maxamillion
Adam Millermaintainer
ansible-ansible-openshift-ansible ################################# Ansible playbooks to run ansible on a remote "openshift control" what will run `openshift-ansible`_ to deploy a cluster. What? Why? ---------- The `openshift-ansible`_ playbooks require that various tasks be run on ``localhost`` in order to build their internal abstracted representation of the inventory list. Running potentially arbitrary code from external sources on a bastion host (which is what ``localhost`` would be as the ansible control machine) is often frowned upon. The goal here is to allow for the deployment of `openshift-ansible`_ via an intermediate host. :: +---------------+ +-------------------+ | | | | | bastion host +----[ansible]----->| openshift control | | | | | +---------------+ +---------+---------+ | | [ansible] | | V +--------------------------------------------------------------------------+ | | | openshift cluster | | | | +-----------+ +-----------+ +-----------+ | | | | | | | | | | | openshift | ...[masters] | openshift | | openshift | ...[nodes] | | | master | | node | | node | | | | | | | | | | | +-----------+ +-----------+ +-----------+ | | | +--------------------------------------------------------------------------+ How to use this ---------------- You will need to configure the inventory file ``inventory/inventory`` to contain the host names of the openshift control host and the various hosts for openshift masters and openshift nodes. The group names for the masters inventory list and the nodes inventory list needs to match the group names for ``openshift_cluster_masters_group`` and ``openshift_cluster_nodes_group`` in the file ``vars/variables.yml``. The inventory used on the openshift control host is generated using the template ``templates/cluster-inventory.j2`` and by default the master nodes are also used for various openshift infrastructure components of the cluster and if there are desired changes for the openshift configuration as per the `OpenShift Advanced Configuration Guide`_, they should be made to that template. .. note:: There is a requirement to setup the SSH keys such that the bastion host can passwordless ssh into the openshift control host and such that the openshift control host can passwordless ssh into each of the hosts in the openshift cluster. This is outside the scope of this document. Then you can run the playbook to run the playbook: :: ansible-playbook ansible-ansible-openshift-ansible.yml -i inventory/inventory .. _OpenShift Advanced Configuration Guide: https://docs.openshift.org/latest/install_config/install/advanced_install.html