okd/roles/openshift_hosted/defaults/main.yml

---
##########
# Common #
##########
openshift_hosted_infra_selector: "region=infra"
r_openshift_hosted_use_calico_default: "{{ openshift_use_calico | default(False) }}"
r_openshift_hosted_use_calico: "{{ r_openshift_hosted_use_calico_default }}"

openshift_default_projects:
  default:
    default_node_selector: ''
  logging:
    default_node_selector: ''
  openshift-infra:
    default_node_selector: ''

# openshift_additional_projects shares the same format as openshift_default_projects
openshift_additional_projects: {}

openshift_config_base: "/etc/origin"
openshift_master_config_dir: "{{ openshift.common.config_base | default(openshift_config_base) }}/master"
openshift_cluster_domain: 'cluster.local'

##########
# Router #
##########
r_openshift_hosted_router_firewall_enabled: "{{ os_firewall_enabled | default(True) }}"
r_openshift_hosted_router_use_firewalld: "{{ os_firewall_use_firewalld | default(False) }}"

openshift_hosted_router_wait: "{{ not (openshift_master_bootstrap_enabled | default(False)) }}"

openshift_hosted_router_edits:
- key: spec.strategy.rollingParams.intervalSeconds
  value: 1
  action: put
- key: spec.strategy.rollingParams.updatePeriodSeconds
  value: 1
  action: put
- key: spec.strategy.activeDeadlineSeconds
  value: 21600
  action: put

openshift_hosted_routers:
- name: router
  replicas: "{{ replicas | default(1) }}"
  namespace: default
  serviceaccount: router
  selector: "{{ openshift_hosted_router_selector | default(None) }}"
  images: "{{ openshift_hosted_router_image | default(None)  }}"
  edits: "{{ openshift_hosted_router_edits }}"
  stats_port: 1936
  ports:
  - 80:80
  - 443:443
  certificate: "{{ openshift_hosted_router_certificate | default({}) }}"

openshift_hosted_router_certificate: {}
openshift_hosted_router_create_certificate: True

r_openshift_hosted_router_os_firewall_deny: []
r_openshift_hosted_router_os_firewall_allow: []

############
# Registry #
############

r_openshift_hosted_registry_firewall_enabled: "{{ os_firewall_enabled | default(True) }}"
r_openshift_hosted_registry_use_firewalld: "{{ os_firewall_use_firewalld | default(False) }}"

openshift_hosted_registry_name: docker-registry
openshift_hosted_registry_wait: "{{ not (openshift_master_bootstrap_enabled | default(False)) }}"
openshift_hosted_registry_cert_expire_days: 730
r_openshift_hosted_registry_os_firewall_deny: []
r_openshift_hosted_registry_os_firewall_allow:
- service: Docker Registry Port
  port: 5000/tcp
  cond: "{{ r_openshift_hosted_use_calico }}"

openshift_hosted_registry_serviceaccount: registry
openshift_hosted_registry_volumes: []
openshift_hosted_registry_env_vars: {}
openshift_hosted_registry_clusterip: null

# These edits are being specified only to prevent 'changed' on rerun
openshift_hosted_registry_edits:
- key: spec.strategy.rollingParams
  value:
    intervalSeconds: 1
    maxSurge: "25%"
    maxUnavailable: "25%"
    timeoutSeconds: 600
    updatePeriodSeconds: 1
  action: put

openshift_hosted_registry_force:
- False

openshift_push_via_dns: False

# NOTE: settting openshift_docker_hosted_registry_insecure may affect other roles
openshift_hosted_docker_registry_insecure_default: "{{ openshift_docker_hosted_registry_insecure | default(False) }}"
openshift_hosted_docker_registry_insecure: "{{ openshift_hosted_docker_registry_insecure_default }}"