### Deployment Type openshift_deployment_type: origin openshift_master_cluster_method: "native" #openshift_release: "v1.5" openshift_release: "v3.7.1" #openshift_release: "v3.7" #openshift_image_tag: "v1.5.0-rc.0" #openshift_image_tag: "v3.7.1" #openshift_pkg_version=-3.7.0 #openshift_hosted_metrics_deployer_version: "v1.5.0-rc.0" #openshift_hosted_metrics_deployer_version: "v3.7.1" #containerized: true containerized: false os_firewall_use_firewalld: true #Recommended to avoid: No package matching 'origin-docker-excluder-1.5.0*' found available #enable_excluders: false #enable_docker_excluder: false ### Network & DNS configuration openshift_master_cluster_hostname: "{{ ands_openshift_cluster_fqdn }}" openshift_master_cluster_public_hostname: "{{ ands_openshift_lb }}" openshift_master_default_subdomain: "{{ ands_openshift_subdomain | default(ands_openshift_lb) }}" openshift_master_ingress_ip_network_cidr: "{{ ands_openshift_ingress_network }}" #openshift_portal_net: #osm_host_subnet_length: # we may need to put conditionals here (except _ip). Currently values set to '' if undifined (OpenShift uses None which is equivalent in ansible) openshift_ip: "{{ ands_openshift_ip }}" openshift_public_ip: "{{ ands_openshift_public_ip }}" openshift_hostname: "{{ ands_openshift_fqdn }}" openshift_public_hostname: "{{ ands_openshift_public_fqdn }}" #Check configuration to fight dynamic IPs # We have per node DNS, so it is not necessary to use vips here. # This overrides default in roles/openshift_node/defaults which sets dns_ip to: ansible_default_ipv4['address'] openshift_dns_ip: "{{ openshift_ip }}" openshift_set_node_ip: true ### Node configuration openshift_schedulable: true openshift_node_labels: "{{ ands_openshift_labels }}" #openshift_hosted_infra_selector: "region=infra" # Fine tunning openshift_master_pod_eviction_timeout: 30s ### Authentication openshift_master_identity_providers: [{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider', 'filename': '/etc/origin/master/htpasswd'}] openshift_master_htpasswd_users: {'pdv': '$apr1$ACvj6uUa$Nm1Vq8hZq3RzTtaYpAHv01', 'csa': '$apr1$IqEwdnzy$UAdd8ZSFnXommBbj29w3c0'} ### Certificates & Security openshift_ca_cert_expire_days: 3650 openshift_hosted_registry_cert_expire_days: 3650 openshift_node_cert_expire_days: 3650 openshift_master_cert_expire_days: 3650 etcd_ca_default_days: 3650 ### Docker # log_driver is currently ignored for some reason openshift_docker_log_driver: "json-file" openshift_docker_log_options: [ max-size=2m, max-file=3 ] openshift_docker_options: --log-driver json-file #openshift_docker_options: --log-opt max-size=2m --log-opt max-file=3 ### Dynamic Storage openshift_storage_glusterfs_image: chsa/gluster-centos openshift_storage_glusterfs_version: "{{ glusterfs_version }}" #openshift_storage_glusterfs_version: '3.12.5' # Latest 3.10.1 #openshift_storage_glusterfs_is_native: True #openshift_storage_glusterfs_is_native: False #openshift_storage_glusterfs_is_missing: False #openshift_storage_glusterfs_heketi_is_native: True #openshift_storage_glusterfs_heketi_url: #openshift_storage_glusterfs_heketi_is_missing: False #openshift_storage_glusterfs_heketi_executor: 'ssh' #openshift_storage_glusterfs_heketi_ssh_port: 22 #openshift_storage_glusterfs_heketi_ssh_user: 'root' #openshift_storage_glusterfs_heketi_ssh_keyfile: "{{ omit }}" ### Modules & Configuration openshift_master_dynamic_provisioning_enabled: true #openshift_metrics_install_metrics: false openshift_metrics_install_metrics: true openshift_metrics_storage_kind: dynamic openshift_metrics_cassanda_pvc_storage_class_name: glusterfs-storage #openshift_metrics_storage_volume_size: #openshift_metrics_hawkular_hostname: https://hawkular-metrics.{{openshift_master_default_subdomain}}/hawkular/metrics #Problematic and resource intensive #openshift_logging_install_logging: true #openshift_logging_storage_kind: dynamic #openshift_logging_es_pvc_storage_class_name: glusterfs-storage # Does not work #openshift_logging_es_pvc_size: 1Gi #openshift_master_logging_public_url: #Catalog services #openshift_enable_service_catalog: false #ansible_service_broker_install: false #openshift_hosted_etcd_storage_kind #openshift_hosted_etcd_storage_volume_size openshift_install_examples: true # Required for IPFailover openshift_clock_enabled: true #This is required by OpenShift upgrade (may be something else) g_ssh_user: "{{ ansible_ssh_user }}"