1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
|
---
debug_level: 2
deployment_rhel7_ent_base:
# rhel-7.1, requires cloud access subscription
image: "{{ lookup('oo_option', 'ec2_image') | default('ami-10251c7a', True) }}"
image_name: "{{ lookup('oo_option', 'ec2_image_name') | default(None, True) }}"
region: "{{ lookup('oo_option', 'ec2_region') | default('us-east-1', True) }}"
ssh_user: ec2-user
become: yes
keypair: "{{ lookup('oo_option', 'ec2_keypair') | default('libra', True) }}"
type: "{{ lookup('oo_option', 'ec2_instance_type') | default('m4.large', True) }}"
security_groups: "{{ lookup('oo_option', 'ec2_security_groups') | default([ 'public' ], True) }}"
vpc_subnet: "{{ lookup('oo_option', 'ec2_vpc_subnet') | default(omit, True) }}"
assign_public_ip: "{{ lookup('oo_option', 'ec2_assign_public_ip') | default(omit, True) }}"
deployment_vars:
origin:
# centos-7, requires marketplace
image: "{{ lookup('oo_option', 'ec2_image') | default('ami-6d1c2007', True) }}"
image_name: "{{ lookup('oo_option', 'ec2_image_name') | default(None, True) }}"
region: "{{ lookup('oo_option', 'ec2_region') | default('us-east-1', True) }}"
ssh_user: centos
become: yes
keypair: "{{ lookup('oo_option', 'ec2_keypair') | default('libra', True) }}"
type: "{{ lookup('oo_option', 'ec2_instance_type') | default('m4.large', True) }}"
security_groups: "{{ lookup('oo_option', 'ec2_security_groups') | default([ 'public' ], True) }}"
vpc_subnet: "{{ lookup('oo_option', 'ec2_vpc_subnet') | default(omit, True) }}"
assign_public_ip: "{{ lookup('oo_option', 'ec2_assign_public_ip') | default(omit, True) }}"
enterprise: "{{ deployment_rhel7_ent_base }}"
openshift-enterprise: "{{ deployment_rhel7_ent_base }}"
atomic-enterprise: "{{ deployment_rhel7_ent_base }}"
clusterid: mycluster
region: us-east-1
provision:
clusterid: "{{ clusterid }}"
region: "{{ region }}"
build: # build specific variables here
ami_name: "openshift-gi-"
base_image: ami-bdd5d6ab # base image for AMI to build from
yum_repositories: # this is an example repository but it requires sslclient info
- name: openshift-repo
file: openshift-repo
description: OpenShift Builds
baseurl: https://mirror.openshift.com/enterprise/online-int/latest/x86_64/os/
enabled: yes
gpgcheck: no
sslverify: no
sslclientcert: "/var/lib/yum/client-cert.pem"
sslclientkey: "/var/lib/yum/client-key.pem"
gpgkey: "https://mirror.ops.rhcloud.com/libra/keys/RPM-GPG-KEY-redhat-release https://mirror.ops.rhcloud.com/libra/keys/RPM-GPG-KEY-redhat-beta https://mirror.ops.rhcloud.com/libra/keys/RPM-GPG-KEY-redhat-openshifthosted"
# when creating an encrypted AMI please specify use_encryption
use_encryption: False
openshift_ami_tags:
bootstrap: "true"
openshift-created: "true"
clusterid: "{{ clusterid }}"
# Use s3 backed registry storage
openshift_registry_s3: True
# if using custom certificates these are required for the ELB
iam_cert_ca:
name: "{{ clusterid }}_openshift"
cert_path: '/path/to/wildcard.<clusterid>.example.com.crt'
key_path: '/path/to/wildcard.<clusterid>.example.com.key'
chain_path: '/path/to/cert.ca.crt'
instance_users:
- key_name: myuser_key
username: myuser
pub_key: |
ssh-rsa AAAA== myuser@system
node_group_config:
tags:
clusterid: "{{ clusterid }}"
environment: stg
ssh_key_name: myuser_key
# master specific cluster node settings
master:
instance_type: m4.xlarge
ami: ami-cdeec8b6 # if using an encrypted AMI this will be replaced
volumes:
- device_name: /dev/sdb
volume_size: 100
device_type: gp2
delete_on_termination: False
health_check:
period: 60
type: EC2
min_size: 3
max_size: 3
desired_size: 3
tags:
host-type: master
sub-host-type: default
wait_for_instances: True
# compute specific cluster node settings
compute:
instance_type: m4.xlarge
ami: ami-cdeec8b6
volumes:
- device_name: /dev/sdb
volume_size: 100
device_type: gp2
delete_on_termination: True
health_check:
period: 60
type: EC2
min_size: 3
max_size: 100
desired_size: 3
tags:
host-type: node
sub-host-type: compute
# infra specific cluster node settings
infra:
instance_type: m4.xlarge
ami: ami-cdeec8b6
volumes:
- device_name: /dev/sdb
volume_size: 100
device_type: gp2
delete_on_termination: True
health_check:
period: 60
type: EC2
min_size: 2
max_size: 20
desired_size: 2
tags:
host-type: node
sub-host-type: infra
# vpc settings
vpc:
cidr: 172.31.0.0/16
subnets:
us-east-1: # These are us-east-1 region defaults. Ensure this matches your region
- cidr: 172.31.48.0/20
az: "us-east-1c"
- cidr: 172.31.32.0/20
az: "us-east-1e"
- cidr: 172.31.16.0/20
az: "us-east-1a"
|
