--- ########## # Common # ########## openshift_hosted_infra_selector: "node-role.kubernetes.io/infra=true" r_openshift_hosted_use_calico_default: "{{ openshift_use_calico | default(False) }}" r_openshift_hosted_use_calico: "{{ r_openshift_hosted_use_calico_default }}" openshift_default_projects: default: default_node_selector: '' openshift-logging: default_node_selector: '' openshift-infra: default_node_selector: '' # openshift_additional_projects shares the same format as openshift_default_projects openshift_additional_projects: {} openshift_config_base: "/etc/origin" openshift_cluster_domain: 'cluster.local' openshift_hosted_images_dict: origin: 'docker.io/openshift/origin-${component}:${version}' openshift-enterprise: 'registry.access.redhat.com/openshift3/ose-${component}:${version}' ########## # Router # ########## r_openshift_hosted_router_firewall_enabled: "{{ os_firewall_enabled | default(True) }}" r_openshift_hosted_router_use_firewalld: "{{ os_firewall_use_firewalld | default(False) }}" openshift_hosted_router_selector: "{{ openshift_router_selector | default(openshift_hosted_infra_selector) }}" openshift_hosted_router_namespace: 'default' openshift_hosted_router_wait: False openshift_hosted_router_edits: - key: spec.strategy.rollingParams.intervalSeconds value: 1 action: put - key: spec.strategy.rollingParams.updatePeriodSeconds value: 1 action: put - key: spec.strategy.activeDeadlineSeconds value: 21600 action: put openshift_hosted_router_registryurl: "{{ oreg_url_master | default(oreg_url) | default(openshift_hosted_images_dict[openshift_deployment_type]) | regex_replace('${version}' | regex_escape, openshift_image_tag | default('${version}')) }}" openshift_hosted_routers: - name: router replicas: "{{ replicas | default(1) }}" namespace: default serviceaccount: router selector: "{{ openshift_hosted_router_selector | default(None) }}" images: "{{ openshift_hosted_router_registryurl }}" edits: "{{ openshift_hosted_router_edits }}" stats_port: 1936 ports: - 80:80 - 443:443 certificate: "{{ openshift_hosted_router_certificate | default({}) }}" openshift_hosted_router_certificate: {} openshift_hosted_router_create_certificate: True r_openshift_hosted_router_os_firewall_deny: [] r_openshift_hosted_router_os_firewall_allow: [] ############ # Registry # ############ openshift_hosted_registry_selector: "{{ openshift_registry_selector | default(openshift_hosted_infra_selector) }}" openshift_hosted_registry_registryurl: "{{ oreg_url_master | default(oreg_url) | default(openshift_hosted_images_dict[openshift_deployment_type]) | regex_replace('${version}' | regex_escape, openshift_image_tag | default('${version}')) }}" openshift_hosted_registry_routecertificates: {} openshift_hosted_registry_routetermination: "passthrough" r_openshift_hosted_registry_firewall_enabled: "{{ os_firewall_enabled | default(True) }}" r_openshift_hosted_registry_use_firewalld: "{{ os_firewall_use_firewalld | default(False) }}" openshift_hosted_registry_name: docker-registry openshift_hosted_registry_wait: False openshift_hosted_registry_cert_expire_days: 730 r_openshift_hosted_registry_os_firewall_deny: [] r_openshift_hosted_registry_os_firewall_allow: - service: Docker Registry Port port: 5000/tcp cond: "{{ r_openshift_hosted_use_calico }}" openshift_hosted_registry_serviceaccount: registry openshift_hosted_registry_volumes: [] openshift_hosted_registry_env_vars: {} openshift_hosted_registry_clusterip: null # These edits are being specified only to prevent 'changed' on rerun openshift_hosted_registry_edits: - key: spec.strategy.rollingParams value: intervalSeconds: 1 maxSurge: "25%" maxUnavailable: "25%" timeoutSeconds: 600 updatePeriodSeconds: 1 action: put openshift_hosted_registry_force: - False # TODO: this flag should be removed when master bootstrapping is enforced openshift_push_via_dns: True # NOTE: settting openshift_docker_hosted_registry_insecure may affect other roles openshift_hosted_docker_registry_insecure_default: "{{ openshift_docker_hosted_registry_insecure | default(False) }}" openshift_hosted_docker_registry_insecure: "{{ openshift_hosted_docker_registry_insecure_default }}" openshift_hosted_registry_storage_azure_blob_realm: core.windows.net openshift_hosted_registry_replicas: 1