|
1 | 1 | # openshift-ansible-ansible |
2 | | -Ansible role which deploys OpenShift using openshift-ansible |
| 2 | + |
| 3 | +Yo dawg, I heard you like Ansible, so I put Ansible in your Ansible! |
| 4 | + |
| 5 | +# openshift-ansible-ansible |
| 6 | + |
| 7 | +Yo dawg, I heard you like Ansible, so I put Ansible in your Ansible! |
| 8 | + |
| 9 | +This is an Ansible role which deploys OpenShift using openshift-ansible. |
| 10 | + |
| 11 | +It's suitable for running a single-node production OpenShift host. |
| 12 | + |
| 13 | +Features: |
| 14 | + |
| 15 | +- Deploy the openshift-ansible inventory. |
| 16 | + |
| 17 | +- Create groups, assign users and cluster role bindings. |
| 18 | + |
| 19 | +- Create (empty) projects and group permissions. |
| 20 | + |
| 21 | +- Pragmatic local volume provisioning - manually create a number of local PVs with `nodeAffinity`. |
| 22 | + |
| 23 | +Example host variables: |
| 24 | + |
| 25 | + openshift_cluster_domain: apps.example.com |
| 26 | + |
| 27 | +Example group variables: |
| 28 | + |
| 29 | + openshift_version: "3.11" |
| 30 | + |
| 31 | + openshift_localstorage_custom_dirs: [/volumes/hosted_registry] |
| 32 | + |
| 33 | + openshift_groups: |
| 34 | + admin-users: |
| 35 | + |
| 36 | + |
| 37 | + openshift_ansible_inventory: |
| 38 | + OSEv3: |
| 39 | + hosts: |
| 40 | + <host-inserted-here>: |
| 41 | + ansible_connection: local |
| 42 | + openshift_node_group_name: node-config-all-in-one |
| 43 | + children: |
| 44 | + masters: |
| 45 | + hosts: |
| 46 | + <host-inserted-here>: |
| 47 | + etcd: |
| 48 | + hosts: |
| 49 | + <host-inserted-here>: |
| 50 | + nodes: |
| 51 | + hosts: |
| 52 | + <host-inserted-here>: |
| 53 | + vars: |
| 54 | + ansible_user: root |
| 55 | + |
| 56 | + openshift_deployment_type: origin |
| 57 | + openshift_release: "{{ openshift_version }}" |
| 58 | + openshift_master_default_subdomain: "{{ openshift_cluster_domain }}" |
| 59 | + openshift_master_cluster_hostname: "master.{{ openshift_cluster_domain }}" |
| 60 | + openshift_master_cluster_public_hostname: "console.{{ openshift_cluster_domain }}" |
| 61 | + |
| 62 | + # Disable Firewall and NTP management, assuming you have your own roles managing these |
| 63 | + os_firewall_enabled: no |
| 64 | + os_firewall_use_firewalld: no |
| 65 | + openshift_clock_enabled: no |
| 66 | + |
| 67 | + openshift_master_identity_providers: |
| 68 | + - name: google |
| 69 | + challenge: false |
| 70 | + login: true |
| 71 | + mappingMethod: claim |
| 72 | + kind: GoogleIdentityProvider |
| 73 | + clientID: [...] |
| 74 | + clientSecret: [...] |
| 75 | + hostedDomain: [...] |
| 76 | + |
| 77 | + openshift_hosted_registry_storage_kind: hostpath |
| 78 | + openshift_hosted_registry_storage_access_modes: [ReadWriteOnce] |
| 79 | + openshift_hosted_registry_storage_hostpath_path: /volumes/hosted_registry |
| 80 | + openshift_hosted_registry_storage_volume_size: 50Gi |
| 81 | + |
| 82 | + os_sdn_network_plugin_name: redhat/openshift-ovs-networkpolicy |
| 83 | + osm_host_subnet_length: 16 |
| 84 | + |
| 85 | + openshift_disable_check: docker_storage |
| 86 | + |
| 87 | + debug_level: 2 |
0 commit comments