-
Notifications
You must be signed in to change notification settings - Fork 0
/
OSEv3.yml
55 lines (49 loc) · 2.64 KB
/
OSEv3.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
---
openshift_docker_selinux_enabled: false
openshift_docker_insecure_registries: 172.30.0.0/16
openshift_disable_check: memory_availability
debug_level: 2
# This is deployed on an OpenStack cloud which defaults eth0 mtu to 1450
# The node mtu must be 50 less than eth0
# https://docs.openshift.com/container-platform/3.5/admin_guide/sdn_troubleshooting.html#builds-on-a-virtual-network-are-failing
openshift_node_sdn_mtu: 1400
# Version and deployment type
openshift_deployment_type: origin
deployment_subtype: registry
openshift_release: v1.5.1
# Identity: GitHub oauth
# Application name: "OpenShift Docker Registry Console"
# Application home page: "https://registry.rdoproject.org:8443/"
# Application description: "OpenShift Docker Registry Console"
# Application callback URL: "https://registry.rdoproject.org:8443/oauth2callback/github"
openshift_master_identity_providers:
- name: github
login: true
challenge: false
kind: GitHubIdentityProvider
clientID: "{{ lookup('env', 'RDO_GITHUB_CLIENT_ID') |default(None, true) }}"
clientSecret: "{{ lookup('env', 'RDO_GITHUB_CLIENT_SECRET') |default(None, true) }}"
teams:
- rdo-infra/registry-rdoproject-org
# Endpoint DNS and SSL
openshift_master_cluster_public_hostname: registry.rdoproject.org
openshift_master_default_subdomain: apps.registry.rdoproject.org
openshift_master_overwrite_named_certificates: true
openshift_master_named_certificates:
- certfile: /etc/letsencrypt/live/registry.rdoproject.org/registry.rdoproject.org-fullchain.pem
keyfile: /etc/letsencrypt/live/registry.rdoproject.org/registry.rdoproject.org-privkey.pem
names:
- registry.rdoproject.org
# Note: using passthrough termination because reencrypt does not work
# https://github.com/openshift/origin/issues/14249
openshift_hosted_registry_routehost: trunk.registry.rdoproject.org
openshift_hosted_registry_routetermination: passthrough
openshift_hosted_registry_routecertificates:
certfile: "/etc/letsencrypt/live/trunk.registry.rdoproject.org/trunk.registry.rdoproject.org-fullchain.pem"
keyfile: "/etc/letsencrypt/live/trunk.registry.rdoproject.org/trunk.registry.rdoproject.org-privkey.pem"
openshift_hosted_registry_console_routehost: console.registry.rdoproject.org
openshift_hosted_registry_console_routetermination: reencrypt
openshift_hosted_registry_console_routecertificates:
certfile: "/etc/letsencrypt/live/console.registry.rdoproject.org/console.registry.rdoproject.org-cert.pem"
keyfile: "/etc/letsencrypt/live/console.registry.rdoproject.org/console.registry.rdoproject.org-privkey.pem"
cafile: "/etc/letsencrypt/live/console.registry.rdoproject.org/console.registry.rdoproject.org-chain.pem"