summaryrefslogtreecommitdiffstats
path: root/roles/openshift_logging/defaults
diff options
context:
space:
mode:
authorRich Megginson <rmeggins@redhat.com>2017-05-02 08:51:51 -0600
committerRich Megginson <rmeggins@redhat.com>2017-05-18 21:18:05 -0600
commita4c6ae5af5237bc4c09476be1c12e61b9d41fb9b (patch)
tree89550cab3eb2898df87db86c53005ab01431ccb2 /roles/openshift_logging/defaults
parentbe064f7be58d905874e8ebc34c8f270841b49887 (diff)
downloadopenshift-a4c6ae5af5237bc4c09476be1c12e61b9d41fb9b.tar.gz
openshift-a4c6ae5af5237bc4c09476be1c12e61b9d41fb9b.tar.bz2
openshift-a4c6ae5af5237bc4c09476be1c12e61b9d41fb9b.tar.xz
openshift-a4c6ae5af5237bc4c09476be1c12e61b9d41fb9b.zip
add ability to expose Elasticsearch as an external route
This adds the ability to expose Elastisearch as a route outside of the cluster. - `openshift_logging_es_allow_external`: True (default is False) - if this is True, Elasticsearch will be exposed as a Route - `openshift_logging_es_ops_hostname`: The external facing hostname to use for the route and the TLS server certificate (default is "es." + `openshift_master_default_subdomain`) There are other similar parameters for the TLS server cert, key, and CA cert. There are other similar parameters for when the OPS cluster is deployed e.g. `openshift_logging_es_ops_allow_external`, etc.
Diffstat (limited to 'roles/openshift_logging/defaults')
-rw-r--r--roles/openshift_logging/defaults/main.yml32
1 files changed, 32 insertions, 0 deletions
diff --git a/roles/openshift_logging/defaults/main.yml b/roles/openshift_logging/defaults/main.yml
index f43336dc4..837c54067 100644
--- a/roles/openshift_logging/defaults/main.yml
+++ b/roles/openshift_logging/defaults/main.yml
@@ -99,6 +99,22 @@ openshift_logging_es_config: {}
openshift_logging_es_number_of_shards: 1
openshift_logging_es_number_of_replicas: 0
+# for exposing es to external (outside of the cluster) clients
+openshift_logging_es_allow_external: False
+openshift_logging_es_hostname: "{{ 'es.' ~ (openshift_master_default_subdomain | default('router.default.svc.cluster.local', true)) }}"
+
+#The absolute path on the control node to the cert file to use
+#for the public facing es certs
+openshift_logging_es_cert: ""
+
+#The absolute path on the control node to the key file to use
+#for the public facing es certs
+openshift_logging_es_key: ""
+
+#The absolute path on the control node to the CA file to use
+#for the public facing es certs
+openshift_logging_es_ca_ext: ""
+
# allow cluster-admin or cluster-reader to view operations index
openshift_logging_es_ops_allow_cluster_reader: False
@@ -118,6 +134,22 @@ openshift_logging_es_ops_recover_after_time: 5m
openshift_logging_es_ops_storage_group: "{{ openshift_hosted_logging_elasticsearch_storage_group | default('65534') }}"
openshift_logging_es_ops_nodeselector: "{{ openshift_hosted_logging_elasticsearch_ops_nodeselector | default('') | map_from_pairs }}"
+# for exposing es-ops to external (outside of the cluster) clients
+openshift_logging_es_ops_allow_external: False
+openshift_logging_es_ops_hostname: "{{ 'es-ops.' ~ (openshift_master_default_subdomain | default('router.default.svc.cluster.local', true)) }}"
+
+#The absolute path on the control node to the cert file to use
+#for the public facing es-ops certs
+openshift_logging_es_ops_cert: ""
+
+#The absolute path on the control node to the key file to use
+#for the public facing es-ops certs
+openshift_logging_es_ops_key: ""
+
+#The absolute path on the control node to the CA file to use
+#for the public facing es-ops certs
+openshift_logging_es_ops_ca_ext: ""
+
# storage related defaults
openshift_logging_storage_access_modes: "{{ openshift_hosted_logging_storage_access_modes | default(['ReadWriteOnce']) }}"