Home Explore Help
Register Sign In
shixiong
/
okd
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 80f0245f3d
Branches Tags
okd
/
roles
/
etcd
/
defaults
/
main.yaml

main.yaml 4.7 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116 
  1. ---
    2. 

  2. r_etcd_common_backup_tag: ''
    3. 

  3. r_etcd_common_backup_sufix_name: ''
    4. 

  4. 

  5. l_etcd_bootstrapped: '{{ openshift.node.bootstrapped }}'
    6. 

  6. 

  7. l_etcd_static_pod: "{{ (inventory_hostname in groups['oo_masters']) | bool }}"
    8. 

  8. 

  9. # runc, docker, static pod, host
    10. 

  10. r_etcd_common_etcd_runtime: "{{ 'static_pod' if l_etcd_static_pod  else 'host' }}"
    11. 

  11. 

  12. r_etcd_default_version: "3.2.22"
    13. 

  13. # lib_utils_oo_oreg_image is a custom filter defined in roles/lib_utils/filter_plugins/oo_filters.py
    14. 

  14. # This filter attempts to combine oreg_url host with project/component from etcd_image_dict.
    15. 

  15. # "oreg.example.com/openshift3/ose-${component}:${version}"
    16. 

  16. # becomes "oreg.example.com/rhel7/etcd:{{ r_etcd_upgrade_version | default(r_etcd_default_version) }}"
    17. 

  17. osm_etcd_image: "{{ etcd_image_dict[openshift_deployment_type] | lib_utils_oo_oreg_image((oreg_url | default('None'))) }}"
    18. 

  18. etcd_image_dict:
    19. 

  19.   origin: "quay.io/coreos/etcd:v{{ r_etcd_upgrade_version | default(r_etcd_default_version) }}"
    20. 

  20.   openshift-enterprise: "registry.redhat.io/rhel7/etcd:{{ r_etcd_upgrade_version | default(r_etcd_default_version) }}"
    21. 

  21. etcd_image: "{{ osm_etcd_image }}"
    22. 

  22. 

  23. # etcd run on a host => use etcdctl command directly
    24. 

  24. etcdctl_dict:
    25. 

  25.   host: 'etcdctl'
    26. 

  26.   static_pod: '/usr/local/bin/master-exec etcd etcd etcdctl'
    27. 

  27. r_etcd_common_etcdctl_command: "{{ etcdctl_dict[r_etcd_common_etcd_runtime] }}"
    28. 

  28. 

  29. # etcd server vars
    30. 

  30. etcd_conf_dir: '/etc/etcd'
    31. 

  31. etcd_conf_file: "{{ etcd_conf_dir }}/etcd.conf"
    32. 

  32. etcd_ca_file: "{{ etcd_conf_dir }}/ca.crt"
    33. 

  33. etcd_cert_file: "{{ etcd_conf_dir }}/server.crt"
    34. 

  34. etcd_cert_subdir: "etcd-{{ openshift.common.hostname }}"
    35. 

  35. etcd_key_file: "{{ etcd_conf_dir }}/server.key"
    36. 

  36. etcd_peer_ca_file: "{{ etcd_conf_dir }}/ca.crt"
    37. 

  37. etcd_peer_cert_file: "{{ etcd_conf_dir }}/peer.crt"
    38. 

  38. etcd_peer_key_file: "{{ etcd_conf_dir }}/peer.key"
    39. 

  39. 

  40. # etcd ca vars
    41. 

  41. etcd_ca_dir: "{{ etcd_conf_dir}}/ca"
    42. 

  42. etcd_generated_certs_dir: "{{ etcd_conf_dir }}/generated_certs"
    43. 

  43. etcd_cert_prefix: ''
    44. 

  44. etcd_cert_config_dir: "/etc/etcd"
    45. 

  45. etcd_ca_cert: "{{ etcd_ca_dir }}/ca.crt"
    46. 

  46. etcd_ca_key: "{{ etcd_ca_dir }}/ca.key"
    47. 

  47. etcd_openssl_conf: "{{ etcd_ca_dir }}/openssl.cnf"
    48. 

  48. etcd_ca_name: etcd_ca
    49. 

  49. etcd_req_ext: etcd_v3_req
    50. 

  50. etcd_ca_exts_peer: etcd_v3_ca_peer
    51. 

  51. etcd_ca_exts_server: etcd_v3_ca_server
    52. 

  52. etcd_ca_exts_self: etcd_v3_ca_self
    53. 

  53. etcd_ca_exts_client: etcd_v3_ca_client
    54. 

  54. etcd_ca_crl_dir: "{{ etcd_ca_dir }}/crl"
    55. 

  55. etcd_ca_new_certs_dir: "{{ etcd_ca_dir }}/certs"
    56. 

  56. etcd_ca_db: "{{ etcd_ca_dir }}/index.txt"
    57. 

  57. etcd_ca_serial: "{{ etcd_ca_dir }}/serial"
    58. 

  58. etcd_ca_crl_number: "{{ etcd_ca_dir }}/crlnumber"
    59. 

  59. etcd_ca_default_days: 1825
    60. 

  60. 

  61. r_etcd_common_master_peer_cert_file: /etc/origin/master/master.etcd-client.crt
    62. 

  62. r_etcd_common_master_peer_key_file: /etc/origin/master/master.etcd-client.key
    63. 

  63. r_etcd_common_master_peer_ca_file: /etc/origin/master/master.etcd-ca.crt
    64. 

  64. 

  65. # etcd server & certificate vars
    66. 

  66. etcd_hostname: "{{ openshift.common.hostname }}"
    67. 

  67. etcd_ip: "{{ openshift.common.ip }}"
    68. 

  68. etcd_is_atomic: "{{ openshift_is_atomic }}"
    69. 

  69. etcd_is_thirdparty: False
    70. 

  70. 

  71. # etcd dir vars
    72. 

  72. etcd_data_dir: "/var/lib/etcd/"
    73. 

  73. 

  74. # etcd ports and protocols
    75. 

  75. etcd_client_port: 2379
    76. 

  76. etcd_peer_port: 2380
    77. 

  77. etcd_url_scheme: https
    78. 

  78. etcd_peer_url_scheme: https
    79. 

  79. 

  80. etcd_initial_cluster_state: new
    81. 

  81. etcd_initial_cluster_token: etcd-cluster-1
    82. 

  82. 

  83. etcd_initial_advertise_peer_urls: "{{ etcd_peer_url_scheme }}://{{ etcd_ip }}:{{ etcd_peer_port }}"
    84. 

  84. etcd_listen_peer_urls: "{{ etcd_peer_url_scheme }}://{{ etcd_ip }}:{{ etcd_peer_port }}"
    85. 

  85. etcd_advertise_client_urls: "{{ etcd_url_scheme }}://{{ etcd_ip }}:{{ etcd_client_port }}"
    86. 

  86. etcd_listen_client_urls: "{{ etcd_url_scheme }}://{{ etcd_ip }}:{{ etcd_client_port }}"
    87. 

  87. 

  88. # required role variable
    89. 

  89. #etcd_peer: 127.0.0.1
    90. 

  90. etcdctlv2: "{{ r_etcd_common_etcdctl_command }} --cert-file {{ etcd_peer_cert_file }} --key-file {{ etcd_peer_key_file }} --ca-file {{ etcd_peer_ca_file }} -C https://{{ etcd_peer }}:{{ etcd_client_port }}"
    91. 

  91. 

  92. etcd_service: etcd
    93. 

  93. # Location of the service file is fixed and not meant to be changed
    94. 

  94. etcd_service_file: "/etc/systemd/system/{{ etcd_service }}.service"
    95. 

  95. 

  96. r_etcd_firewall_enabled: "{{ os_firewall_enabled | default(True) }}"
    97. 

  97. r_etcd_use_firewalld: "{{ os_firewall_use_firewalld | default(False) }}"
    98. 

  98. 

  99. etcd_systemd_dir: "/etc/systemd/system/{{ etcd_service }}.service.d"
    100. 

  100. r_etcd_os_firewall_deny: []
    101. 

  101. r_etcd_os_firewall_allow:
    102. 

  102. - service: etcd
    103. 

  103.   port: "{{etcd_client_port}}/tcp"
    104. 

  104. - service: etcd peering
    105. 

  105.   port: "{{ etcd_peer_port }}/tcp"
    106. 

  106. 

  107. # set the backend quota to 4GB by default
    108. 

  108. etcd_quota_backend_bytes: 4294967296
    109. 

  109. 

  110. openshift_docker_service_name: "docker"
    111. 

  111. 

  112. etcd_ca_host: "{{ groups['oo_etcd_to_config'].0 }}"
    113. 

  113. 

  114. l_etcd_restart_command: "{{ l_etcd_static_pod | ternary('/usr/local/bin/master-restart etcd', 'systemctl restart etcd') }}"
    115. 

  115. 

  116. etcd_static_pod_location: "{{ openshift_control_plane_static_pod_location | default('/etc/origin/node/pods/') }}"
    117.