#
# Variables used by Integr8ly
#

[master:children]
masters

#
# Variables used by the ITIX playbook
#
[itix:vars]
itix_dns_suffix=itix.fr
itix_openshift_version=3.11

[itix:children]
masters

#
# Shared variables used by both openshift-ansible and the ITIX playbook
#
[all:vars]
# Default route suffix
openshift_master_default_subdomain=app.itix.fr

[masters]
openshift.itix.fr

[etcd]
openshift.itix.fr

[nodes]
openshift.itix.fr openshift_node_group_name='node-config-all-in-one'

#
# The rest is used only by the OpenShift installer playbook
#
[OSEv3:children]
masters
nodes
etcd

[OSEv3:vars]
# Yes, we need to use sudo
ansible_become=yes

# what to install
deployment_type=openshift-enterprise

# Clustering method
openshift_master_cluster_method=native

# Make sure NTP is enabled
openshift_clock_enabled=true

# Do not create the default project "my-project"
openshift_additional_projects={}

# Enable the "flat network" SDN
os_sdn_network_plugin_name='redhat/openshift-ovs-subnet'

# Do not use CRI-O
openshift_use_crio=false

# Use Firewalld
os_firewall_use_firewalld=yes

# Let's encrypt Certificates
openshift_master_overwrite_named_certificates=true
openshift_master_named_certificates=[{ "certfile": "{{ lookup('env','HOME') }}/.lego/certificates/openshift.itix.fr.crt", "keyfile": "{{ lookup('env','HOME') }}/.lego/certificates/openshift.itix.fr.key", "cafile": "{{ lookup('env','HOME') }}/.lego/certificates/openshift.itix.fr.issuer.crt", "names": [ "openshift.itix.fr" ] }]
openshift_hosted_router_certificate={ "certfile": "{{ lookup('env','HOME') }}/.lego/certificates/openshift.itix.fr.crt", "keyfile": "{{ lookup('env','HOME') }}/.lego/certificates/openshift.itix.fr.key", "cafile": "{{ lookup('env','HOME') }}/.lego/certificates/openshift.itix.fr.issuer.crt" }
openshift_master_openid_ca_file="{{ lookup('env','HOME') }}/.lego/certificates/openshift.itix.fr.issuer.crt"

# Since we are using Let's Encrypt, generate a warning about expiration only
# during the last 30 days
openshift_certificate_expiry_warning_days=30

# Since we have a public certificate for the master console, we need two different hostnames
openshift_master_cluster_hostname=openshift-internal.itix.fr
openshift_master_cluster_public_hostname=openshift.itix.fr

# Skip docker images check since it fails no matter what
openshift_disable_check=docker_image_availability

# Inject the MAVEN_MIRROR_URL in all builds
openshift_builddefaults_json='{"BuildDefaults":{"configuration":{"apiVersion":"v1","env":[{"name":"MAVEN_MIRROR_URL","value":"http://nexus.factory.svc.cluster.local:8081/repository/maven-all-public/"}],"kind":"BuildDefaultsConfig"}}}'

# Raise the pod-per-core and max-pods limits
openshift_node_kubelet_args='{"pods-per-core":["40"]}'

# Set the NodePort range for Bittorrent use
openshift_node_port_range="6881-6999"

# Integr8ly webapp in dev mode
osm_custom_cors_origins=['http://localhost:3006']