blob: 7810157d41ed8a6e7d1222af2762b85e89630db1 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
|
---
clusterid: mycluster
region: us-east-1
provision:
clusterid: "{{ clusterid }}"
region: "{{ region }}"
build: # build specific variables here
ami_name: "openshift-gi-"
base_image: ami-bdd5d6ab # base image for AMI to build from
yum_repositories: # this is an example repository but it requires sslclient info
- name: openshift-repo
file: openshift-repo
description: OpenShift Builds
baseurl: https://mirror.openshift.com/enterprise/online-int/latest/x86_64/os/
enabled: yes
gpgcheck: no
sslverify: no
sslclientcert: "/var/lib/yum/client-cert.pem"
sslclientkey: "/var/lib/yum/client-key.pem"
gpgkey: "https://mirror.ops.rhcloud.com/libra/keys/RPM-GPG-KEY-redhat-release https://mirror.ops.rhcloud.com/libra/keys/RPM-GPG-KEY-redhat-beta https://mirror.ops.rhcloud.com/libra/keys/RPM-GPG-KEY-redhat-openshifthosted"
# when creating an encrypted AMI please specify use_encryption
use_encryption: False
openshift_ami_tags:
bootstrap: "true"
openshift-created: "true"
clusterid: "{{ clusterid }}"
# Use s3 backed registry storage
openshift_registry_s3: True
# if using custom certificates these are required for the ELB
iam_cert_ca:
name: "{{ clusterid }}_openshift"
cert_path: '/path/to/wildcard.<clusterid>.example.com.crt'
key_path: '/path/to/wildcard.<clusterid>.example.com.key'
chain_path: '/path/to/cert.ca.crt'
instance_users:
- key_name: myuser_key
username: myuser
pub_key: |
ssh-rsa AAAA== myuser@system
node_group_config:
tags:
clusterid: "{{ clusterid }}"
environment: stg
ssh_key_name: myuser_key
# master specific cluster node settings
master:
instance_type: m4.xlarge
ami: ami-cdeec8b6 # if using an encrypted AMI this will be replaced
volumes:
- device_name: /dev/sdb
volume_size: 100
device_type: gp2
delete_on_termination: False
health_check:
period: 60
type: EC2
min_size: 3
max_size: 3
desired_size: 3
tags:
host-type: master
sub-host-type: default
wait_for_instances: True
# compute specific cluster node settings
compute:
instance_type: m4.xlarge
ami: ami-cdeec8b6
volumes:
- device_name: /dev/sdb
volume_size: 100
device_type: gp2
delete_on_termination: True
health_check:
period: 60
type: EC2
min_size: 3
max_size: 100
desired_size: 3
tags:
host-type: node
sub-host-type: compute
# infra specific cluster node settings
infra:
instance_type: m4.xlarge
ami: ami-cdeec8b6
volumes:
- device_name: /dev/sdb
volume_size: 100
device_type: gp2
delete_on_termination: True
health_check:
period: 60
type: EC2
min_size: 2
max_size: 20
desired_size: 2
tags:
host-type: node
sub-host-type: infra
# vpc settings
vpc:
cidr: 172.31.0.0/16
subnets:
us-east-1: # These are us-east-1 region defaults. Ensure this matches your region
- cidr: 172.31.48.0/20
az: "us-east-1c"
- cidr: 172.31.32.0/20
az: "us-east-1e"
- cidr: 172.31.16.0/20
az: "us-east-1a"
|