summaryrefslogtreecommitdiffstats
path: root/roles/openstack-stack/defaults/main.yml
diff options
context:
space:
mode:
authorBogdan Dobrelya <bdobreli@redhat.com>2017-07-12 13:09:45 +0200
committerBogdan Dobrelya <bdobreli@redhat.com>2017-07-25 17:41:15 +0200
commitdf8f5f0e251a014ab30dabd62c17e151b7fe36e8 (patch)
tree4c43dfdfefcc139249458606c9c4edefc1c38c32 /roles/openstack-stack/defaults/main.yml
parent677fd46cf37cab5f995170b3567939d784ebb07a (diff)
downloadopenshift-df8f5f0e251a014ab30dabd62c17e151b7fe36e8.tar.gz
openshift-df8f5f0e251a014ab30dabd62c17e151b7fe36e8.tar.bz2
openshift-df8f5f0e251a014ab30dabd62c17e151b7fe36e8.tar.xz
openshift-df8f5f0e251a014ab30dabd62c17e151b7fe36e8.zip
Options for bastion, SSH config, static inventory autogeneration
* At the provisioning stage, allow users to auto-generate SSH config, when using a static inventory. * Run playbooks to provsion and post-provision as a separate, when using a bastion. This re-applies the SSH config, which ansible can't do on the fly. * Support a pre-installed bastion node, colocated with the 1st infra node. * With a bastion enabled, reduce floating IP footprint to infra and dns nodes only, effectively isolating a cluster in a private network. Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
Diffstat (limited to 'roles/openstack-stack/defaults/main.yml')
-rw-r--r--roles/openstack-stack/defaults/main.yml2
1 files changed, 2 insertions, 0 deletions
diff --git a/roles/openstack-stack/defaults/main.yml b/roles/openstack-stack/defaults/main.yml
index 4831d6bc4..803a96389 100644
--- a/roles/openstack-stack/defaults/main.yml
+++ b/roles/openstack-stack/defaults/main.yml
@@ -4,6 +4,7 @@ ssh_ingress_cidr: 0.0.0.0/0
node_ingress_cidr: 0.0.0.0/0
master_ingress_cidr: 0.0.0.0/0
lb_ingress_cidr: 0.0.0.0/0
+bastion_ingress_cidr: 0.0.0.0/0
num_etcd: 0
num_masters: 1
num_nodes: 1
@@ -11,3 +12,4 @@ num_dns: 1
num_infra: 1
nodes_to_remove: []
etcd_volume_size: 2
+use_bastion: False