diff options
Diffstat (limited to 'roles/openshift_aws/defaults/main.yml')
-rw-r--r-- | roles/openshift_aws/defaults/main.yml | 107 |
1 files changed, 85 insertions, 22 deletions
diff --git a/roles/openshift_aws/defaults/main.yml b/roles/openshift_aws/defaults/main.yml index 5371588cf..c9a429675 100644 --- a/roles/openshift_aws/defaults/main.yml +++ b/roles/openshift_aws/defaults/main.yml @@ -1,10 +1,10 @@ --- openshift_aws_create_s3: True openshift_aws_create_iam_cert: True +openshift_aws_create_iam_role: False openshift_aws_create_security_groups: True openshift_aws_create_launch_config: True openshift_aws_create_scale_group: True -openshift_aws_node_group_type: master openshift_aws_wait_for_ssh: True @@ -12,12 +12,15 @@ openshift_aws_clusterid: default openshift_aws_region: us-east-1 openshift_aws_vpc_name: "{{ openshift_aws_clusterid }}" openshift_aws_build_ami_group: "{{ openshift_aws_clusterid }}" -openshift_aws_kubernetes_cluster_status: "{{ openshift_aws_clusterid }}" openshift_aws_iam_cert_name: "{{ openshift_aws_clusterid }}-master-external" openshift_aws_iam_cert_path: '' openshift_aws_iam_cert_key_path: '' -openshift_aws_scale_group_name: "{{ openshift_aws_clusterid }} openshift {{ openshift_aws_node_group_type }}" +openshift_aws_scale_group_basename: "{{ openshift_aws_clusterid }} openshift" + +openshift_aws_iam_role_name: openshift_node_describe_instances +openshift_aws_iam_role_policy_json: "{{ lookup('file', 'describeinstances.json') }}" +openshift_aws_iam_role_policy_name: "describe_instances" openshift_aws_iam_kms_alias: "alias/{{ openshift_aws_clusterid }}_kms" openshift_aws_ami: '' @@ -28,7 +31,7 @@ openshift_aws_ami_name: openshift-gi openshift_aws_base_ami_name: ami_base openshift_aws_launch_config_bootstrap_token: '' -openshift_aws_launch_config_name: "{{ openshift_aws_clusterid }}-{{ openshift_aws_node_group_type }}-{{ ansible_date_time.epoch }}" +openshift_aws_launch_config_basename: "{{ openshift_aws_clusterid }}" openshift_aws_users: [] @@ -48,12 +51,19 @@ openshift_aws_elb_health_check: unhealthy_threshold: 2 healthy_threshold: 2 -openshift_aws_elb_name: "{{ openshift_aws_clusterid }}-{{ openshift_aws_node_group_type }}" +openshift_aws_elb_basename: "{{ openshift_aws_clusterid }}" +openshift_aws_elb_name_dict: + master: + external: "{{ openshift_aws_elb_basename }}-master-external" + internal: "{{ openshift_aws_elb_basename }}-master-internal" + infra: + external: "{{ openshift_aws_elb_basename }}-infra" + openshift_aws_elb_idle_timout: 400 openshift_aws_elb_scheme: internet-facing openshift_aws_elb_cert_arn: '' -openshift_aws_elb_listeners: +openshift_aws_elb_dict: master: external: - protocol: tcp @@ -75,6 +85,18 @@ openshift_aws_elb_listeners: load_balancer_port: 443 instance_protocol: tcp instance_port: 443 + infra: + external: + - protocol: tcp + load_balancer_port: 80 + instance_protocol: tcp + instance_port: 443 + proxy_protocol: True + - protocol: tcp + load_balancer_port: 443 + instance_protocol: tcp + instance_port: 443 + proxy_protocol: True openshift_aws_node_group_config_master_volumes: - device_name: /dev/sdb @@ -88,17 +110,21 @@ openshift_aws_node_group_config_node_volumes: device_type: gp2 delete_on_termination: True -openshift_aws_node_group_config_tags: "{{ openshift_aws_clusterid | build_instance_tags(openshift_aws_kubernetes_cluster_status) }}" +openshift_aws_node_group_config_tags: "{{ openshift_aws_clusterid | build_instance_tags }}" openshift_aws_node_group_termination_policy: Default openshift_aws_node_group_replace_instances: [] openshift_aws_node_group_replace_all_instances: False openshift_aws_node_group_config_extra_labels: {} -openshift_aws_node_group_config: - tags: "{{ openshift_aws_node_group_config_tags }}" +openshift_aws_ami_map: + master: "{{ openshift_aws_ami }}" + infra: "{{ openshift_aws_ami }}" + compute: "{{ openshift_aws_ami }}" + +openshift_aws_master_group_config: + # The 'master' key is always required here. master: instance_type: m4.xlarge - ami: "{{ openshift_aws_ami }}" volumes: "{{ openshift_aws_node_group_config_master_volumes }}" health_check: period: 60 @@ -114,9 +140,15 @@ openshift_aws_node_group_config: wait_for_instances: True termination_policy: "{{ openshift_aws_node_group_termination_policy }}" replace_all_instances: "{{ openshift_aws_node_group_replace_all_instances }}" + iam_role: "{{ openshift_aws_iam_role_name }}" + policy_name: "{{ openshift_aws_iam_role_policy_name }}" + policy_json: "{{ openshift_aws_iam_role_policy_json }}" + elbs: "{{ openshift_aws_elb_name_dict['master'].keys()| map('extract', openshift_aws_elb_name_dict['master']) | list }}" + +openshift_aws_node_group_config: + # The 'compute' key is always required here. compute: instance_type: m4.xlarge - ami: "{{ openshift_aws_ami }}" volumes: "{{ openshift_aws_node_group_config_node_volumes }}" health_check: period: 60 @@ -131,9 +163,12 @@ openshift_aws_node_group_config: type: compute termination_policy: "{{ openshift_aws_node_group_termination_policy }}" replace_all_instances: "{{ openshift_aws_node_group_replace_all_instances }}" + iam_role: "{{ openshift_aws_iam_role_name }}" + policy_name: "{{ openshift_aws_iam_role_policy_name }}" + policy_json: "{{ openshift_aws_iam_role_policy_json }}" + # The 'infra' key is always required here. infra: instance_type: m4.xlarge - ami: "{{ openshift_aws_ami }}" volumes: "{{ openshift_aws_node_group_config_node_volumes }}" health_check: period: 60 @@ -148,20 +183,33 @@ openshift_aws_node_group_config: type: infra termination_policy: "{{ openshift_aws_node_group_termination_policy }}" replace_all_instances: "{{ openshift_aws_node_group_replace_all_instances }}" + iam_role: "{{ openshift_aws_iam_role_name }}" + policy_name: "{{ openshift_aws_iam_role_policy_name }}" + policy_json: "{{ openshift_aws_iam_role_policy_json }}" + elbs: "{{ openshift_aws_elb_name_dict['infra'].keys()| map('extract', openshift_aws_elb_name_dict['infra']) | list }}" -openshift_aws_elb_security_groups: -- "{{ openshift_aws_clusterid }}" -- "{{ openshift_aws_clusterid }}_{{ openshift_aws_node_group_type }}" +openshift_aws_elb_tags: "{{ openshift_aws_kube_tags }}" +openshift_aws_elb_az_load_balancing: False -openshift_aws_elb_instance_filter: - "tag:clusterid": "{{ openshift_aws_clusterid }}" - "tag:host-type": "{{ openshift_aws_node_group_type }}" - instance-state-name: running +openshift_aws_kube_tags: "{{ openshift_aws_clusterid | build_instance_tags }}" + +openshift_aws_elb_security_groups: "{{ openshift_aws_launch_config_security_groups }}" openshift_aws_launch_config_security_groups: -- "{{ openshift_aws_clusterid }}" # default sg -- "{{ openshift_aws_clusterid }}_{{ openshift_aws_node_group_type }}" # node type sg -- "{{ openshift_aws_clusterid }}_{{ openshift_aws_node_group_type }}_k8s" # node type sg k8s + compute: + - "{{ openshift_aws_clusterid }}" # default sg + - "{{ openshift_aws_clusterid }}_compute" # node type sg + - "{{ openshift_aws_clusterid }}_compute_k8s" # node type sg k8s + infra: + - "{{ openshift_aws_clusterid }}" # default sg + - "{{ openshift_aws_clusterid }}_infra" # node type sg + - "{{ openshift_aws_clusterid }}_infra_k8s" # node type sg k8s + master: + - "{{ openshift_aws_clusterid }}" # default sg + - "{{ openshift_aws_clusterid }}_master" # node type sg + - "{{ openshift_aws_clusterid }}_master_k8s" # node type sg k8s + +openshift_aws_security_groups_tags: "{{ openshift_aws_kube_tags }}" openshift_aws_node_security_groups: default: @@ -231,3 +279,18 @@ openshift_aws_vpc: openshift_aws_node_run_bootstrap_startup: True openshift_aws_node_user_data: '' openshift_aws_node_config_namespace: openshift-node + +# If creating extra node groups, you'll need to define all of the following + +# The format is the same as openshift_aws_node_group_config, but the top-level +# key names should be different (ie, not == master or infra). +# openshift_aws_node_group_config_extra: {} + +# This variable should look like openshift_aws_launch_config_security_groups +# and contain a one-to-one mapping of top level keys that are defined in +# openshift_aws_node_group_config_extra. +# openshift_aws_launch_config_security_groups_extra: {} + +# openshift_aws_node_security_groups_extra: {} + +# openshift_aws_ami_map_extra: {} |