shixiong
/
okd


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156
							---
debug_level: 2

deployment_rhel7_ent_base:
  # rhel-7.1, requires cloud access subscription
  image: "{{ lookup('oo_option', 'ec2_image') | default('ami-10251c7a', True) }}"
  image_name: "{{ lookup('oo_option', 'ec2_image_name') | default(None, True) }}"
  region: "{{ lookup('oo_option', 'ec2_region') | default('us-east-1', True) }}"
  ssh_user: ec2-user
  become: yes
  keypair: "{{ lookup('oo_option', 'ec2_keypair') | default('libra', True) }}"
  type: "{{ lookup('oo_option', 'ec2_instance_type') | default('m4.large', True) }}"
  security_groups: "{{ lookup('oo_option', 'ec2_security_groups') | default([ 'public' ], True) }}"
  vpc_subnet: "{{ lookup('oo_option', 'ec2_vpc_subnet') | default(omit, True) }}"
  assign_public_ip: "{{ lookup('oo_option', 'ec2_assign_public_ip') | default(omit, True) }}"

deployment_vars:
  origin:
    # centos-7, requires marketplace
    image: "{{ lookup('oo_option', 'ec2_image') | default('ami-6d1c2007', True) }}"
    image_name: "{{ lookup('oo_option', 'ec2_image_name') | default(None, True) }}"
    region: "{{ lookup('oo_option', 'ec2_region') | default('us-east-1', True) }}"
    ssh_user: centos
    become: yes
    keypair: "{{ lookup('oo_option', 'ec2_keypair') | default('libra', True) }}"
    type: "{{ lookup('oo_option', 'ec2_instance_type') | default('m4.large', True) }}"
    security_groups: "{{ lookup('oo_option', 'ec2_security_groups') | default([ 'public' ], True) }}"
    vpc_subnet: "{{ lookup('oo_option', 'ec2_vpc_subnet') | default(omit, True) }}"
    assign_public_ip: "{{ lookup('oo_option', 'ec2_assign_public_ip') | default(omit, True) }}"

  enterprise: "{{ deployment_rhel7_ent_base }}"
  openshift-enterprise: "{{ deployment_rhel7_ent_base }}"
  atomic-enterprise: "{{ deployment_rhel7_ent_base }}"

clusterid: mycluster
region: us-east-1

provision:
  clusterid: "{{ clusterid }}"
  region: "{{ region }}"

  build:  # build specific variables here
    ami_name: "openshift-gi-"
    base_image: ami-bdd5d6ab  # base image for AMI to build from
    yum_repositories:  # this is an example repository but it requires sslclient info
    - name: openshift-repo
      file: openshift-repo
      description: OpenShift Builds
      baseurl: https://mirror.openshift.com/enterprise/online-int/latest/x86_64/os/
      enabled: yes
      gpgcheck: no
      sslverify: no
      sslclientcert: "/var/lib/yum/client-cert.pem"
      sslclientkey: "/var/lib/yum/client-key.pem"
      gpgkey: "https://mirror.ops.rhcloud.com/libra/keys/RPM-GPG-KEY-redhat-release https://mirror.ops.rhcloud.com/libra/keys/RPM-GPG-KEY-redhat-beta https://mirror.ops.rhcloud.com/libra/keys/RPM-GPG-KEY-redhat-openshifthosted"

    # when creating an encrypted AMI please specify use_encryption
    use_encryption: False

    openshift_ami_tags:
      bootstrap: "true"
      openshift-created: "true"
      clusterid: "{{ clusterid }}"

  # Use s3 backed registry storage
  openshift_registry_s3: True

  # if using custom certificates these are required for the ELB
  iam_cert_ca:
    name: "{{ clusterid }}_openshift"
    cert_path: '/path/to/wildcard.<clusterid>.example.com.crt'
    key_path: '/path/to/wildcard.<clusterid>.example.com.key'
    chain_path: '/path/to/cert.ca.crt'

  instance_users:
  - key_name: myuser_key
    username: myuser
    pub_key: |
           ssh-rsa AAAA== myuser@system

  node_group_config:
    tags:
      clusterid: "{{ clusterid }}"
      environment: stg

    ssh_key_name: myuser_key

    # master specific cluster node settings
    master:
      instance_type: m4.xlarge
      ami: ami-cdeec8b6  # if using an encrypted AMI this will be replaced
      volumes:
      - device_name: /dev/sdb
        volume_size: 100
        device_type: gp2
        delete_on_termination: False
      health_check:
        period: 60
        type: EC2
      min_size: 3
      max_size: 3
      desired_size: 3
      tags:
        host-type: master
        sub-host-type: default
      wait_for_instances: True

    # compute specific cluster node settings
    compute:
      instance_type: m4.xlarge
      ami: ami-cdeec8b6
      volumes:
      - device_name: /dev/sdb
        volume_size: 100
        device_type: gp2
        delete_on_termination: True
      health_check:
        period: 60
        type: EC2
      min_size: 3
      max_size: 100
      desired_size: 3
      tags:
        host-type: node
        sub-host-type: compute

    # infra specific cluster node settings
    infra:
      instance_type: m4.xlarge
      ami: ami-cdeec8b6
      volumes:
      - device_name: /dev/sdb
        volume_size: 100
        device_type: gp2
        delete_on_termination: True
      health_check:
        period: 60
        type: EC2
      min_size: 2
      max_size: 20
      desired_size: 2
      tags:
        host-type: node
        sub-host-type: infra

  # vpc settings
  vpc:
    cidr: 172.31.0.0/16
    subnets:
      us-east-1:  # These are us-east-1 region defaults. Ensure this matches your region
      - cidr: 172.31.48.0/20
        az: "us-east-1c"
      - cidr: 172.31.32.0/20
        az: "us-east-1e"
      - cidr: 172.31.16.0/20
        az: "us-east-1a"