diff options
author | Rich Megginson <rmeggins@redhat.com> | 2017-05-02 08:51:51 -0600 |
---|---|---|
committer | Rich Megginson <rmeggins@redhat.com> | 2017-05-18 21:18:05 -0600 |
commit | a4c6ae5af5237bc4c09476be1c12e61b9d41fb9b (patch) | |
tree | 89550cab3eb2898df87db86c53005ab01431ccb2 /roles/openshift_logging/defaults | |
parent | be064f7be58d905874e8ebc34c8f270841b49887 (diff) | |
download | openshift-a4c6ae5af5237bc4c09476be1c12e61b9d41fb9b.tar.gz openshift-a4c6ae5af5237bc4c09476be1c12e61b9d41fb9b.tar.bz2 openshift-a4c6ae5af5237bc4c09476be1c12e61b9d41fb9b.tar.xz openshift-a4c6ae5af5237bc4c09476be1c12e61b9d41fb9b.zip |
add ability to expose Elasticsearch as an external route
This adds the ability to expose Elastisearch as a route outside of the
cluster.
- `openshift_logging_es_allow_external`: True (default is False) - if this is
True, Elasticsearch will be exposed as a Route
- `openshift_logging_es_ops_hostname`: The external facing hostname to use for
the route and the TLS server certificate (default is "es." +
`openshift_master_default_subdomain`)
There are other similar parameters for the TLS server cert, key, and CA cert.
There are other similar parameters for when the OPS cluster is deployed e.g.
`openshift_logging_es_ops_allow_external`, etc.
Diffstat (limited to 'roles/openshift_logging/defaults')
-rw-r--r-- | roles/openshift_logging/defaults/main.yml | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/roles/openshift_logging/defaults/main.yml b/roles/openshift_logging/defaults/main.yml index f43336dc4..837c54067 100644 --- a/roles/openshift_logging/defaults/main.yml +++ b/roles/openshift_logging/defaults/main.yml @@ -99,6 +99,22 @@ openshift_logging_es_config: {} openshift_logging_es_number_of_shards: 1 openshift_logging_es_number_of_replicas: 0 +# for exposing es to external (outside of the cluster) clients +openshift_logging_es_allow_external: False +openshift_logging_es_hostname: "{{ 'es.' ~ (openshift_master_default_subdomain | default('router.default.svc.cluster.local', true)) }}" + +#The absolute path on the control node to the cert file to use +#for the public facing es certs +openshift_logging_es_cert: "" + +#The absolute path on the control node to the key file to use +#for the public facing es certs +openshift_logging_es_key: "" + +#The absolute path on the control node to the CA file to use +#for the public facing es certs +openshift_logging_es_ca_ext: "" + # allow cluster-admin or cluster-reader to view operations index openshift_logging_es_ops_allow_cluster_reader: False @@ -118,6 +134,22 @@ openshift_logging_es_ops_recover_after_time: 5m openshift_logging_es_ops_storage_group: "{{ openshift_hosted_logging_elasticsearch_storage_group | default('65534') }}" openshift_logging_es_ops_nodeselector: "{{ openshift_hosted_logging_elasticsearch_ops_nodeselector | default('') | map_from_pairs }}" +# for exposing es-ops to external (outside of the cluster) clients +openshift_logging_es_ops_allow_external: False +openshift_logging_es_ops_hostname: "{{ 'es-ops.' ~ (openshift_master_default_subdomain | default('router.default.svc.cluster.local', true)) }}" + +#The absolute path on the control node to the cert file to use +#for the public facing es-ops certs +openshift_logging_es_ops_cert: "" + +#The absolute path on the control node to the key file to use +#for the public facing es-ops certs +openshift_logging_es_ops_key: "" + +#The absolute path on the control node to the CA file to use +#for the public facing es-ops certs +openshift_logging_es_ops_ca_ext: "" + # storage related defaults openshift_logging_storage_access_modes: "{{ openshift_hosted_logging_storage_access_modes | default(['ReadWriteOnce']) }}" |