mirror of
https://github.com/ansible/awx-operator.git
synced 2026-03-26 21:33:14 +00:00
191 lines
5.0 KiB
YAML
191 lines
5.0 KiB
YAML
---
|
|
deployment_type: awx
|
|
kind: '{{ deployment_type | upper }}'
|
|
api_version: '{{ deployment_type }}.ansible.com/v1beta1'
|
|
|
|
database_name: "{{ deployment_type }}"
|
|
database_username: "{{ deployment_type }}"
|
|
|
|
tower_task_privileged: false
|
|
tower_ingress_type: none
|
|
|
|
# Add annotations to the ingress. Specify as literal block. E.g.:
|
|
# tower_ingress_annotations: |
|
|
# kubernetes.io/ingress.class: nginx
|
|
# nginx.ingress.kubernetes.io/proxy-connect-timeout: 60s
|
|
tower_ingress_annotations: ''
|
|
# TLS secret for the ingress. The secret either has to exist before hand with
|
|
# the corresponding cert and key or just be an indicator for where an automated
|
|
# process like cert-manager (enabled via annotations) will store the TLS
|
|
# certificate and key.
|
|
tower_ingress_tls_secret: ''
|
|
|
|
tower_loadbalancer_protocol: 'http'
|
|
tower_loadbalancer_port: '80'
|
|
|
|
# The TLS termination mechanism to use to access
|
|
# the services. Supported mechanism are: edge, passthrough
|
|
#
|
|
tower_route_tls_termination_mechanism: edge
|
|
|
|
# Secret to lookup that provide the TLS specific
|
|
# credentials to deploy
|
|
#
|
|
tower_route_tls_secret: ''
|
|
|
|
# Host to create the root with.
|
|
# If not specific will default to <instance-name>-<namespace>-<routerCanonicalHostname>
|
|
#
|
|
tower_route_host: ''
|
|
|
|
tower_hostname: '{{ deployment_type }}.example.com'
|
|
|
|
# Add a nodeSelector for the AWX pods. It must match a node's labels for the pod
|
|
# to be scheduled on that node. Specify as literal block. E.g.:
|
|
# tower_node_selector: |
|
|
# disktype: ssd
|
|
# kubernetes.io/arch: amd64
|
|
# kubernetes.io/os: linux
|
|
tower_node_selector: ''
|
|
|
|
# Add node tolerations for the AWX pods. Specify as literal block. E.g.:
|
|
# tower_tolerations: |
|
|
# - key: "dedicated"
|
|
# operator: "Equal"
|
|
# value: "AWX"
|
|
# effect: "NoSchedule"
|
|
tower_tolerations: ''
|
|
|
|
tower_admin_user: admin
|
|
tower_admin_email: test@example.com
|
|
|
|
# Secret to lookup that provide the admin password
|
|
#
|
|
tower_admin_password_secret: ''
|
|
|
|
# Secret to lookup that provide the broadcast websocket key
|
|
#
|
|
tower_broadcast_websocket_secret: ''
|
|
|
|
# Secret to lookup that provide the secret key
|
|
#
|
|
tower_secret_key_secret: ''
|
|
|
|
# Secret to lookup that provide the PostgreSQL configuration
|
|
#
|
|
tower_postgres_configuration_secret: ''
|
|
|
|
# Secret to lookup that provides old database credentials (for migration)
|
|
|
|
tower_old_postgres_configuration_secret: ''
|
|
|
|
# Add extra volumes to the AWX pod. Specify as literal block. E.g.:
|
|
# tower_extra_volumes: |
|
|
# - name: my-volume
|
|
# emptyDir: {}
|
|
tower_extra_volumes: ''
|
|
|
|
# Use these image versions for Ansible AWX.
|
|
|
|
tower_image: quay.io/ansible/awx
|
|
tower_image_version: 19.1.0
|
|
tower_redis_image: docker.io/redis
|
|
tower_redis_image_version: latest
|
|
tower_postgres_image: postgres
|
|
tower_postgres_image_version: 12
|
|
tower_image_pull_policy: IfNotPresent
|
|
tower_image_pull_secret: ''
|
|
|
|
tower_ee_images:
|
|
- name: AWX EE 0.2.0
|
|
image: quay.io/ansible/awx-ee:0.2.0
|
|
|
|
tower_create_preload_data: true
|
|
|
|
tower_replicas: "1"
|
|
|
|
tower_task_args:
|
|
- /usr/bin/launch_awx_task.sh
|
|
tower_task_command: []
|
|
tower_web_args: []
|
|
tower_web_command: []
|
|
|
|
tower_task_resource_requirements:
|
|
requests:
|
|
cpu: 500m
|
|
memory: 1Gi
|
|
|
|
tower_web_resource_requirements:
|
|
requests:
|
|
cpu: 1000m
|
|
memory: 2Gi
|
|
|
|
# Add extra environment variables to the AWX task/web containers. Specify as
|
|
# literal block. E.g.:
|
|
# tower_task_extra_env: |
|
|
# - name: FOO
|
|
# value: bar
|
|
# - name: BAZ
|
|
# value: bing
|
|
tower_task_extra_env: ''
|
|
tower_web_extra_env: ''
|
|
|
|
# Mount extra volumes on the AWX task/web containers. Specify as literal block.
|
|
# E.g.:
|
|
# tower_task_extra_volume_mounts: ''
|
|
# - name: my-volume
|
|
# mountPath: /some/path
|
|
tower_task_extra_volume_mounts: ''
|
|
tower_web_extra_volume_mounts: ''
|
|
tower_ee_extra_volume_mounts: ''
|
|
|
|
# Add a nodeSelector for the Postgres pods.
|
|
# It must match a node's labels for the pod to be scheduled on that node.
|
|
# Specify as literal block. E.g.:
|
|
# tower_postgres_selector: |
|
|
# disktype: ssd
|
|
# kubernetes.io/arch: amd64
|
|
# kubernetes.io/os: linux
|
|
tower_postgres_selector: ''
|
|
|
|
# Add node tolerations for the Postgres pods.
|
|
# Specify as literal block. E.g.:
|
|
# tower_postgres_tolerations: |
|
|
# - key: "dedicated"
|
|
# operator: "Equal"
|
|
# value: "AWX"
|
|
# effect: "NoSchedule"
|
|
tower_postgres_tolerations: ''
|
|
tower_postgres_storage_requirements:
|
|
requests:
|
|
storage: 8Gi
|
|
tower_postgres_resource_requirements: {}
|
|
tower_postgres_storage_class: ''
|
|
tower_postgres_data_path: '/var/lib/postgresql/data/pgdata'
|
|
|
|
# Persistence to the AWX project data folder
|
|
# Whether or not the /var/lib/projects directory will be persistent
|
|
tower_projects_persistence: false
|
|
#
|
|
# Define an existing PersistentVolumeClaim to use
|
|
tower_projects_existing_claim: ''
|
|
#
|
|
# Define the storage_class, size and access_mode
|
|
# when not using an existing claim
|
|
tower_projects_storage_class: ''
|
|
tower_projects_storage_size: 8Gi
|
|
tower_projects_storage_access_mode: ReadWriteMany
|
|
|
|
ca_trust_bundle: "/etc/pki/tls/certs/ca-bundle.crt"
|
|
|
|
# Secret to lookup that provides the LDAP CACert trusted bundle
|
|
#
|
|
ldap_cacert_secret: ''
|
|
|
|
# Whether secrets should be garbage collected
|
|
# on teardown
|
|
#
|
|
tower_garbage_collect_secrets: false
|
|
|
|
development_mode: false
|