What? Why?

The `openshift-ansible`_ playbooks require that various tasks be run on localhost in order to build their internal abstracted representation of the inventory list. Running potentially arbitrary code from external sources on a bastion host (which is what localhost would be as the ansible control machine) is often frowned upon. The goal here is to allow for the deployment of `openshift-ansible`_ via an intermediate host.

+---------------+                   +-------------------+
|               |                   |                   |
| bastion host  +----[ansible]----->| openshift control |
|               |                   |                   |
+---------------+                   +---------+---------+
                                              |
                                              |
                                          [ansible]
                                              |
                                              |
                                              V
+--------------------------------------------------------------------------+
|                                                                          |
|  openshift cluster                                                       |
|                                                                          |
|  +-----------+               +-----------+   +-----------+               |
|  |           |               |           |   |           |               |
|  | openshift |  ...[masters] | openshift |   | openshift |   ...[nodes]  |
|  |  master   |               |   node    |   |   node    |               |
|  |           |               |           |   |           |               |
|  +-----------+               +-----------+   +-----------+               |
|                                                                          |
+--------------------------------------------------------------------------+

How to use this

You will need to configure the inventory file inventory/inventory to contain the host names of the openshift control host and the various hosts for openshift masters and openshift nodes. The group names for the masters inventory list and the nodes inventory list needs to match the group names for openshift_cluster_masters_group and openshift_cluster_nodes_group in the file vars/variables.yml. The inventory used on the openshift control host is generated using the template templates/cluster-inventory.j2 and by default the master nodes are also used for various openshift infrastructure components of the cluster and if there are desired changes for the openshift configuration as per the OpenShift Advanced Configuration Guide, they should be made to that template.

Then you can run the playbook to run the playbook:

ansible-playbook ansible-ansible-openshift-ansible.yml -i inventory/inventory