nicolas
/
OpenShift-Implementation-at-ITIX
mirror of https://github.com/nmasse-itix/OpenShift-Implementation-at-ITIX.git
1
0
Fork 0
Code Issues Releases Wiki Activity
OpenShift Origin Implementation at ITIX (mostly Ansible Playbooks)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
56 Commits
1 Branch
0 Tags
102 KiB
 
Tree: 87284ea91a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '87284ea91a'
${ noResults }
OpenShift-Implementation-at.../prod.hosts

84 lines
2.7 KiB
Raw Blame History

#
# Variables used by the ITIX playbook
#
[itix:vars]
itix_dns_suffix=itix.fr
itix_openshift_version=3.11
[itix:children]
masters
#
# Shared variables used by both openshift-ansible and the ITIX playbook
#
[all:vars]
# Default route suffix
openshift_master_default_subdomain=app.itix.fr
[masters]
openshift.itix.fr
[etcd]
openshift.itix.fr
[nodes]
openshift.itix.fr openshift_node_group_name='node-config-all-in-one'
#
# The rest is used only by the OpenShift installer playbook
#
[OSEv3:children]
masters
nodes
etcd
[OSEv3:vars]
# Yes, we need to use sudo
ansible_become=yes
# what to install
deployment_type=openshift-enterprise
# Clustering method
openshift_master_cluster_method=native
# Make sure NTP is enabled
openshift_clock_enabled=true
# Do not create the default project "my-project"
openshift_additional_projects={}
# Enable the "flat network" SDN
os_sdn_network_plugin_name='redhat/openshift-ovs-subnet'
# Do not use CRI-O
openshift_use_crio=false
# Use Firewalld
os_firewall_use_firewalld=yes
# Let's encrypt Certificates
openshift_master_overwrite_named_certificates=true
openshift_master_named_certificates=[{ "certfile": "{{ lookup('env','HOME') }}/.lego/certificates/openshift.itix.fr.crt", "keyfile": "{{ lookup('env','HOME') }}/.lego/certificates/openshift.itix.fr.key", "cafile": "{{ lookup('env','HOME') }}/.lego/certificates/openshift.itix.fr.issuer.crt", "names": [ "openshift.itix.fr" ] }]
openshift_hosted_router_certificate={ "certfile": "{{ lookup('env','HOME') }}/.lego/certificates/openshift.itix.fr.crt", "keyfile": "{{ lookup('env','HOME') }}/.lego/certificates/openshift.itix.fr.key", "cafile": "{{ lookup('env','HOME') }}/.lego/certificates/openshift.itix.fr.issuer.crt" }
openshift_master_openid_ca_file="{{ lookup('env','HOME') }}/.lego/certificates/openshift.itix.fr.issuer.crt"
# Since we are using Let's Encrypt, generate a warning about expiration only
# during the last 30 days
openshift_certificate_expiry_warning_days=30
# Since we have a public certificate for the master console, we need two different hostnames
openshift_master_cluster_hostname=openshift-internal.itix.fr
openshift_master_cluster_public_hostname=openshift.itix.fr
# Skip docker images check since it fails no matter what
openshift_disable_check=docker_image_availability
# Inject the MAVEN_MIRROR_URL in all builds
openshift_builddefaults_json='{"BuildDefaults":{"configuration":{"apiVersion":"v1","env":[{"name":"MAVEN_MIRROR_URL","value":"http://nexus.factory.svc.cluster.local:8081/repository/maven-all-public/"}],"kind":"BuildDefaultsConfig"}}}'
# Raise the pod-per-core and max-pods limits
openshift_node_kubelet_args='{"pods-per-core":["40"]}'
# Set the NodePort range for Bittorrent use
openshift_node_port_range="6881-6999"