Home Explore Help
Register Sign In
shixiong
/
okd
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: b17728d542
Branches Tags
okd
/
roles
/
openshift_control_plane
/
defaults
/
main.yml

main.yml 7.1 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152 
  1. ---
    2. 

  2. # openshift_master_defaults_in_use is a workaround to detect if we are consuming
    3. 

  3. # the plays from the role or outside of the role.
    4. 

  4. openshift_master_defaults_in_use: True
    5. 

  5. openshift_master_debug_level: "{{ debug_level | default(2) }}"
    6. 

  6. 

  7. r_openshift_master_firewall_enabled: "{{ os_firewall_enabled | default(True) }}"
    8. 

  8. r_openshift_master_use_firewalld: "{{ os_firewall_use_firewalld | default(False) }}"
    9. 

  9. 

  10. osm_image_default_dict:
    11. 

  11.   origin: 'openshift/origin'
    12. 

  12.   openshift-enterprise: 'openshift3/ose'
    13. 

  13. osm_image_default: "{{ osm_image_default_dict[openshift_deployment_type] }}"
    14. 

  14. osm_image: "{{ osm_image_default }}"
    15. 

  15. 

  16. l_openshift_master_images_dict:
    17. 

  17.   origin: 'openshift/origin-${component}:${version}'
    18. 

  18.   openshift-enterprise: 'openshift3/ose-${component}:${version}'
    19. 

  19. l_osm_registry_url_default: "{{ l_openshift_master_images_dict[openshift_deployment_type] }}"
    20. 

  20. l_osm_registry_url: "{{ oreg_url_master | default(oreg_url) | default(l_osm_registry_url_default) }}"
    21. 

  21. 

  22. system_images_registry_dict:
    23. 

  23.   openshift-enterprise: "registry.access.redhat.com"
    24. 

  24.   origin: "docker.io"
    25. 

  25. 

  26. system_images_registry: "{{ system_images_registry_dict[openshift_deployment_type | default('origin')] }}"
    27. 

  27. 

  28. l_is_master_system_container: "{{ (openshift_use_master_system_container | default(openshift_use_system_containers | default(false)) | bool) }}"
    29. 

  29. 

  30. openshift_master_dns_port: 8053
    31. 

  31. osm_default_node_selector: ''
    32. 

  32. osm_project_request_template: ''
    33. 

  33. osm_mcs_allocator_range: 's0:/2'
    34. 

  34. osm_mcs_labels_per_project: 5
    35. 

  35. osm_uid_allocator_range: '1000000000-1999999999/10000'
    36. 

  36. osm_project_request_message: ''
    37. 

  37. 

  38. openshift_node_ips: []
    39. 

  39. r_openshift_master_clean_install: false
    40. 

  40. r_openshift_master_os_firewall_enable: true
    41. 

  41. r_openshift_master_os_firewall_deny: []
    42. 

  42. default_r_openshift_master_os_firewall_allow:
    43. 

  43. - service: api server https
    44. 

  44.   port: "{{ openshift.master.api_port }}/tcp"
    45. 

  45. - service: api controllers https
    46. 

  46.   port: "{{ openshift.master.controllers_port }}/tcp"
    47. 

  47. - service: skydns tcp
    48. 

  48.   port: "{{ openshift_master_dns_port }}/tcp"
    49. 

  49. - service: skydns udp
    50. 

  50.   port: "{{ openshift_master_dns_port }}/udp"
    51. 

  51. - service: etcd embedded
    52. 

  52.   port: 4001/tcp
    53. 

  53.   cond: "{{ groups.oo_etcd_to_config | default([]) | length == 0 }}"
    54. 

  54. r_openshift_master_os_firewall_allow: "{{ default_r_openshift_master_os_firewall_allow | union(openshift_master_open_ports | default([])) }}"
    55. 

  55. 

  56. # oreg_url is defined by user input
    57. 

  57. oreg_host: "{{ oreg_url.split('/')[0] if (oreg_url is defined and '.' in oreg_url.split('/')[0]) else '' }}"
    58. 

  58. oreg_auth_credentials_path: "{{ r_openshift_master_data_dir }}/.docker"
    59. 

  59. oreg_auth_credentials_replace: False
    60. 

  60. l_bind_docker_reg_auth: False
    61. 

  61. openshift_docker_alternative_creds: "{{ (openshift_docker_use_system_container | default(False) | bool) or (openshift_use_crio_only | default(False)) }}"
    62. 

  62. 

  63. containerized_svc_dir: "/usr/lib/systemd/system"
    64. 

  64. ha_svc_template_path: "native-cluster"
    65. 

  65. 

  66. openshift_docker_service_name: "{{ 'container-engine' if (openshift_docker_use_system_container | default(False) | bool) else 'docker' }}"
    67. 

  67. 

  68. openshift_master_loopback_config: "{{ openshift_master_config_dir }}/openshift-master.kubeconfig"
    69. 

  69. loopback_context_string: "current-context: {{ openshift.master.loopback_context_name }}"
    70. 

  70. openshift_master_session_secrets_file: "{{ openshift_master_config_dir }}/session-secrets.yaml"
    71. 

  71. openshift_master_policy: "{{ openshift_master_config_dir }}/policy.json"
    72. 

  72. 

  73. scheduler_config:
    74. 

  74.   kind: Policy
    75. 

  75.   apiVersion: v1
    76. 

  76.   predicates: "{{ openshift_master_scheduler_predicates
    77. 

  77.                   | default(openshift_master_scheduler_current_predicates
    78. 

  78.                             | default(openshift_master_scheduler_default_predicates)) }}"
    79. 

  79.   priorities: "{{ openshift_master_scheduler_priorities
    80. 

  80.                   | default(openshift_master_scheduler_current_priorities
    81. 

  81.                             | default(openshift_master_scheduler_default_priorities)) }}"
    82. 

  82. 

  83. openshift_master_valid_grant_methods:
    84. 

  84. - auto
    85. 

  85. - prompt
    86. 

  86. - deny
    87. 

  87. 

  88. openshift_master_is_scaleup_host: False
    89. 

  89. 

  90. # openshift_master_oauth_template is deprecated.  Should be added to deprecations
    91. 

  91. # and removed.
    92. 

  92. openshift_master_oauth_template: False
    93. 

  93. openshift_master_oauth_templates_default:
    94. 

  94.   login: "{{ openshift_master_oauth_template }}"
    95. 

  95. openshift_master_oauth_templates: "{{ openshift_master_oauth_template | ternary(openshift_master_oauth_templates_default, False) }}"
    96. 

  96. # Here we combine openshift_master_oath_template into 'login' key of openshift_master_oath_templates, if not present.
    97. 

  97. l_openshift_master_oauth_templates: "{{ openshift_master_oauth_templates | default(openshift_master_oauth_templates_default) }}"
    98. 

  98. 

  99. # These defaults assume forcing journald persistence, fsync to disk once
    100. 

  100. # a second, rate-limiting to 10,000 logs a second, no forwarding to
    101. 

  101. # syslog or wall, using 8GB of disk space maximum, using 10MB journal
    102. 

  102. # files, keeping only a days worth of logs per journal file, and
    103. 

  103. # retaining journal files no longer than a month.
    104. 

  104. journald_vars_to_replace:
    105. 

  105. - { var: Storage, val: persistent }
    106. 

  106. - { var: Compress, val: yes }
    107. 

  107. - { var: SyncIntervalSec, val: 1s }
    108. 

  108. - { var: RateLimitInterval, val: 1s }
    109. 

  109. - { var: RateLimitBurst, val: 10000 }
    110. 

  110. - { var: SystemMaxUse, val: 8G }
    111. 

  111. - { var: SystemKeepFree, val: 20% }
    112. 

  112. - { var: SystemMaxFileSize, val: 10M }
    113. 

  113. - { var: MaxRetentionSec, val: 1month }
    114. 

  114. - { var: MaxFileSec, val: 1day }
    115. 

  115. - { var: ForwardToSyslog, val: no }
    116. 

  116. - { var: ForwardToWall, val: no }
    117. 

  117. 

  118. 

  119. # NOTE
    120. 

  120. # r_openshift_master_*_default may be defined external to this role.
    121. 

  121. # openshift_use_*, if defined, may affect other roles or play behavior.
    122. 

  122. r_openshift_master_use_openshift_sdn_default: "{{ openshift_use_openshift_sdn | default(True) }}"
    123. 

  123. r_openshift_master_use_openshift_sdn: "{{ r_openshift_master_use_openshift_sdn_default }}"
    124. 

  124. 

  125. r_openshift_master_use_nuage_default: "{{ openshift_use_nuage | default(False) }}"
    126. 

  126. r_openshift_master_use_nuage: "{{ r_openshift_master_use_nuage_default }}"
    127. 

  127. 

  128. r_openshift_master_use_contiv_default: "{{ openshift_use_contiv | default(False) }}"
    129. 

  129. r_openshift_master_use_contiv: "{{ r_openshift_master_use_contiv_default }}"
    130. 

  130. 

  131. r_openshift_master_use_kuryr_default: "{{ openshift_use_kuryr | default(False) }}"
    132. 

  132. r_openshift_master_use_kuryr: "{{ r_openshift_master_use_kuryr_default }}"
    133. 

  133. 

  134. r_openshift_master_data_dir_default: "{{ openshift_data_dir | default('/var/lib/origin') }}"
    135. 

  135. r_openshift_master_data_dir: "{{ r_openshift_master_data_dir_default }}"
    136. 

  136. 

  137. r_openshift_master_sdn_network_plugin_name_default: "{{ os_sdn_network_plugin_name | default('redhat/openshift-ovs-subnet') }}"
    138. 

  138. r_openshift_master_sdn_network_plugin_name: "{{ r_openshift_master_sdn_network_plugin_name_default }}"
    139. 

  139. 

  140. openshift_master_image_config_latest_default: "{{ openshift_image_config_latest | default(False) }}"
    141. 

  141. openshift_master_image_config_latest: "{{ openshift_master_image_config_latest_default }}"
    142. 

  142. 

  143. openshift_master_config_dir_default: "{{ openshift.common.config_base ~ '/master' if openshift is defined and 'common' in openshift else '/etc/origin/master' }}"
    144. 

  144. openshift_master_config_dir: "{{ openshift_master_config_dir_default }}"
    145. 

  145. 

  146. openshift_master_bootstrap_enabled: False
    147. 

  147. 

  148. openshift_master_csr_sa: node-bootstrapper
    149. 

  149. openshift_master_csr_namespace: openshift-infra
    150. 

  150. 

  151. openshift_master_config_file: "{{ openshift_master_config_dir }}/master-config.yaml"
    152. 

  152. openshift_master_scheduler_conf: "{{ openshift_master_config_dir }}/scheduler.json"
    153.