blob: e70c0c42084acbd52efe001d2edc826f61832987 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
|
---
##########
# Common #
##########
openshift_hosted_infra_selector: "region=infra"
r_openshift_hosted_use_calico_default: "{{ openshift_use_calico | default(False) }}"
r_openshift_hosted_use_calico: "{{ r_openshift_hosted_use_calico_default }}"
openshift_default_projects:
default:
default_node_selector: ''
logging:
default_node_selector: ''
openshift-infra:
default_node_selector: ''
# openshift_additional_projects shares the same format as openshift_default_projects
openshift_additional_projects: {}
openshift_config_base: "/etc/origin"
openshift_master_config_dir: "{{ openshift.common.config_base | default(openshift_config_base) }}/master"
openshift_cluster_domain: 'cluster.local'
##########
# Router #
##########
r_openshift_hosted_router_firewall_enabled: "{{ os_firewall_enabled | default(True) }}"
r_openshift_hosted_router_use_firewalld: "{{ os_firewall_use_firewalld | default(False) }}"
openshift_hosted_router_wait: "{{ not (openshift_master_bootstrap_enabled | default(False)) }}"
openshift_hosted_router_edits:
- key: spec.strategy.rollingParams.intervalSeconds
value: 1
action: put
- key: spec.strategy.rollingParams.updatePeriodSeconds
value: 1
action: put
- key: spec.strategy.activeDeadlineSeconds
value: 21600
action: put
openshift_hosted_routers:
- name: router
replicas: "{{ replicas | default(1) }}"
namespace: default
serviceaccount: router
selector: "{{ openshift_hosted_router_selector | default(None) }}"
images: "{{ openshift_hosted_router_image | default(None) }}"
edits: "{{ openshift_hosted_router_edits }}"
stats_port: 1936
ports:
- 80:80
- 443:443
certificate: "{{ openshift_hosted_router_certificate | default({}) }}"
openshift_hosted_router_certificate: {}
openshift_hosted_router_create_certificate: True
r_openshift_hosted_router_os_firewall_deny: []
r_openshift_hosted_router_os_firewall_allow: []
############
# Registry #
############
r_openshift_hosted_registry_firewall_enabled: "{{ os_firewall_enabled | default(True) }}"
r_openshift_hosted_registry_use_firewalld: "{{ os_firewall_use_firewalld | default(False) }}"
openshift_hosted_registry_name: docker-registry
openshift_hosted_registry_wait: "{{ not (openshift_master_bootstrap_enabled | default(False)) }}"
openshift_hosted_registry_cert_expire_days: 730
r_openshift_hosted_registry_os_firewall_deny: []
r_openshift_hosted_registry_os_firewall_allow:
- service: Docker Registry Port
port: 5000/tcp
cond: "{{ r_openshift_hosted_use_calico }}"
openshift_hosted_registry_serviceaccount: registry
openshift_hosted_registry_volumes: []
openshift_hosted_registry_env_vars: {}
openshift_hosted_registry_clusterip: null
# These edits are being specified only to prevent 'changed' on rerun
openshift_hosted_registry_edits:
- key: spec.strategy.rollingParams
value:
intervalSeconds: 1
maxSurge: "25%"
maxUnavailable: "25%"
timeoutSeconds: 600
updatePeriodSeconds: 1
action: put
openshift_hosted_registry_force:
- False
openshift_push_via_dns: False
# NOTE: settting openshift_docker_hosted_registry_insecure may affect other roles
openshift_hosted_docker_registry_insecure_default: "{{ openshift_docker_hosted_registry_insecure | default(False) }}"
openshift_hosted_docker_registry_insecure: "{{ openshift_hosted_docker_registry_insecure_default }}"
|
