ocp_contentsourcepolicies
Installs an ImageContentSourcePolicy for IBM Maximo Application Suite's Maximo Operator Catalog. Optionally can also install a second ContentSourcePolicy suitable for the Red Hat Operator Catalogs created by mirror_ocp.
Warning
This doesn't work on IBMCloud ROKS. IBM Cloud RedHat OpenShift Service does not implement support for ImageContentSourcePolicies
. If you want to use image mirroring you must manually configure each worker node individually using the IBM Cloud command line tool.
Role Variables
setup_redhat_release
Instruct the role to setup ContentSourcePolicy for the mirrored release content generated by mirror_ocp. This will create an additional policy named ibm-mas-redhat-release
.
- Required
- Environment Variable:
SETUP_REDHAT_RELEASE
- Default:
False
setup_redhat_catalogs
Instruct the role to setup CatalogSources and ContentSourcePolicy for the mirror catalogs generated by mirror_ocp. This will create an additional policy named ibm-mas-redhat-catalogs
.
- Required
- Environment Variable:
SETUP_REDHAT_CATALOGS
- Default:
False
ocp_release
The Red Hat release you are configuring an image content source policy for, e.g. 4.12
.
- Required if
setup_redhat_catalogs
is enabled (not required if onlysetup_redhat_release
is used) - Environment Variable:
OCP_RELEASE
- Default: None
Role Variables - Target Registry
registry_private_host
The private hostname for the target registry
- Required
- Environment Variable:
REGISTRY_PRIVATE_HOST
- Default: None
registry_private_port
The private port number for the target registry
- Required
- Environment Variable:
REGISTRY_PRIVATE_PORT
- Default: None
registry_private_ca_file
The CA certificate presented by the registry on it's private endpoint.
- Required
- Environment Variable:
REGISTRY_PRIVATE_CA_FILE
- Default: None
registry_username
The username for the target registry.
- Required
- Environment Variable:
REGISTRY_USERNAME
- Default: None
registry_password
The password for the target registry.
- Required
- Environment Variable:
REGISTRY_PASSWORD
- Default: None
Example Playbook
- hosts: localhost
vars:
registry_private_host: myocp-5f1320191125833da1cac8216c06779e-0000.us-south.containers.appdomain.cloud
registry_private_port: 32500
registry_private_ca_file: ~/registry-ca.crt
registry_username: admin
registry_password: 8934jk77s862! # Not a real password, don't worry security folks
setup_redhat_catalogs: true
roles:
- ibm.mas_devops.ocp_contentsourcepolicy
License
EPL-2.0
Get Registry facts from environment variables if they have not been passed to the role
registry_private_host: "{{ lookup('env', 'REGISTRY_PRIVATE_HOST') }}" registry_private_port: "{{ lookup('env', 'REGISTRY_PRIVATE_PORT') }}" registry_private_url: "{{ registry_private_host }}:{{ registry_private_port }}"
registry_private_ca_file: "{{ lookup('env', 'REGISTRY_PRIVATE_CA_FILE') }}"
registry_username: "{{ lookup('env', 'REGISTRY_USERNAME') }}" registry_password: "{{ lookup('env', 'REGISTRY_PASSWORD') }}" registry_auth: "{{ registry_username }}:{{ registry_password }}"
setup_redhat_catalogs: "{{ lookup('env', 'SETUP_REDHAT_CATALOGS') | default('False', true) | bool }}"