internet/awx-operator
3
0
Fork 0
mirror of https://github.com/ansible/awx-operator.git synced 2026-03-26 21:33:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
e966e9299f89e77e893537eb6af184301b570dd5
awx-operator/roles/installer/defaults/main.yml
David Luong e966e9299f Resolves #918 to make no_log configurable (#923)
2022-06-16 01:03:13 -04:00

287 lines
7.3 KiB
YAML
Raw Blame History

---
deployment_type: awx
kind: '{{ deployment_type | upper }}'
api_version: '{{ deployment_type }}.ansible.com/v1beta1'
database_name: "{{ deployment_type }}"
database_username: "{{ deployment_type }}"
task_privileged: false
service_type: ClusterIP
ingress_type: none
ingress_path: '/'
ingress_path_type: 'Prefix'
# Add annotations to the service account. Specify as literal block. E.g.:
# service_account_annotations: |
# eks.amazonaws.com/role-arn: arn:aws:iam::<ACCOUNT_ID>:role/<IAM_ROLE_NAME>
service_account_annotations: ''
# Custom labels for the tower service. Specify as literal block. E.g.:
# service_labels: |
# environment: non-production
# zone: internal
service_labels: ''
# Add annotations to the ingress. Specify as literal block. E.g.:
# ingress_annotations: |
# kubernetes.io/ingress.class: nginx
# nginx.ingress.kubernetes.io/proxy-connect-timeout: 60s
ingress_annotations: ''
# TLS secret for the ingress. The secret either has to exist before hand with
# the corresponding cert and key or just be an indicator for where an automated
# process like cert-manager (enabled via annotations) will store the TLS
# certificate and key.
ingress_tls_secret: ''
loadbalancer_protocol: 'http'
loadbalancer_port: '80'
service_annotations: ''
nodeport_port: '30080'
# The TLS termination mechanism to use to access
# the services. Supported mechanism are: edge, passthrough
#
route_tls_termination_mechanism: edge
# Secret to lookup that provide the TLS specific
# credentials to deploy
#
route_tls_secret: ''
# Host to create the root with.
# If not specific will default to <instance-name>-<namespace>-<routerCanonicalHostname>
#
route_host: ''
hostname: ''
# Add a nodeSelector for the AWX pods. It must match a node's labels for the pod
# to be scheduled on that node. Specify as literal block. E.g.:
# node_selector: |
# disktype: ssd
# kubernetes.io/arch: amd64
# kubernetes.io/os: linux
node_selector: ''
# Add a topologySpreadConstraints for the AWX pods.
# Specify as literal block. E.g.:
# topology_spread_constraints: |
# - maxSkew: 100
# topologyKey: "topology.kubernetes.io/zone"
# whenUnsatisfiable: "ScheduleAnyway"
# labelSelector:
# matchLabels:
# app.kubernetes.io/name: "<resourcename>"
topology_spread_constraints: ''
# Add node tolerations for the AWX pods. Specify as literal block. E.g.:
# tolerations: |
# - key: "dedicated"
# operator: "Equal"
# value: "AWX"
# effect: "NoSchedule"
tolerations: ''
# Add annotations to awx pods. Specify as literal block. E.g.:
# annotations: |
# my.annotation/1: value
# my.annotation/2: value2
annotations: ''
admin_user: admin
admin_email: test@example.com
# Secret to lookup that provide the admin password
#
admin_password_secret: ''
# Secret to lookup that provide the broadcast websocket key
#
broadcast_websocket_secret: ''
# Secret to lookup that provide the secret key
#
secret_key_secret: ''
# Secret to lookup that provide the PostgreSQL configuration
#
postgres_configuration_secret: ''
# Secret to lookup that provides old database credentials (for migration)
old_postgres_configuration_secret: ''
# Secret to lookup that provides default execution environment pull credentials
#
ee_pull_credentials_secret: ''
# Add extra volumes to the AWX pod. Specify as literal block. E.g.:
# extra_volumes: |
# - name: my-volume
# emptyDir: {}
extra_volumes: ''
# Use these image versions for Ansible AWX.
_image: quay.io/ansible/awx
_image_version: "{{ lookup('env', 'DEFAULT_AWX_VERSION') or 'latest' }}"
_redis_image: docker.io/redis
_redis_image_version: latest
_postgres_image: postgres
_postgres_image_version: 12
_init_container_image: quay.io/centos/centos
_init_container_image_version: stream8
image_pull_policy: IfNotPresent
image_pull_secrets: []
# Extra commands which will be appended to the initContainer
# Make sure that each command entered return an exit code 0
# otherwise the initContainer will fail
# init_container_extra_commands: |
# date >> /var/lib/awx/projects/timestamp
# chgrp 1000 /shared
# chmod 775 /shared
init_container_extra_commands: ''
# Mount extra volumes on the initContainer.
# The volume used must be defined as an `extra_volumes` resource
# init_container_extra_volume_mounts: |
# - name: shared-vol
# mountPath: /shared
init_container_extra_volume_mounts: ''
ee_images:
- name: AWX EE (latest)
image: quay.io/ansible/awx-ee:latest
_control_plane_ee_image: quay.io/ansible/awx-ee:latest
create_preload_data: true
replicas: "1"
task_args:
- /usr/bin/launch_awx_task.sh
task_command: []
web_args:
- /usr/bin/launch_awx.sh
web_command: []
task_resource_requirements:
requests:
cpu: 100m
memory: 128Mi
web_resource_requirements:
requests:
cpu: 100m
memory: 128Mi
ee_resource_requirements:
requests:
cpu: 100m
memory: 64Mi
# Customize CSRF options
csrf_cookie_secure: False
session_cookie_secure: False
# Assign a preexisting priority class to the control plane pods
control_plane_priority_class: ''
redis_resource_requirements:
requests:
cpu: 50m
memory: 64Mi
# Add extra environment variables to the AWX task/web containers. Specify as
# literal block. E.g.:
# task_extra_env: |
# - name: FOO
# value: bar
# - name: BAZ
# value: bing
task_extra_env: ''
web_extra_env: ''
ee_extra_env: ''
# Mount extra volumes on the AWX task/web containers. Specify as literal block.
# E.g.:
# task_extra_volume_mounts: ''
# - name: my-volume
# mountPath: /some/path
task_extra_volume_mounts: ''
web_extra_volume_mounts: ''
ee_extra_volume_mounts: ''
# Add a nodeSelector for the Postgres pods.
# It must match a node's labels for the pod to be scheduled on that node.
# Specify as literal block. E.g.:
# postgres_selector: |
# disktype: ssd
# kubernetes.io/arch: amd64
# kubernetes.io/os: linux
postgres_selector: ''
# Add node tolerations for the Postgres pods.
# Specify as literal block. E.g.:
# postgres_tolerations: |
# - key: "dedicated"
# operator: "Equal"
# value: "AWX"
# effect: "NoSchedule"
postgres_tolerations: ''
postgres_storage_requirements:
requests:
storage: 8Gi
postgres_resource_requirements:
requests:
cpu: 10m
memory: 64Mi
postgres_init_container_resource_requirements:
requests:
cpu: 10m
memory: 64Mi
# Assign a preexisting priority class to the postgres pod
postgres_priority_class: ''
postgres_data_path: '/var/lib/postgresql/data/pgdata'
# Persistence to the AWX project data folder
# Whether or not the /var/lib/projects directory will be persistent
projects_persistence: false
#
# Define an existing PersistentVolumeClaim to use
projects_existing_claim: ''
#
# Define postgres configuration arguments to use
postgres_extra_args: ''
# Define the storage_class, size and access_mode
# when not using an existing claim
projects_storage_size: 8Gi
projects_storage_access_mode: ReadWriteMany
ca_trust_bundle: "/etc/pki/tls/certs/ca-bundle.crt"
# Secret to lookup that provides the LDAP CACert trusted bundle
#
ldap_cacert_secret: ''
# Secret to lookup that provides the LDAP bind password
ldap_password_secret: ''
# Secret to lookup that provides the custom CA trusted bundle
bundle_cacert_secret: ''
# Whether secrets should be garbage collected
# on teardown
#
garbage_collect_secrets: false
development_mode: false
security_context_settings: {}
# Set no_log settings on certain tasks
no_log: 'true'
Reference in New Issue View Git Blame Copy Permalink