blob: 433e9220105ca9b984b2753299a8023b77678e05 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
|
---
r_openshift_node_firewall_enabled: "{{ os_firewall_enabled | default(True) }}"
r_openshift_node_use_firewalld: "{{ os_firewall_use_firewalld | default(False) }}"
openshift_service_type: "{{ openshift.common.service_type }}"
openshift_image_tag: ''
openshift_node_ami_prep_packages:
- "{{ openshift_service_type }}-master"
- "{{ openshift_service_type }}-node"
- "{{ openshift_service_type }}-docker-excluder"
- "{{ openshift_service_type }}-sdn-ovs"
- ansible
- openvswitch
- docker
- etcd
#- pcs
- haproxy
- dnsmasq
- ntp
- logrotate
- httpd-tools
- bind
- firewalld
- libselinux-python
- conntrack-tools
- openssl
- cloud-init
- iproute
- python-dbus
- PyYAML
- yum-utils
- python2-boto
- python2-boto3
- cloud-utils-growpart
# gluster
- glusterfs-fuse
- heketi-client
# nfs
- nfs-utils
- flannel
- bash-completion
# cockpit
- cockpit-ws
- cockpit-system
- cockpit-bridge
- cockpit-docker
# iscsi
- iscsi-initiator-utils
# ceph
- ceph-common
# systemcontainer
# - runc
# - container-selinux
# - atomic
#
openshift_deployment_type: origin
openshift_node_bootstrap: False
r_openshift_node_os_firewall_deny: []
default_r_openshift_node_os_firewall_allow:
- service: Kubernetes kubelet
port: 10250/tcp
- service: http
port: 80/tcp
- service: https
port: 443/tcp
- service: OpenShift OVS sdn
port: 4789/udp
cond: openshift_use_openshift_sdn | bool
- service: Calico BGP Port
port: 179/tcp
cond: "{{ openshift_node_use_calico }}"
- service: Kubernetes service NodePort TCP
port: "{{ openshift_node_port_range | default('') }}/tcp"
cond: "{{ openshift_node_port_range is defined }}"
- service: Kubernetes service NodePort UDP
port: "{{ openshift_node_port_range | default('') }}/udp"
cond: "{{ openshift_node_port_range is defined }}"
# Allow multiple port ranges to be added to the role
r_openshift_node_os_firewall_allow: "{{ default_r_openshift_node_os_firewall_allow | union(openshift_node_open_ports | default([])) }}"
oreg_url: ''
oreg_host: "{{ oreg_url.split('/')[0] if '.' in oreg_url.split('/')[0] else '' }}"
oreg_auth_credentials_path: "{{ openshift_node_data_dir }}/.docker"
oreg_auth_credentials_replace: False
l_bind_docker_reg_auth: False
# NOTE
# r_openshift_node_*_default may be defined external to this role.
# openshift_use_*, if defined, may affect other roles or play behavior.
openshift_node_use_openshift_sdn_default: "{{ openshift_use_openshift_sdn | default(True) }}"
openshift_node_use_openshift_sdn: "{{ openshift_node_use_openshift_sdn_default }}"
openshift_node_sdn_network_plugin_name_default: "{{ os_sdn_network_plugin_name | default('redhat/openshift-ovs-subnet') }}"
openshift_node_sdn_network_plugin_name: "{{ openshift_node_sdn_network_plugin_name_default }}"
openshift_node_use_calico_default: "{{ openshift_use_calico | default(False) }}"
openshift_node_use_calico: "{{ openshift_node_use_calico_default }}"
openshift_node_use_nuage_default: "{{ openshift_use_nuage | default(False) }}"
openshift_node_use_nuage: "{{ openshift_node_use_nuage_default }}"
openshift_node_use_contiv_default: "{{ openshift_use_contiv | default(False) }}"
openshift_node_use_contiv: "{{ openshift_node_use_contiv_default }}"
openshift_node_data_dir_default: "{{ openshift_data_dir | default('/var/lib/origin') }}"
openshift_node_data_dir: "{{ openshift_node_data_dir_default }}"
|
