diff options
Diffstat (limited to 'inventory/byo/hosts.ose.example')
| -rw-r--r-- | inventory/byo/hosts.ose.example | 52 |
1 files changed, 47 insertions, 5 deletions
diff --git a/inventory/byo/hosts.ose.example b/inventory/byo/hosts.ose.example index 75b1a1c0b..623e0811d 100644 --- a/inventory/byo/hosts.ose.example +++ b/inventory/byo/hosts.ose.example @@ -14,9 +14,9 @@ lb # ssh agent. ansible_ssh_user=root -# If ansible_ssh_user is not root, ansible_sudo must be set to true and the +# If ansible_ssh_user is not root, ansible_become must be set to true and the # user must be configured for passwordless sudo -#ansible_sudo=true +#ansible_become=yes # Debug level for all OpenShift components (Defaults to 2) debug_level=2 @@ -88,12 +88,26 @@ deployment_type=openshift-enterprise # htpasswd auth openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider', 'filename': '/etc/origin/master/htpasswd'}] +# Defining htpasswd users +#openshift_master_htpasswd_users={'user1': '<pre-hashed password>', 'user2': '<pre-hashed password>' +# or +#openshift_master_htpasswd_file=<path to local pre-generated htpasswd file> # Allow all auth #openshift_master_identity_providers=[{'name': 'allow_all', 'login': 'true', 'challenge': 'true', 'kind': 'AllowAllPasswordIdentityProvider'}] # LDAP auth #openshift_master_identity_providers=[{'name': 'my_ldap_provider', 'challenge': 'true', 'login': 'true', 'kind': 'LDAPPasswordIdentityProvider', 'attributes': {'id': ['dn'], 'email': ['mail'], 'name': ['cn'], 'preferredUsername': ['uid']}, 'bindDN': '', 'bindPassword': '', 'ca': '', 'insecure': 'false', 'url': 'ldap://ldap.example.com:389/ou=users,dc=example,dc=com?uid'}] +# Configuring the ldap ca certificate +#openshift_master_ldap_ca=<ca text> +# or +#openshift_master_ldap_ca_file=<path to local ca file to use> + +# Available variables for configuring certificates for other identity providers: +#openshift_master_openid_ca +#openshift_master_openid_ca_file +#openshift_master_request_header_ca +#openshift_master_request_header_ca_file # Cloud Provider Configuration # @@ -114,7 +128,7 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', #openshift_cloudprovider_openstack_auth_url=http://openstack.example.com:35357/v2.0/ #openshift_cloudprovider_openstack_username=username #openshift_cloudprovider_openstack_password=password -#openshift_cloudprovider_openstack_tenand_id=tenant_id +#openshift_cloudprovider_openstack_tenant_id=tenant_id #openshift_cloudprovider_openstack_tenant_name=tenant_name #openshift_cloudprovider_openstack_region=region #openshift_cloudprovider_openstack_lb_subnet_id=subnet_id @@ -249,7 +263,7 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', # will add the newly provided certificates to the cached set of certificates. # If you would like openshift_master_named_certificates to be overwritten with # the provided value, specify openshift_master_overwrite_named_certificates. -#openshift_master_overwrite_named_certificates: true +#openshift_master_overwrite_named_certificates=true # # Provide local certificate paths which will be deployed to masters #openshift_master_named_certificates=[{"certfile": "/path/to/custom1.crt", "keyfile": "/path/to/custom1.key"}] @@ -358,7 +372,35 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', # and configure node's dnsIP to point at the node's local dnsmasq instance. Defaults # to True for Origin 1.2 and OSE 3.2. False for 1.1 / 3.1 installs, this cannot # be used with 1.0 and 3.0. -# openshift_node_dnsmasq=False +# openshift_use_dnsmasq=False + +# Global Proxy Configuration +# These options configure HTTP_PROXY, HTTPS_PROXY, and NOPROXY environment +# variables for docker and master services. +#openshift_http_proxy=http://USER:PASSWORD@IPADDR:PORT +#openshift_https_proxy=https://USER:PASSWORD@IPADDR:PORT +#openshift_no_proxy='.hosts.example.com,some-host.com' +# +# Most environments don't require a proxy between openshift masters, nodes, and +# etcd hosts. So automatically add those hostnames to the openshift_no_proxy list. +# If all of your hosts share a common domain you may wish to disable this and +# specify that domain above. +#openshift_generate_no_proxy_hosts=True +# +# These options configure the BuildDefaults admission controller which injects +# environment variables into Builds. These values will default to their +# corresponding values above but you may set them independently. See BuildDefaults +# documentation at https://docs.openshift.org/latest/admin_guide/build_defaults_overrides.html +#openshift_builddefaults_http_proxy=openshift_http_proxy +#openshift_builddefaults_https_proxy=openshift_https_proxy +#openshift_builddefaults_no_proxy=openshift_noproxy +#openshift_builddefaults_git_http_proxy=openshift_builddefaults_http_proxy +#openshift_builddefaults_git_https_proxy=openshift_builddefaults_https_proxy +# Or you may optionally define your own serialized as json +#openshift_builddefaults_json='{"BuildDefaults":{"configuration":{"apiVersion":"v1","env":[{"name":"HTTP_PROXY","value":"http://proxy.example.com.redhat.com:3128"},{"name":"NO_PROXY","value":"ose3-master.example.com"}],"gitHTTPProxy":"http://proxy.example.com:3128","kind":"BuildDefaultsConfig"}}}' + +# masterConfig.volumeConfig.dynamicProvisioningEnabled, configurable as of 1.2/3.2, enabled by default +#openshift_master_dynamic_provisioning_enabled=False # host group for masters [masters] |