diff --git a/README.md b/README.md index e2284540..736e1bda 100644 --- a/README.md +++ b/README.md @@ -225,11 +225,11 @@ make deploy There are three variables that are customizable for the admin user account creation. -| Name | Description | Default | -| --------------------------- | -------------------------------------------- | ---------------- | -| admin_user | Name of the admin user | admin | -| admin_email | Email of the admin user | test@example.com | -| admin_password_secret | Secret that contains the admin user password | Empty string | +| Name | Description | Default | +| --------------------- | -------------------------------------------- | ---------------- | +| admin_user | Name of the admin user | admin | +| admin_email | Email of the admin user | test@example.com | +| admin_password_secret | Secret that contains the admin user password | Empty string | > :warning: **admin_password_secret must be a Kubernetes secret and not your text clear password**. @@ -262,10 +262,10 @@ The `service_type` supported options are: `ClusterIP`, `LoadBalancer` and `NodeP The following variables are customizable for any `service_type` -| Name | Description | Default | -| ------------------------------------- | --------------------------------------------- | --------------------------------- | -| service_labels | Add custom labels | Empty string | -| service_annotations | Add service annotations | Empty string | +| Name | Description | Default | +| ------------------- | ----------------------- | ------------ | +| service_labels | Add custom labels | Empty string | +| service_annotations | Add service annotations | Empty string | ```yaml --- @@ -282,10 +282,10 @@ spec: The following variables are customizable only when `service_type=LoadBalancer` -| Name | Description | Default | -| ------------------------------ | ---------------------------------------- | ------------- | -| loadbalancer_protocol | Protocol to use for Loadbalancer ingress | http | -| loadbalancer_port | Port used for Loadbalancer ingress | 80 | +| Name | Description | Default | +| --------------------- | ---------------------------------------- | ------- | +| loadbalancer_protocol | Protocol to use for Loadbalancer ingress | http | +| loadbalancer_port | Port used for Loadbalancer ingress | 80 | ```yaml --- @@ -308,9 +308,9 @@ The HTTPS Load Balancer also uses SSL termination at the Load Balancer level and The following variables are customizable only when `service_type=NodePort` -| Name | Description | Default | -| ------------------------------ | ---------------------------------------- | ------------- | -| nodeport_port | Port used for NodePort | 30080 | +| Name | Description | Default | +| ------------- | ---------------------- | ------- | +| nodeport_port | Port used for NodePort | 30080 | ```yaml --- @@ -338,13 +338,13 @@ spec: The following variables are customizable when `ingress_type=ingress`. The `ingress` type creates an Ingress resource as [documented](https://kubernetes.io/docs/concepts/services-networking/ingress/) which can be shared with many other Ingress Controllers as [listed](https://kubernetes.io/docs/concepts/services-networking/ingress-controllers/). -| Name | Description | Default | -| -------------------------- | ---------------------------------------- | ---------------------------- | -| ingress_annotations | Ingress annotations | Empty string | -| ingress_tls_secret | Secret that contains the TLS information | Empty string | -| hostname | Define the FQDN | {{ meta.name }}.example.com | -| ingress_path | Define the ingress path to the service | / | -| ingress_path_type | Define the type of the path (for LBs) | Prefix | +| Name | Description | Default | +| ------------------- | ---------------------------------------- | --------------------------- | +| ingress_annotations | Ingress annotations | Empty string | +| ingress_tls_secret | Secret that contains the TLS information | Empty string | +| hostname | Define the FQDN | {{ meta.name }}.example.com | +| ingress_path | Define the ingress path to the service | / | +| ingress_path_type | Define the type of the path (for LBs) | Prefix | ```yaml --- @@ -360,8 +360,8 @@ spec: The following variables are customizable when `ingress_type=route` -| Name | Description | Default | -| ------------------------------------- | --------------------------------------------- | --------------------------------------------------------| +| Name | Description | Default | +| ------------------------------- | --------------------------------------------- | ------------------------------------------------------- | | route_host | Common name the route answers for | `--` | | route_tls_termination_mechanism | TLS Termination mechanism (Edge, Passthrough) | Edge | | route_tls_secret | Secret that contains the TLS information | Empty string | @@ -460,15 +460,15 @@ spec: There are a few variables that are customizable for awx the image management. -| Name | Description | -| --------------------------| -------------------------- | -| image | Path of the image to pull | -| image_version | Image version to pull | -| image_pull_policy | The pull policy to adopt | -| image_pull_secret | The pull secret to use | -| ee_images | A list of EEs to register | -| redis_image | Path of the image to pull | -| redis_image_version | Image version to pull | +| Name | Description | +| ------------------- | ------------------------- | +| image | Path of the image to pull | +| image_version | Image version to pull | +| image_pull_policy | The pull policy to adopt | +| image_pull_secret | The pull secret to use | +| ee_images | A list of EEs to register | +| redis_image | Path of the image to pull | +| redis_image_version | Image version to pull | Example of customization could be: @@ -525,11 +525,11 @@ Again, this is the most relaxed SCC that is provided by OpenShift, so be sure to The resource requirements for both, the task and the web containers are configurable - both the lower end (requests) and the upper end (limits). -| Name | Description | Default | -| -------------------------------- | ------------------------------------------------ | ----------------------------------- | -| web_resource_requirements | Web container resource requirements | requests: {cpu: 1000m, memory: 2Gi} | -| task_resource_requirements | Task container resource requirements | requests: {cpu: 500m, memory: 1Gi} | -| ee_resource_requirements | EE control plane container resource requirements | requests: {cpu: 500m, memory: 1Gi} | +| Name | Description | Default | +| -------------------------- | ------------------------------------------------ | ----------------------------------- | +| web_resource_requirements | Web container resource requirements | requests: {cpu: 1000m, memory: 2Gi} | +| task_resource_requirements | Task container resource requirements | requests: {cpu: 500m, memory: 1Gi} | +| ee_resource_requirements | EE control plane container resource requirements | requests: {cpu: 500m, memory: 1Gi} | Example of customization could be: @@ -568,16 +568,16 @@ pods to be scheduled onto nodes with matching taints. The ability to specify topologySpreadConstraints is also allowed through `topology_spread_constraints` -| Name | Description | Default | -| -------------------------------| ---------------------------------------- | ------- | -| postgres_image | Path of the image to pull | 12 | -| postgres_image_version | Image version to pull | 12 | -| node_selector | AWX pods' nodeSelector | '' | -| topology_spread_constraints | AWX pods' topologySpreadConstraints | '' | -| tolerations | AWX pods' tolerations | '' | -| annotations | AWX pods' annotations | '' | -| postgres_selector | Postgres pods' nodeSelector | '' | -| postgres_tolerations | Postgres pods' tolerations | '' | +| Name | Description | Default | +| --------------------------- | ----------------------------------- | ------- | +| postgres_image | Path of the image to pull | 12 | +| postgres_image_version | Image version to pull | 12 | +| node_selector | AWX pods' nodeSelector | '' | +| topology_spread_constraints | AWX pods' topologySpreadConstraints | '' | +| tolerations | AWX pods' tolerations | '' | +| annotations | AWX pods' annotations | '' | +| postgres_selector | Postgres pods' nodeSelector | '' | +| postgres_tolerations | Postgres pods' tolerations | '' | Example of customization could be: @@ -619,10 +619,10 @@ In cases which you need to trust a custom Certificate Authority, there are few v Trusting a custom Certificate Authority allows the AWX to access network services configured with SSL certificates issued locally, such as cloning a project from from an internal Git server via HTTPS. It is common for these scenarios, experiencing the error [unable to verify the first certificate](https://github.com/ansible/awx-operator/issues/376). -| Name | Description | Default | -| -------------------------------- | ---------------------------------------- | --------| -| ldap_cacert_secret | LDAP Certificate Authority secret name | '' | -| bundle_cacert_secret | Certificate Authority secret name | '' | +| Name | Description | Default | +| -------------------- | -------------------------------------- | ------- | +| ldap_cacert_secret | LDAP Certificate Authority secret name | '' | +| bundle_cacert_secret | Certificate Authority secret name | '' | Please note the `awx-operator` will look for the data field `ldap-ca.crt` in the specified secret when using the `ldap_cacert_secret`, whereas the data field `bundle-ca.crt` is required for `bundle_cacert_secret` parameter. @@ -648,13 +648,13 @@ To create the secret, you can use the command below: In cases which you want to persist the `/var/lib/projects` directory, there are few variables that are customizable for the `awx-operator`. -| Name | Description | Default | -| -----------------------------------| ---------------------------------------------------------------------------------------------------- | ---------------| -| projects_persistence | Whether or not the /var/lib/projects directory will be persistent | false | -| projects_storage_class | Define the PersistentVolume storage class | '' | -| projects_storage_size | Define the PersistentVolume size | 8Gi | -| projects_storage_access_mode | Define the PersistentVolume access mode | ReadWriteMany | -| projects_existing_claim | Define an existing PersistentVolumeClaim to use (cannot be combined with `projects_storage_*`) | '' | +| Name | Description | Default | +| ---------------------------- | ---------------------------------------------------------------------------------------------- | ------------- | +| projects_persistence | Whether or not the /var/lib/projects directory will be persistent | false | +| projects_storage_class | Define the PersistentVolume storage class | '' | +| projects_storage_size | Define the PersistentVolume size | 8Gi | +| projects_storage_access_mode | Define the PersistentVolume access mode | ReadWriteMany | +| projects_existing_claim | Define an existing PersistentVolumeClaim to use (cannot be combined with `projects_storage_*`) | '' | Example of customization when the `awx-operator` automatically handles the persistent volume could be: @@ -671,14 +671,14 @@ spec: In a scenario where custom volumes and volume mounts are required to either overwrite defaults or mount configuration files. -| Name | Description | Default | -| --------------------------------- | -------------------------------------------------------- | ------- | -| extra_volumes | Specify extra volumes to add to the application pod | '' | -| web_extra_volume_mounts | Specify volume mounts to be added to Web container | '' | -| task_extra_volume_mounts | Specify volume mounts to be added to Task container | '' | -| ee_extra_volume_mounts | Specify volume mounts to be added to Execution container | '' | -| init_container_extra_volume_mounts| Specify volume mounts to be added to Init container | '' | -| init_container_extra_commands | Specify additional commands for Init container | '' | +| Name | Description | Default | +| ---------------------------------- | -------------------------------------------------------- | ------- | +| extra_volumes | Specify extra volumes to add to the application pod | '' | +| web_extra_volume_mounts | Specify volume mounts to be added to Web container | '' | +| task_extra_volume_mounts | Specify volume mounts to be added to Task container | '' | +| ee_extra_volume_mounts | Specify volume mounts to be added to Execution container | '' | +| init_container_extra_volume_mounts | Specify volume mounts to be added to Init container | '' | +| init_container_extra_commands | Specify additional commands for Init container | '' | > :warning: The `ee_extra_volume_mounts` and `extra_volumes` will only take effect to the globally available Execution Environments. For custom `ee`, please [customize the Pod spec](https://docs.ansible.com/ansible-tower/latest/html/administration/external_execution_envs.html#customize-the-pod-spec). @@ -799,11 +799,11 @@ type: kubernetes.io/dockerconfigjson If you need to export custom environment variables to your containers. -| Name | Description | Default | -| ----------------------------- | -------------------------------------------------------- | ------- | -| task_extra_env | Environment variables to be added to Task container | '' | -| web_extra_env | Environment variables to be added to Web container | '' | -| ee_extra_env | Environment variables to be added to EE container | '' | +| Name | Description | Default | +| -------------- | --------------------------------------------------- | ------- | +| task_extra_env | Environment variables to be added to Task container | '' | +| web_extra_env | Environment variables to be added to Web container | '' | +| ee_extra_env | Environment variables to be added to EE container | '' | > :warning: The `ee_extra_env` will only take effect to the globally available Execution Environments. For custom `ee`, please [customize the Pod spec](https://docs.ansible.com/ansible-tower/latest/html/administration/external_execution_envs.html#customize-the-pod-spec). @@ -826,9 +826,9 @@ Example configuration of environment variables With`extra_settings`, you can pass multiple custom settings via the `awx-operator`. The parameter `extra_settings` will be appended to the `/etc/tower/settings.py` and can be an alternative to the `extra_volumes` parameter. -| Name | Description | Default | -| ----------------------------- | -------------------------------------------------------- | ------- | -| extra_settings | Extra settings | '' | +| Name | Description | Default | +| -------------- | -------------- | ------- | +| extra_settings | Extra settings | '' | Example configuration of `extra_settings` parameter @@ -846,9 +846,9 @@ Example configuration of `extra_settings` parameter If you need to modify some `ServiceAccount` proprieties -| Name | Description | Default | -| ----------------------------- | -------------------------------------------------------- | ------- | -| service_account_annotations | Annotations to the ServiceAccount | '' | +| Name | Description | Default | +| --------------------------- | --------------------------------- | ------- | +| service_account_annotations | Annotations to the ServiceAccount | '' | Example configuration of environment variables