diff options
author | Bogdan Dobrelya <bdobreli@redhat.com> | 2017-07-12 13:09:45 +0200 |
---|---|---|
committer | Bogdan Dobrelya <bdobreli@redhat.com> | 2017-07-25 17:41:15 +0200 |
commit | df8f5f0e251a014ab30dabd62c17e151b7fe36e8 (patch) | |
tree | 4c43dfdfefcc139249458606c9c4edefc1c38c32 /roles/openstack-stack/defaults/main.yml | |
parent | 677fd46cf37cab5f995170b3567939d784ebb07a (diff) | |
download | openshift-df8f5f0e251a014ab30dabd62c17e151b7fe36e8.tar.gz openshift-df8f5f0e251a014ab30dabd62c17e151b7fe36e8.tar.bz2 openshift-df8f5f0e251a014ab30dabd62c17e151b7fe36e8.tar.xz openshift-df8f5f0e251a014ab30dabd62c17e151b7fe36e8.zip |
Options for bastion, SSH config, static inventory autogeneration
* At the provisioning stage, allow users to auto-generate SSH config,
when using a static inventory.
* Run playbooks to provsion and post-provision as a separate, when
using a bastion. This re-applies the SSH config, which ansible can't
do on the fly.
* Support a pre-installed bastion node, colocated with the 1st infra
node.
* With a bastion enabled, reduce floating IP footprint to infra and
dns nodes only, effectively isolating a cluster in a private
network.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
Diffstat (limited to 'roles/openstack-stack/defaults/main.yml')
-rw-r--r-- | roles/openstack-stack/defaults/main.yml | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/roles/openstack-stack/defaults/main.yml b/roles/openstack-stack/defaults/main.yml index 4831d6bc4..803a96389 100644 --- a/roles/openstack-stack/defaults/main.yml +++ b/roles/openstack-stack/defaults/main.yml @@ -4,6 +4,7 @@ ssh_ingress_cidr: 0.0.0.0/0 node_ingress_cidr: 0.0.0.0/0 master_ingress_cidr: 0.0.0.0/0 lb_ingress_cidr: 0.0.0.0/0 +bastion_ingress_cidr: 0.0.0.0/0 num_etcd: 0 num_masters: 1 num_nodes: 1 @@ -11,3 +12,4 @@ num_dns: 1 num_infra: 1 nodes_to_remove: [] etcd_volume_size: 2 +use_bastion: False |