/
hosts.j2
145 lines (131 loc) · 6.63 KB
/
hosts.j2
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
[OSEv3:children]
masters
nodes
etcd
nfs
[OSEv3:vars]
# SSH user, this user should allow ssh based auth without requiring a password
ansible_ssh_user={{ adminUsername }}
openshift_release=v3.3
# If ansible_ssh_user is not root, ansible_sudo must be set to true
ansible_become=yes
os_sdn_network_plugin_name='redhat/openshift-ovs-multitenant'
deployment_type=openshift-enterprise
osm_default_subdomain={{ routerpublicip }}.xip.io
# uncomment the following to enable htpasswd authentication; defaults to DenyAllPasswordIdentityProvider
openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider', 'filename': '/etc/origin/master/htpasswd'}]
openshift_master_htpasswd_users={'ivan':'$apr1$mmH6F3HC$wFVQmONOvOswQL.Ev821o.', 'user1': '$apr1$uml9xP6B$6cuH4KGOwVWJ4S1Ipl.gg.', 'user2': '$apr1$uml9xP6B$6cuH4KGOwVWJ4S1Ipl.gg.' }
os_sdn_network_plugin_name='redhat/openshift-ovs-multitenant'
#openshift_node_kubelet_args={'max-pods': ['40'], 'image-gc-high-threshold': ['90'], 'image-gc-low-threshold': ['80']}
openshift_node_kubelet_args={'maximum-dead-containers': ['100'], 'maximum-dead-containers-per-container': ['2'], 'minimum-container-ttl-duration': ['10s'], 'max-pods': ['110'], 'image-gc-high-threshold': ['90'], 'image-gc-low-threshold': ['80']}
#logrotate_scripts=[{"name": "syslog", "path": "/var/log/cron\n/var/log/maillog\n/var/log/messages\n/var/log/secure\n/var/log/spooler\n", "options": ["daily", "rotate 7", "compress", "sharedscripts", "missingok"], "scripts": {"postrotate": "/bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null || true"}}]
#osm_default_node_selector="region=primary"
openshift_docker_options="--log-driver json-file --log-opt max-size=1M --log-opt max-file=3"
#i#openshift_router_selector='stage=dev,zone=infra'
#openshift_registry_selector='stage=dev,zone=infra'
openshift_node_iptables_sync_period=5s
#openshift_hosted_router_selector='stage=dev,zone=infra'
openshift_master_pod_eviction_timeout=3m
osm_controller_args={'resource-quota-sync-period': ['10s']}
osm_api_server_args={'max-requests-inflight': ['400']}
#osm_cockpit_plugins=['cockpit-kubernetes']
osm_use_cockpit=false
openshift_use_dnsmasq=true
### ha stuff ####
openshift_master_cluster_method=native
openshift_master_cluster_hostname={{ publicjumpdns }}
openshift_master_cluster_public_hostname={{ publicjumpdns }}
###
### metrics
# Metrics deployment
# See: https://docs.openshift.com/enterprise/latest/install_config/cluster_metrics.html
#
# By default metrics are not automatically deployed, set this to enable them
openshift_hosted_metrics_deploy=true
#
# Storage Options
# If openshift_hosted_metrics_storage_kind is unset then metrics will be stored
# in an EmptyDir volume and will be deleted when the cassandra pod terminates.
# Storage options A & B currently support only one cassandra pod which is
# generally enough for up to 1000 pods. Additional volumes can be created
# manually after the fact and metrics scaled per the docs.
#
# Option A - NFS Host Group
# An NFS volume will be created with path "nfs_directory/volume_name"
# on the host within the [nfs] host group. For example, the volume
# path using these options would be "/exports/metrics"
openshift_hosted_metrics_storage_kind=nfs
openshift_hosted_metrics_storage_access_modes=['ReadWriteOnce']
openshift_hosted_metrics_storage_nfs_directory=/exports
openshift_hosted_metrics_storage_nfs_options='*(rw,root_squash)'
openshift_hosted_metrics_storage_volume_name=metrics
openshift_hosted_metrics_storage_volume_size=10Gi
openshift_master_metrics_public_url=https://hawkular.apps.{{ routerpublicip }}.xip.io/hawkular/metrics
##### logging
# Logging deployment
#
# Currently logging deployment is disabled by default, enable it by setting this
openshift_hosted_logging_deploy=true
#
# Logging storage config
# Option A - NFS Host Group
# An NFS volume will be created with path "nfs_directory/volume_name"
# on the host within the [nfs] host group. For example, the volume
# path using these options would be "/exports/logging"
openshift_hosted_logging_storage_kind=nfs
openshift_hosted_logging_storage_access_modes=['ReadWriteOnce']
openshift_hosted_logging_storage_nfs_directory=/exports
openshift_hosted_logging_storage_nfs_options='*(rw,root_squash)'
openshift_hosted_logging_storage_volume_name=logging
openshift_hosted_logging_storage_volume_size=10Gi
#
openshift_master_logging_public_url=https://kibana.apps.{{ routerpublicip }}.xip.io
#osm_cluster_network_cidr=172.29.210.0/24
# Configure number of bits to allocate to each hostb subnet e.g. 8
# would mean a /24 network on the host.
#osm_host_subnet_length=6
#openshift_master_portal_net=172.29.211.0/24
# Specify load balancer host
# External NFS Host
# NFS volume must already exist with path "nfs_directory/_volume_name" on
# the storage_host. For example, the remote volume path using these
# options would be "nfs.example.com:/exports/registry"
openshift_hosted_registry_storage_kind=nfs
openshift_hosted_registry_storage_access_modes=['ReadWriteMany']
openshift_hosted_registry_storage_host=jumphost1
openshift_hosted_registry_storage_nfs_directory=/exports
openshift_hosted_registry_storage_volume_name=registry
openshift_hosted_registry_storage_volume_size=20Gi
openshift_master_audit_config={"basicAuditEnabled": true}
openshift_router_selector='zone=infra,stage=dev'
openshift_registry_selector='zone=infra,stage=dev'
[nfs]
jumphost1
#[etcd:vars]
#etcd_interface=eth1
# host group for masters
[masters]
{% for key, value in masters.iteritems() %}
{{ value.name }}
{% endfor %}
[etcd]
{% for key, value in masters.iteritems() %}
{{ value.name }}
{% endfor %}
##############################
## applications
# local_quota_per_fsgroup (quoata i)
# https://docs.openshift.com/enterprise/3.2/install_config/master_node_configuration.html
# https://github.com/openshift/openshift-ansible/blob/eab842f5b6e5c04cda06c94cf8db3281d82c8ad6/roles/openshift_node/tasks/main.yml
############################
# host group for nodes, includes region info
[nodes]
{% for key, value in nodes.iteritems() %}
{{ value.name }} openshift_node_labels="{ {% for key1, value1 in value.tags.iteritems() %}'{{ key1 }}': '{{ value1 }}' {% if not loop.last %}, {% endif %}{% endfor %} }"
{% endfor %}
{% for key, value in masters.iteritems() %}
{{ value.name }} openshift_node_labels="{ {% for key1, value1 in value.tags.iteritems() %}'{{ key1 }}': '{{ value1 }}' {% if not loop.last %}, {% endif %}{% endfor %} }"
{% endfor %}
{% for key, value in infranodes.iteritems() %}
{{ value.name }} openshift_node_labels="{ {% for key1, value1 in value.tags.iteritems() %}'{{ key1 }}': '{{ value1 }}' {% if not loop.last %}, {% endif %}{% endfor %} }"
{% endfor %}