1 files changed, 123 insertions, 0 deletions

diff --git a/playbooks/aws/openshift-cluster/vars.yml b/playbooks/aws/openshift-cluster/vars.yml
index d774187f0..b2b0716be 100644
--- a/playbooks/aws/openshift-cluster/vars.yml
+++ b/playbooks/aws/openshift-cluster/vars.yml
@@ -31,3 +31,126 @@ deployment_vars:
   enterprise: "{{ deployment_rhel7_ent_base }}"
   openshift-enterprise: "{{ deployment_rhel7_ent_base }}"
   atomic-enterprise: "{{ deployment_rhel7_ent_base }}"
+
+clusterid: mycluster
+region: us-east-1
+
+provision:
+  clusterid: "{{ clusterid }}"
+  region: "{{ region }}"
+
+  build:  # build specific variables here
+    ami_name: "openshift-gi-"
+    base_image: ami-bdd5d6ab  # base image for AMI to build from
+    yum_repositories:  # this is an example repository but it requires sslclient info
+    - name: openshift-repo
+      file: openshift-repo
+      description: OpenShift Builds
+      baseurl: https://mirror.openshift.com/enterprise/online-int/latest/x86_64/os/
+      enabled: yes
+      gpgcheck: no
+      sslverify: no
+      sslclientcert: "/var/lib/yum/client-cert.pem"
+      sslclientkey: "/var/lib/yum/client-key.pem"
+      gpgkey: "https://mirror.ops.rhcloud.com/libra/keys/RPM-GPG-KEY-redhat-release https://mirror.ops.rhcloud.com/libra/keys/RPM-GPG-KEY-redhat-beta https://mirror.ops.rhcloud.com/libra/keys/RPM-GPG-KEY-redhat-openshifthosted"
+
+    # when creating an encrypted AMI please specify use_encryption
+    use_encryption: False
+
+    openshift_ami_tags:
+      bootstrap: "true"
+      openshift-created: "true"
+      clusterid: "{{ clusterid }}"
+
+  # Use s3 backed registry storage
+  openshift_registry_s3: True
+
+  # if using custom certificates these are required for the ELB
+  iam_cert_ca:
+    name: "{{ clusterid }}_openshift"
+    cert_path: '/path/to/wildcard.<clusterid>.example.com.crt'
+    key_path: '/path/to/wildcard.<clusterid>.example.com.key'
+    chain_path: '/path/to/cert.ca.crt'
+
+  instance_users:
+  - key_name: myuser_key
+    username: myuser
+    pub_key: |
+           ssh-rsa AAAA== myuser@system
+
+  node_group_config:
+    tags:
+      clusterid: "{{ clusterid }}"
+      environment: stg
+
+    ssh_key_name: myuser_key
+
+    # master specific cluster node settings
+    master:
+      instance_type: m4.xlarge
+      ami: ami-cdeec8b6  # if using an encrypted AMI this will be replaced
+      volumes:
+      - device_name: /dev/sdb
+        volume_size: 100
+        device_type: gp2
+        delete_on_termination: False
+      health_check:
+        period: 60
+        type: EC2
+      min_size: 3
+      max_size: 3
+      desired_size: 3
+      tags:
+        host-type: master
+        sub-host-type: default
+      wait_for_instances: True
+
+    # compute specific cluster node settings
+    compute:
+      instance_type: m4.xlarge
+      ami: ami-cdeec8b6
+      volumes:
+      - device_name: /dev/sdb
+        volume_size: 100
+        device_type: gp2
+        delete_on_termination: True
+      health_check:
+        period: 60
+        type: EC2
+      min_size: 3
+      max_size: 100
+      desired_size: 3
+      tags:
+        host-type: node
+        sub-host-type: compute
+
+    # infra specific cluster node settings
+    infra:
+      instance_type: m4.xlarge
+      ami: ami-cdeec8b6
+      volumes:
+      - device_name: /dev/sdb
+        volume_size: 100
+        device_type: gp2
+        delete_on_termination: True
+      health_check:
+        period: 60
+        type: EC2
+      min_size: 2
+      max_size: 20
+      desired_size: 2
+      tags:
+        host-type: node
+        sub-host-type: infra
+
+  # vpc settings
+  vpc:
+    cidr: 172.31.0.0/16
+    subnets:
+      us-east-1:  # These are us-east-1 region defaults. Ensure this matches your region
+      - cidr: 172.31.48.0/20
+        az: "us-east-1c"
+      - cidr: 172.31.32.0/20
+        az: "us-east-1e"
+      - cidr: 172.31.16.0/20
+        az: "us-east-1a"