internet/awx-operator
3
0
Fork 0
mirror of https://github.com/ansible/awx-operator.git synced 2026-03-26 21:33:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
f2e43db37c0d0bbdae560edcf4926904f098c024
awx-operator/roles/installer/defaults/main.yml
Marcelo Moreira de Mello f2e43db37c Added ability to trust a custom bundle CA
2021-06-18 01:48:50 -04:00

220 lines
5.4 KiB
YAML
Raw Blame History

---
deployment_type: awx
kind: '{{ deployment_type | upper }}'
api_version: '{{ deployment_type }}.ansible.com/v1beta1'
database_name: "{{ deployment_type }}"
database_username: "{{ deployment_type }}"
task_privileged: false
service_type: ClusterIP
ingress_type: none
# Add annotations to the service account. Specify as literal block. E.g.:
# service_account_annotations: |
# eks.amazonaws.com/role-arn: arn:aws:iam::<ACCOUNT_ID>:role/<IAM_ROLE_NAME>
service_account_annotations: ''
# Custom labels for the tower service. Specify as literal block. E.g.:
# service_labels: |
# environment: non-production
# zone: internal
service_labels: ''
# Add annotations to the ingress. Specify as literal block. E.g.:
# ingress_annotations: |
# kubernetes.io/ingress.class: nginx
# nginx.ingress.kubernetes.io/proxy-connect-timeout: 60s
ingress_annotations: ''
# TLS secret for the ingress. The secret either has to exist before hand with
# the corresponding cert and key or just be an indicator for where an automated
# process like cert-manager (enabled via annotations) will store the TLS
# certificate and key.
ingress_tls_secret: ''
loadbalancer_protocol: 'http'
loadbalancer_port: '80'
loadbalancer_annotations: ''
# The TLS termination mechanism to use to access
# the services. Supported mechanism are: edge, passthrough
#
route_tls_termination_mechanism: edge
# Secret to lookup that provide the TLS specific
# credentials to deploy
#
route_tls_secret: ''
# Host to create the root with.
# If not specific will default to <instance-name>-<namespace>-<routerCanonicalHostname>
#
route_host: ''
hostname: '{{ meta.name }}.example.com'
# Add a nodeSelector for the AWX pods. It must match a node's labels for the pod
# to be scheduled on that node. Specify as literal block. E.g.:
# node_selector: |
# disktype: ssd
# kubernetes.io/arch: amd64
# kubernetes.io/os: linux
node_selector: ''
# Add node tolerations for the AWX pods. Specify as literal block. E.g.:
# tolerations: |
# - key: "dedicated"
# operator: "Equal"
# value: "AWX"
# effect: "NoSchedule"
tolerations: ''
admin_user: admin
admin_email: test@example.com
# Secret to lookup that provide the admin password
#
admin_password_secret: ''
# Secret to lookup that provide the broadcast websocket key
#
broadcast_websocket_secret: ''
# Secret to lookup that provide the secret key
#
secret_key_secret: ''
# Secret to lookup that provide the PostgreSQL configuration
#
postgres_configuration_secret: ''
# Secret to lookup that provides old database credentials (for migration)
old_postgres_configuration_secret: ''
# Secret to lookup that provides default execution environment pull credentials
#
ee_pull_credentials_secret: ''
# Add extra volumes to the AWX pod. Specify as literal block. E.g.:
# extra_volumes: |
# - name: my-volume
# emptyDir: {}
extra_volumes: ''
# Use these image versions for Ansible AWX.
image: quay.io/ansible/awx
image_version: 19.2.1
redis_image: docker.io/redis
redis_image_version: latest
postgres_image: postgres
postgres_image_version: 12
init_container_image: quay.io/centos/centos
init_container_image_version: 8
image_pull_policy: IfNotPresent
image_pull_secret: ''
ee_images:
- name: AWX EE 0.4.0
image: quay.io/ansible/awx-ee:0.4.0
control_plane_ee_image: quay.io/ansible/awx-ee:0.4.0
create_preload_data: true
replicas: "1"
task_args:
- /usr/bin/launch_awx_task.sh
task_command: []
web_args: []
web_command: []
task_resource_requirements:
requests:
cpu: 500m
memory: 1Gi
web_resource_requirements:
requests:
cpu: 1000m
memory: 2Gi
ee_resource_requirements:
requests:
cpu: 500m
memory: 1Gi
# Add extra environment variables to the AWX task/web containers. Specify as
# literal block. E.g.:
# task_extra_env: |
# - name: FOO
# value: bar
# - name: BAZ
# value: bing
task_extra_env: ''
web_extra_env: ''
ee_extra_env: ''
# Mount extra volumes on the AWX task/web containers. Specify as literal block.
# E.g.:
# task_extra_volume_mounts: ''
# - name: my-volume
# mountPath: /some/path
task_extra_volume_mounts: ''
web_extra_volume_mounts: ''
ee_extra_volume_mounts: ''
# Add a nodeSelector for the Postgres pods.
# It must match a node's labels for the pod to be scheduled on that node.
# Specify as literal block. E.g.:
# postgres_selector: |
# disktype: ssd
# kubernetes.io/arch: amd64
# kubernetes.io/os: linux
postgres_selector: ''
# Add node tolerations for the Postgres pods.
# Specify as literal block. E.g.:
# postgres_tolerations: |
# - key: "dedicated"
# operator: "Equal"
# value: "AWX"
# effect: "NoSchedule"
postgres_tolerations: ''
postgres_storage_requirements:
requests:
storage: 8Gi
postgres_resource_requirements: {}
postgres_data_path: '/var/lib/postgresql/data/pgdata'
# Persistence to the AWX project data folder
# Whether or not the /var/lib/projects directory will be persistent
projects_persistence: false
#
# Define an existing PersistentVolumeClaim to use
projects_existing_claim: ''
#
# Define the storage_class, size and access_mode
# when not using an existing claim
projects_storage_size: 8Gi
projects_storage_access_mode: ReadWriteMany
ca_trust_bundle: "/etc/pki/tls/certs/ca-bundle.crt"
# Secret to lookup that provides the LDAP CACert trusted bundle
#
ldap_cacert_secret: ''
# Secret to lookup that provides the custom CA trusted bundle
bundle_cacert_secret: ''
# Whether secrets should be garbage collected
# on teardown
#
garbage_collect_secrets: false
development_mode: false
Reference in New Issue View Git Blame Copy Permalink