diff options
Diffstat (limited to 'roles/openshift_node/defaults')
| -rw-r--r-- | roles/openshift_node/defaults/main.yml | 83 |
1 files changed, 77 insertions, 6 deletions
diff --git a/roles/openshift_node/defaults/main.yml b/roles/openshift_node/defaults/main.yml index fffbf2994..a7dad5b1f 100644 --- a/roles/openshift_node/defaults/main.yml +++ b/roles/openshift_node/defaults/main.yml @@ -1,15 +1,86 @@ --- -os_firewall_allow: +r_openshift_node_firewall_enabled: "{{ os_firewall_enabled | default(True) }}" +r_openshift_node_use_firewalld: "{{ os_firewall_use_firewalld | default(False) }}" + +openshift_service_type: "{{ openshift.common.service_type }}" + +openshift_image_tag: '' + +openshift_node_ami_prep_packages: +- "{{ openshift_service_type }}-master" +- "{{ openshift_service_type }}-node" +- "{{ openshift_service_type }}-docker-excluder" +- "{{ openshift_service_type }}-sdn-ovs" +- ansible +- openvswitch +- docker +- etcd +#- pcs +- haproxy +- dnsmasq +- ntp +- logrotate +- httpd-tools +- bind +- firewalld +- libselinux-python +- conntrack-tools +- openssl +- cloud-init +- iproute +- python-dbus +- PyYAML +- yum-utils +- python2-boto +- python2-boto3 +- cloud-utils-growpart +# gluster +- glusterfs-fuse +- heketi-client +# nfs +- nfs-utils +- flannel +- bash-completion +# cockpit +- cockpit-ws +- cockpit-system +- cockpit-bridge +- cockpit-docker +# iscsi +- iscsi-initiator-utils +# ceph +- ceph-common +# systemcontainer +# - runc +# - container-selinux +# - atomic +# +openshift_deployment_type: origin + +openshift_node_bootstrap: False + +r_openshift_node_os_firewall_deny: [] +r_openshift_node_os_firewall_allow: - service: Kubernetes kubelet port: 10250/tcp - service: http port: 80/tcp - service: https port: 443/tcp -- service: Openshift kubelet ReadOnlyPort - port: 10255/tcp -- service: Openshift kubelet ReadOnlyPort udp - port: 10255/udp - service: OpenShift OVS sdn port: 4789/udp - when: openshift.node.use_openshift_sdn | bool + cond: openshift.common.use_openshift_sdn | default(true) | bool +- service: Calico BGP Port + port: 179/tcp + cond: "{{ openshift.common.use_calico | bool }}" +- service: Kubernetes service NodePort TCP + port: "{{ openshift_node_port_range | default('') }}/tcp" + cond: "{{ openshift_node_port_range is defined }}" +- service: Kubernetes service NodePort UDP + port: "{{ openshift_node_port_range | default('') }}/udp" + cond: "{{ openshift_node_port_range is defined }}" + +oreg_url: '' +oreg_host: "{{ oreg_url.split('/')[0] if '.' in oreg_url.split('/')[0] else '' }}" +oreg_auth_credentials_path: "{{ openshift.common.data_dir }}/.docker" +oreg_auth_credentials_replace: False |