## TODO: What variables can we strip out of here to build complex variables? ## i.e. what can we add into group_vars as opposed to config_vars? ## Example: We don't really need "subdomain_base_short". If we want to use this, ## should just toss in group_vars/all. ### Also, we should probably just create a variable reference in the README.md ### For now, just tagging comments in line with configuration file. ### Vars that can be removed: # use_satellite: true # use_subscription_manager: false # use_own_repos: false ###### VARIABLES YOU SHOULD CONFIGURE FOR YOUR DEPLOYEMNT ###### OR PASS as "-e" args to ansible-playbook command ### Common Host settings # FTL Settings install_ftl: true ftl_use_python3: true repo_method: file # Other Options are: file, satellite and rhn install_ipa_client: false install_student_user: false # Do you want to run a full yum update update_packages: false #If using repo_method: satellite, you must set these values as well. # satellite_url: satellite.example.com # satellite_org: Sat_org_name # satellite_activationkey: "rhel7basic" ## guid is the deployment unique identifier, it will be appended to all tags, ## files and anything that identifies this environment from another "just like it" guid: defaultguid # This var is used to identify stack (cloudformation, azure resourcegroup, ...) project_tag: "{{ env_type }}-{{ guid }}" # This is where the ssh_config file will be created, this file is used to # define the communication method to all the hosts in the deployment deploy_local_ssh_config_location: "{{output_dir}}/" install_bastion: true install_common: true ## SB Don't set software_to_deploy from here, always use extra vars (-e) or "none" will be used #software_to_deploy:: none # repo_version: "3.6" ### If you want a Key Pair name created and injected into the hosts, # set `set_env_authorized_key` to true and set the keyname in `env_authorized_key` # you can use the key used to create the environment or use your own self generated key # if you set "use_own_key" to false your PRIVATE key will be copied to the bastion. (This is {{key_name}}) use_own_key: true env_authorized_key: "{{guid}}key" ansible_ssh_private_key_file: ~/.ssh/{{key_name}}.pem set_env_authorized_key: true # Is this running from Red Hat Ansible Tower tower_run: false ### Azure # Create a dedicated resourceGroup for this deployment az_destroy_method: resource_group az_resource_group: "{{ project_tag }}" # you can operate differently: if you share on resourceGroup for all you deployments, # you can specify a different resourceGroup and method: #az_destroy_method: deployment #az_resource_group: my-shared-resource-group ### AWS EC2 Environment settings ### Route 53 Zone ID (AWS) # This is the Route53 HostedZoneId where you will create your Public DNS entries # This only needs to be defined if your CF template uses route53 HostedZoneId: Z3IHLWJZOU9SRT # The region to be used, if not specified by -e in the command line aws_region: us-east-1 # The key that is used to key_name: "default_key_name" ## Networking (AWS) subdomain_base_short: "{{ guid }}" subdomain_base_suffix: ".example.opentlc.com" subdomain_base: "{{subdomain_base_short}}{{subdomain_base_suffix}}" ## Environment Sizing bastion_instance_type: "t2.medium" frontend_instance_type: "t2.small" app_instance_type: "{{ frontend_instance_type }}" appdb_instance_type: "{{ frontend_instance_type }}" support_instance_type: "t2.small" frontend_instance_count: 1 app_instance_count: 2 appdb_instance_count: 1 support_instance_count: 1 rootfs_size_bastion: 50 bastion_instance_image: RHELAMI frontend_instance_image: RHELAMI app_instance_image: RHELAMI appdb_instance_image: RHELAMI support_instance_image: RHELAMI instances: - name: bastion count: 1 unique: true public_dns: true dns_loadbalancer: true floating_ip: true image_id: "{{ bastion_instance_image }}" flavor: ec2: "{{bastion_instance_type}}" osp: "{{bastion_instance_type}}" azure: Standard_A2_V2 tags: - key: "AnsibleGroup" value: "bastions" - key: "ostype" value: "linux" - key: "instance_filter" value: "{{ env_type }}-{{ email }}" rootfs_size: "{{ rootfs_size_bastion }}" security_groups: - BastionSG - name: "frontend" count: "{{frontend_instance_count}}" public_dns: true dns_loadbalancer: true image_id: "{{ frontend_instance_image }}" flavor: ec2: "{{frontend_instance_type}}" osp: "{{frontend_instance_type}}" azure: "Standard_A2_V2" tags: - key: "AnsibleGroup" value: "frontends" - key: "ostype" value: "linux" - key: "instance_filter" value: "{{ env_type }}-{{ email }}" security_groups: - DefaultSG - name: "app" count: "{{app_instance_count}}" public_dns: true image_id: "{{ app_instance_image }}" flavor: ec2: "{{app_instance_type}}" osp: "{{app_instance_type}}" azure: "Standard_A2_V2" tags: - key: "AnsibleGroup" value: "apps" - key: "ostype" value: "rhel" - key: "instance_filter" value: "{{ env_type }}-{{ email }}" key_name: "{{key_name}}" security_groups: - DefaultSG - name: "appdb" count: "{{appdb_instance_count}}" public_dns: true image_id: "{{ appdb_instance_image }}" flavor: ec2: "{{appdb_instance_type}}" azure: "Standard_A2_V2" osp: "{{appdb_instance_type}}" tags: - key: "AnsibleGroup" value: "appdbs" - key: "ostype" value: "rhel" - key: "instance_filter" value: "{{ env_type }}-{{ email }}" key_name: "{{key_name}}" security_groups: - DefaultSG - name: "support" count: "{{support_instance_count}}" public_dns: true image_id: "{{ support_instance_image }}" flavor: ec2: "{{support_instance_type}}" osp: "{{support_instance_type}}" azure: "Standard_A2_V2" tags: - key: "AnsibleGroup" value: "support" - key: "ostype" value: "rhel" - key: "instance_filter" value: "{{ env_type }}-{{ email }}" key_name: "{{key_name}}" security_groups: - DefaultSG ###### VARIABLES YOU SHOULD ***NOT*** CONFIGURE FOR YOUR DEPLOYEMNT ###### You can, but you usually wouldn't need to. ansible_user: ec2-user remote_user: ec2-user common_packages: - python - unzip - bash-completion - tmux - bind-utils - wget - git - vim-enhanced - at - ansible rhel_repos: - rhel-7-server-rpms - rhel-7-server-extras-rpms - rhel-server-rhscl-7-rpms - epel-release-latest-7 ## Currently there is no NFS created for this Environment - See ocp-workshop for clues. # ## NFS Server settings # nfs_vg: nfsvg # nfs_pvs: /dev/xvdb # nfs_export_path: /srv/nfs # # nfs_shares: # - es-storage # - user-vols # - jenkins # - nexus # - nexus2 zone_internal_dns: "{{guid}}.internal." chomped_zone_internal_dns: "{{guid}}.internal" frontend_public_dns: "frontendlb.{{subdomain_base}}." #tower_public_dns: "tower.{{subdomain_base}}." bastion_public_dns: "bastion.{{subdomain_base}}." bastion_public_dns_chomped: "bastion.{{subdomain_base}}" vpcid_cidr_block: "192.168.0.0/16" vpcid_name_tag: "{{subdomain_base}}" az_1_name: "{{ aws_region }}a" az_2_name: "{{ aws_region }}b" subnet_private_1_cidr_block: "192.168.2.0/24" subnet_private_1_az: "{{ az_2_name }}" subnet_private_1_name_tag: "{{subdomain_base}}-private" subnet_private_2_cidr_block: "192.168.1.0/24" subnet_private_2_az: "{{ az_1_name }}" subnet_private_2_name_tag: "{{subdomain_base}}-private" subnet_public_1_cidr_block: "192.168.10.0/24" subnet_public_1_az: "{{ az_1_name }}" subnet_public_1_name_tag: "{{subdomain_base}}-public" subnet_public_2_cidr_block: "192.168.20.0/24" subnet_public_2_az: "{{ az_2_name }}" subnet_public_2_name_tag: "{{subdomain_base}}-public" dopt_domain_name: "{{ aws_region }}.compute.internal" rtb_public_name_tag: "{{subdomain_base}}-public" rtb_private_name_tag: "{{subdomain_base}}-private" cf_template_description: "{{ env_type }}-{{ guid }} Ansible Agnostic Deployer " #### OSP #### # See cloud_providers/osp_default_vars.yml # See roles-infra/infra-osp-project-create/defaults/main.yml # Set this to true if you need to create a new project in OpenStack # This should almost always be set to true for OpenShift installations # If it is set to false, the {{ osp_project_name }} must already exist and # should be able to run whatever you are deploying #osp_project_create: true # If osp_project_create is set to yes, define those: # Quotas to set for new project that is created #quota_num_instances: 15 #quota_num_cores: 72 #quota_memory: 131072 # in MB #quota_num_volumes: 25 #quota_volumes_gigs: 500 #quota_loadbalancers: #when Octavia is available #quota_pool: #when Octavia is available #quota_networks: 3 #quota_subnets: 3 #quota_routers: 3 quota_fip: 7 #quota_sg: 10 #quota_sg_rules: 100