | | openshift_enable_unsupported_configurations=True |
| | | {% endif %} |
| | | |
| | | ########################################################################### |
| | | ### OpenShift Master Vars |
| | | ########################################################################### |
| | | |
| | | openshift_master_api_port={{master_api_port}} |
| | | openshift_master_console_port={{master_api_port}} |
| | | |
| | | # ensure oauth secrets regenerated properly when re-running playbooks |
| | | # delete the webconsole pods if login OK returns user to login screen |
| | | openshift_console_install=true |
| | | openshift_console_hostname={{master_lb_dns}} |
| | | |
| | | #Default: openshift_master_cluster_method=native |
| | | openshift_master_cluster_hostname=loadbalancer.{{guid}}.internal |
| | | openshift_master_cluster_public_hostname={{master_lb_dns}} |
| | | openshift_master_default_subdomain={{cloudapps_suffix}} |
| | | #openshift_master_ca_certificate={'certfile': '/root/intermediate_ca.crt', 'keyfile': '/root/intermediate_ca.key'} |
| | | openshift_master_overwrite_named_certificates={{openshift_master_overwrite_named_certificates}} |
| | | |
| | | # Audit log |
| | | # openshift_master_audit_config={"enabled": true, "auditFilePath": "/var/log/openpaas-oscp-audit/openpaas-oscp-audit.log", "maximumFileRetentionDays": 14, "maximumFileSizeMegabytes": 500, "maximumRetainedFiles": 5} |
| | | |
| | | # ocp-ha-lab |
| | | # AWS Autoscaler |
| | | #openshift_master_bootstrap_auto_approve=false |
| | | # This variable is a cluster identifier unique to the AWS Availability Zone. Using this avoids potential issues in Amazon Web Services (AWS) with multiple zones or multiple clusters. |
| | | #openshift_clusterid |
| | | |
| | | ########################################################################### |
| | | ### OpenShift Network Vars |
| | | ########################################################################### |
| | | |
| | | osm_cluster_network_cidr=10.1.0.0/16 |
| | | openshift_portal_net=172.30.0.0/16 |
| | | |
| | | os_sdn_network_plugin_name='redhat/openshift-ovs-networkpolicy' |
| | | |
| | | ########################################################################### |
| | | ### OpenShift Authentication Vars |
| | | ########################################################################### |
| | | |
| | | # LDAP AND HTPASSWD Authentication (download ipa-ca.crt first) |
| | | #openshift_master_identity_providers=[{'name': 'ldap', 'challenge': 'true', 'login': 'true', 'kind': 'LDAPPasswordIdentityProvider','attributes': {'id': ['dn'], 'email': ['mail'], 'name': ['cn'], 'preferredUsername': ['uid']}, 'bindDN': 'uid=admin,cn=users,cn=accounts,dc=shared,dc=example,dc=opentlc,dc=com', 'bindPassword': 'r3dh4t1!', 'ca': '/etc/origin/master/ipa-ca.crt','insecure': 'false', 'url': 'ldaps://ipa.shared.example.opentlc.com:636/cn=users,cn=accounts,dc=shared,dc=example,dc=opentlc,dc=com?uid?sub?(memberOf=cn=ocp-users,cn=groups,cn=accounts,dc=shared,dc=example,dc=opentlc,dc=com)'},{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider'}] |
| | | |
| | | # Just LDAP |
| | | #openshift_master_identity_providers=[{'name': 'ldap', 'challenge': 'true', 'login': 'true', 'kind': 'LDAPPasswordIdentityProvider','attributes': {'id': ['dn'], 'email': ['mail'], 'name': ['cn'], 'preferredUsername': ['uid']}, 'bindDN': 'uid=admin,cn=users,cn=accounts,dc=shared,dc=example,dc=opentlc,dc=com', 'bindPassword': 'r3dh4t1!', 'ca': '/etc/origin/master/ipa-ca.crt','insecure': 'false', 'url': 'ldaps://ipa.shared.example.opentlc.com:636/cn=users,cn=accounts,dc=shared,dc=example,dc=opentlc,dc=com?uid?sub?(memberOf=cn=ocp-users,cn=groups,cn=accounts,dc=shared,dc=example,dc=opentlc,dc=com)'}] |
| | | |
| | | # Just HTPASSWD |
| | | openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider'}] |
| | | |
| | | # LDAP and HTPASSWD dependencies |
| | | |
| | | openshift_master_htpasswd_file=/root/htpasswd.openshift |
| | | #openshift_master_ldap_ca_file=/root/ipa-ca.crt |
| | | |
| | | {% if admission_plugin_config is defined %} |
| | | ########################################################################### |
| | | ### OpenShift admission plugin config |
| | | ########################################################################### |
| | | |
| | | openshift_master_admission_plugin_config={{admission_plugin_config|to_json}} |
| | | {% endif %} |
| | | |
| | | ########################################################################### |
| | | ### OpenShift Metrics and Logging Vars |
| | | ########################################################################### |
| | | |
| | | ######################### |
| | | # Prometheus Metrics |
| | | ######################### |
| | | |
| | | openshift_cluster_monitoring_operator_install=true |
| | | |
| | | {% if install_glusterfs|bool %} |
| | | openshift_cluster_monitoring_operator_prometheus_storage_capacity=20Gi |
| | | openshift_cluster_monitoring_operator_alertmanager_storage_capacity=2Gi |
| | | openshift_cluster_monitoring_operator_prometheus_storage_enabled=True |
| | | openshift_cluster_monitoring_operator_alertmanager_storage_enabled=True |
| | | |
| | | # The next two will be enabled in 3.11.z |
| | | # will use deafult storage class until then |
| | | # so set the block storage class as default |
| | | |
| | | # openshift_cluster_monitoring_operator_prometheus_storage_class_name='glusterfs-storage-block' |
| | | # openshift_cluster_monitoring_operator_alertmanager_storage_class_name='glusterfs-storage-block' |
| | | {% endif %} |
| | | |
| | | ######################## |
| | | # Cluster Metrics |
| | | ######################## |
| | | |
| | | openshift_metrics_install_metrics={{install_metrics}} |
| | | |
| | | {% if install_nfs|bool and not install_glusterfs|bool %} |
| | | openshift_metrics_storage_kind=nfs |
| | | openshift_metrics_storage_access_modes=['ReadWriteOnce'] |
| | | openshift_metrics_storage_nfs_directory=/srv/nfs |
| | | openshift_metrics_storage_nfs_options='*(rw,root_squash)' |
| | | openshift_metrics_storage_volume_name=metrics |
| | | openshift_metrics_storage_volume_size=10Gi |
| | | openshift_metrics_storage_labels={'storage': 'metrics'} |
| | | openshift_metrics_cassandra_pvc_storage_class_name='' |
| | | {% endif %} |
| | | |
| | | {% if install_glusterfs|bool %} |
| | | openshift_metrics_cassandra_storage_type=dynamic |
| | | openshift_metrics_cassandra_pvc_storage_class_name='glusterfs-storage-block' |
| | | {% endif %} |
| | | |
| | | openshift_metrics_hawkular_nodeselector={"node-role.kubernetes.io/infra": "true"} |
| | | openshift_metrics_cassandra_nodeselector={"node-role.kubernetes.io/infra": "true"} |
| | | openshift_metrics_heapster_nodeselector={"node-role.kubernetes.io/infra": "true"} |
| | | |
| | | # Store Metrics for 2 days |
| | | openshift_metrics_duration=2 |
| | | |
| | | # Suggested Quotas and limits for Prometheus components: |
| | | openshift_prometheus_memory_requests=2Gi |
| | | openshift_prometheus_cpu_requests=750m |
| | | openshift_prometheus_memory_limit=2Gi |
| | | openshift_prometheus_cpu_limit=750m |
| | | openshift_prometheus_alertmanager_memory_requests=300Mi |
| | | openshift_prometheus_alertmanager_cpu_requests=200m |
| | | openshift_prometheus_alertmanager_memory_limit=300Mi |
| | | openshift_prometheus_alertmanager_cpu_limit=200m |
| | | openshift_prometheus_alertbuffer_memory_requests=300Mi |
| | | openshift_prometheus_alertbuffer_cpu_requests=200m |
| | | openshift_prometheus_alertbuffer_memory_limit=300Mi |
| | | openshift_prometheus_alertbuffer_cpu_limit=200m |
| | | |
| | | {# The following file will need to be copied over to the bastion before deployment |
| | | # There is an example in ocp-workshop/files |
| | | # openshift_prometheus_additional_rules_file=/root/prometheus_alerts_rules.yml #} |
| | | |
| | | ######################## |
| | | # Cluster Logging |
| | | ######################## |
| | | |
| | | openshift_logging_install_logging={{install_logging}} |
| | | openshift_logging_install_eventrouter={{install_logging}} |
| | | |
| | | {% if install_nfs|bool and not install_glusterfs|bool %} |
| | | openshift_logging_storage_kind=nfs |
| | | openshift_logging_storage_access_modes=['ReadWriteOnce'] |
| | | openshift_logging_storage_nfs_directory=/srv/nfs |
| | | openshift_logging_storage_nfs_options='*(rw,root_squash)' |
| | | openshift_logging_storage_volume_name=logging |
| | | openshift_logging_storage_volume_size=10Gi |
| | | openshift_logging_storage_labels={'storage': 'logging'} |
| | | openshift_logging_es_pvc_storage_class_name='' |
| | | {% endif %} |
| | | {% if install_glusterfs|bool %} |
| | | openshift_logging_es_pvc_dynamic=true |
| | | openshift_logging_es_pvc_size=20Gi |
| | | openshift_logging_es_pvc_storage_class_name='glusterfs-storage-block' |
| | | {% endif %} |
| | | openshift_logging_es_memory_limit=8Gi |
| | | openshift_logging_es_cluster_size=1 |
| | | openshift_logging_curator_default_days=2 |
| | | |
| | | openshift_logging_kibana_nodeselector={"node-role.kubernetes.io/infra": "true"} |
| | | openshift_logging_curator_nodeselector={"node-role.kubernetes.io/infra": "true"} |
| | | openshift_logging_es_nodeselector={"node-role.kubernetes.io/infra": "true"} |
| | | openshift_logging_eventrouter_nodeselector={"node-role.kubernetes.io/infra": "true"} |
| | | |
| | | ########################################################################### |
| | | ### OpenShift Router and Registry Vars |
| | | ########################################################################### |
| | | |
| | | # default selectors for router and registry services |
| | | # openshift_router_selector='node-role.kubernetes.io/infra=true' |
| | | # openshift_registry_selector='node-role.kubernetes.io/infra=true' |
| | | |
| | | openshift_hosted_router_replicas={{infranode_instance_count}} |
| | | |
| | | # openshift_hosted_router_certificate={"certfile": "/path/to/router.crt", "keyfile": "/path/to/router.key", "cafile": "/path/to/router-ca.crt"} |
| | | |
| | | openshift_hosted_registry_replicas=1 |
| | | openshift_hosted_registry_pullthrough=true |
| | | openshift_hosted_registry_acceptschema2=true |
| | | openshift_hosted_registry_enforcequota=true |
| | | |
| | | {% if install_glusterfs|bool %} |
| | | openshift_hosted_registry_storage_kind=glusterfs |
| | | openshift_hosted_registry_storage_volume_size=10Gi |
| | | openshift_hosted_registry_selector="node-role.kubernetes.io/infra=true" |
| | | {% endif %} |
| | | |
| | | {% if install_nfs|bool %} |
| | | openshift_hosted_registry_storage_kind=nfs |
| | | openshift_hosted_registry_storage_access_modes=['ReadWriteMany'] |
| | | openshift_hosted_registry_storage_nfs_directory=/srv/nfs |
| | | openshift_hosted_registry_storage_nfs_options='*(rw,root_squash)' |
| | | openshift_hosted_registry_storage_volume_name=registry |
| | | openshift_hosted_registry_storage_volume_size=20Gi |
| | | {% endif %} |
| | | |
| | | ########################################################################### |
| | | ### OpenShift Service Catalog Vars |
| | | ########################################################################### |
| | | |
| | | # default=true |
| | | openshift_enable_service_catalog=true |
| | | |
| | | # default=true |
| | | template_service_broker_install=true |
| | | openshift_template_service_broker_namespaces=['openshift'] |
| | | |
| | | # default=true |
| | | ansible_service_broker_install=true |
| | | ansible_service_broker_local_registry_whitelist=['.*-apb$'] |
| | | |
| | | ########################################################################### |
| | | ### OpenShift Hosts |
| | | ########################################################################### |
| | | # openshift_node_labels DEPRECATED |
| | | # openshift_node_problem_detector_install |
| | | |
| | | [OSEv3:children] |
| | | lb |
| | | masters |
| | | etcd |
| | | nodes |
| | | {% if install_nfs|bool %} |
| | | nfs |
| | | {% endif %} |
| | | {% if install_glusterfs|bool %} |
| | | glusterfs |
| | | {% endif %} |
| | | |
| | | [lb] |
| | | {% for host in groups['loadbalancers'] %} |
| | | {{ hostvars[host].internaldns }} |
| | | {% endfor %} |
| | | |
| | | [masters] |
| | | {% for host in groups['masters']|sort %} |
| | | {{ hostvars[host].internaldns }} |
| | | {% endfor %} |
| | | |
| | | [etcd] |
| | | {% for host in groups['masters']|sort %} |
| | | {{ hostvars[host].internaldns }} |
| | | {% endfor %} |
| | | |
| | | [nodes] |
| | | ## These are the masters |
| | | {% for host in groups['masters']|sort %} |
| | | {{ hostvars[host].internaldns }} openshift_node_group_name='node-config-master' |
| | | {% endfor %} |
| | | |
| | | ## These are infranodes |
| | | {% for host in groups['infranodes']|sort %} |
| | | {{ hostvars[host].internaldns }} openshift_node_group_name='node-config-infra' |
| | | {% endfor %} |
| | | |
| | | ## These are regular nodes |
| | | {% for host in groups['nodes']|sort %} |
| | | {{ hostvars[host].internaldns }} openshift_node_group_name='node-config-compute' |
| | | {% endfor %} |
| | | |
| | | {% if install_glusterfs|bool %} |
| | | ## These are OCS nodes |
| | | {% for host in groups['support']|sort %} |
| | | {{ hostvars[host].internaldns }} openshift_node_group_name='node-config-compute' |
| | | {% endfor %} |
| | | {% endif %} |
| | | |
| | | {% if install_nfs|bool %} |
| | | [nfs] |
| | | {% for host in [groups['support']|sort|first] %} |
| | | {{ hostvars[host].internaldns }} |
| | | {% endfor %} |
| | | {% endif %} |
| | | |
| | | {% if install_glusterfs|bool %} |
| | | [glusterfs] |
| | | {% for host in groups['support']|sort %} |
| | | {{ hostvars[host].internaldns }} glusterfs_devices='[ "{{ glusterfs_app_device_name }}" ]' |
| | | {% endfor %} |
| | | {% endif %} |