Home Explore Help
Register Sign In
shixiong
/
okd
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: be97433dd5
Branches Tags
okd
/
roles
/
openshift_manageiq
/
vars
/
main.yml

main.yml 1.6 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152 
  1. ---
    2. 

  2. manageiq_cluster_role:
    3. 

  3.   apiVersion: v1
    4. 

  4.   kind: ClusterRole
    5. 

  5.   metadata:
    6. 

  6.     name: management-infra-admin
    7. 

  7.   rules:
    8. 

  8.   - resources:
    9. 

  9.     - pods/proxy
    10. 

  10.     verbs:
    11. 

  11.     - '*'
    12. 

  12. 

  13. manageiq_metrics_admin_clusterrole:
    14. 

  14.   apiVersion: v1
    15. 

  15.   kind: ClusterRole
    16. 

  16.   metadata:
    17. 

  17.     name: hawkular-metrics-admin
    18. 

  18.   rules:
    19. 

  19.   - apiGroups:
    20. 

  20.     - ""
    21. 

  21.     resources:
    22. 

  22.     - hawkular-metrics
    23. 

  23.     - hawkular-alerts
    24. 

  24.     verbs:
    25. 

  25.     - '*'
    26. 

  26. 

  27. manageiq_service_account:
    28. 

  28.   apiVersion: v1
    29. 

  29.   kind: ServiceAccount
    30. 

  30.   metadata:
    31. 

  31.     name: management-admin
    32. 

  32. 

  33. manageiq_image_inspector_service_account:
    34. 

  34.   apiVersion: v1
    35. 

  35.   kind: ServiceAccount
    36. 

  36.   metadata:
    37. 

  37.     name: inspector-admin
    38. 

  38. 

  39. manage_iq_tmp_conf: /tmp/manageiq_admin.kubeconfig
    40. 

  40. 

  41. manage_iq_tasks:
    42. 

  42. - policy add-role-to-user -n management-infra admin -z management-admin
    43. 

  43. - policy add-role-to-user -n management-infra management-infra-admin -z management-admin
    44. 

  44. - policy add-cluster-role-to-user cluster-reader system:serviceaccount:management-infra:management-admin
    45. 

  45. - policy add-scc-to-user privileged system:serviceaccount:management-infra:management-admin
    46. 

  46. - policy add-cluster-role-to-user system:image-puller system:serviceaccount:management-infra:inspector-admin
    47. 

  47. - policy add-scc-to-user privileged system:serviceaccount:management-infra:inspector-admin
    48. 

  48. - policy add-cluster-role-to-user self-provisioner system:serviceaccount:management-infra:management-admin
    49. 

  49. - policy add-cluster-role-to-user hawkular-metrics-admin system:serviceaccount:management-infra:management-admin
    50. 

  50. 

  51. manage_iq_openshift_3_2_tasks:
    52. 

  52. - policy add-cluster-role-to-user system:image-auditor system:serviceaccount:management-infra:management-admin
    53.