---
# Variables that are commented in this file are optional; uncommented variables
# are mandatory.

# Default values for each variable are provided, as applicable.
# Example values for mandatory variables are provided as a comment at the end
# of the line.

# ------------------------ #
# Common/Cluster Variables #
# ------------------------ #
# Variables in this section affect all areas of the cluster

# Deployment type must be specified.
openshift_deployment_type: # 'origin' or 'openshift-enterprise'

# openshift_release must be specified.  Use whatever version of openshift
# that is supported by openshift-ansible that you wish.
openshift_release: # v3.7

# This will be dependent on the version provided by the yum repository
openshift_pkg_version: # -3.7.0

# specify a clusterid
# This value is also used as the default value for many other components.
#openshift_aws_clusterid: default

# AWS region
# This value will instruct the plays where all items should be created.
# Multi-region deployments are not supported using these plays at this time.
#openshift_aws_region: us-east-1

#openshift_aws_create_launch_config: true
#openshift_aws_create_scale_group: true

# --- #
# VPC #
# --- #

# openshift_aws_create_vpc defaults to true.  If you don't wish to provision
# a vpc, set this to false.
#openshift_aws_create_vpc: true

# Name of the vpc.  Needs to be set if using a pre-existing vpc.
#openshift_aws_vpc_name: "{{ openshift_aws_clusterid }}"

# Name of the subnet in the vpc to use.  Needs to be set if using a pre-existing
# vpc + subnet.
#openshift_aws_subnet_az:

# -------------- #
# Security Group #
# -------------- #

# openshift_aws_create_security_groups defaults to true.  If you wish to use
# an existing security group, set this to false.
#openshift_aws_create_security_groups: true

# openshift_aws_build_ami_group is the name of the security group to build the
# ami in.  This defaults to the value of openshift_aws_clusterid.
#openshift_aws_build_ami_group: "{{ openshift_aws_clusterid }}"

# openshift_aws_launch_config_security_groups specifies the security groups to
# apply to the launch config.  The launch config security groups will be what
# the cluster actually is deployed in.
#openshift_aws_launch_config_security_groups: see roles/openshift_aws/defaults.yml

# openshift_aws_node_security_groups are created when
# openshift_aws_create_security_groups is set to true.
#openshift_aws_node_security_groups: see roles/openshift_aws/defaults.yml

# -------- #
# ssh keys #
# -------- #

# Specify the key pair name here to connect to the provisioned instances.  This
# can be an existing key, or it can be one of the keys specified in
# openshift_aws_users
openshift_aws_ssh_key_name: # myuser_key

# This will ensure these user and public keys are created.
#openshift_aws_users:
#- key_name: myuser_key
#  username: myuser
#  pub_key: |
#         ssh-rsa AAAA

# When building the AMI, specify the user to ssh to the instance as.
# openshift_aws_build_ami_ssh_user: root

# --------- #
# AMI Build #
# --------- #
# Variables in this section apply to building a node AMI for use in your
# openshift cluster.
# openshift-ansible will perform the container runtime storage setup when specified
# The current storage setup with require a drive if using a separate storage device
# for the container runtime.
container_runtime_docker_storage_type: overlay2
container_runtime_docker_storage_setup_device: /dev/xvdb

# must specify a base_ami when building an AMI
openshift_aws_base_ami: # ami-12345678

# when creating an encrypted AMI please specify use_encryption
#openshift_aws_ami_encrypt: False

# -- #
# S3 #
# -- #

# Create an s3 bucket.
#openshift_aws_create_s3: True

# --- #
# ELB #
# --- #

# openshift_aws_elb_name will be the base-name of the ELBs.
#openshift_aws_elb_name: "{{ openshift_aws_clusterid }}"

# custom certificates are required for the ELB
openshift_aws_iam_cert_path: # '/path/to/wildcard.<clusterid>.example.com.crt'
openshift_aws_iam_cert_key_path: # '/path/to/wildcard.<clusterid>.example.com.key'
openshift_aws_iam_cert_chain_path: # '/path/to/cert.ca.crt'