sudo yum -y --enablerepo=epel install ansible pyOpenSSL

#3. Edit file /etc/ansible/hosts

sudo vi /etc/ansible/hosts

##########################################
## Learn Development OKD 3.11
## Hello, Just call me Ghost

[OSEv3:children]
masters
nodes
etcd
nfs

# Set variables common for all OSEv3 hosts
[OSEv3:vars]
# SSH user, this user should allow ssh based auth without requiring a password

ansible_ssh_user=root
#ansible_become=true

os_firewall_use_firewalld=True
openshift_master_bootstrap_auto_approve=True

openshift_deployment_type=origin

#Custom CIDR Cluster Network
osm_cluster_network_cidr=10.0.0.0/16 ## If your Public IP not crush with OKD network cluster, can skip this conf
openshift_portal_net=172.30.0.0/16

#Cert
openshift_certificate_expiry_warning_days=30
openshift_certificate_expiry_show_all=no
openshift_hosted_registry_cert_expire_days=363
openshift_ca_cert_expire_days=363
openshift_node_cert_expire_days=363
openshift_master_cert_expire_days=363
etcd_ca_default_days=363


# uncomment the following to enable htpasswd authentication; defaults to DenyAllPasswordIdentityProvider
openshift_master_identity_providers=[{\'name\': \'htpasswd_auth\', \'login\': \'true\', \'challenge\': \'true\', \'kind\': \'HTPasswdPasswordIdentityProvider\'}]

openshift_master_default_subdomain=app.[DOMAIN].com
openshift_docker_insecure_registries=172.30.0.0/16

openshift_node_problem_detector_install=true


openshift_disable_check = memory_availability,disk_availability

#Enable LocalStoragePersistance
openshift_persistentlocalstorage_enabled=True
openshift_persistentlocalstorage_classes=[]
openshift_persistentlocalstorage_path=/mnt/local-storage
openshift_persistentlocalstorage_provisionner_image=quay.io/external_storage/local-volume-provisioner:v1.0.1

#Install EFK
openshift_logging_install_logging=true
openshift_logging_es_nodeselector={"node-role.kubernetes.io/infra":"true"}


#Custom Cert
openshift_logging_kibana_key=[dir]/privkey.pem
openshift_logging_kibana_cert=[dir]/cert.pem
openshift_logging_kibana_ca=[dir]/ca.pem

openshift_console_cert=[dir]/cert.pem
openshift_console_key=[dir]/privkey.pem
openshift_console_ca=[dir]/ca.pem

#FIX Error Cockpit Image Not Found
openshift_cockpit_deployer_image=danuamirudin/cockpit-k8s:latest

#Custom Public URL
openshift_master_logging_public_url=https://kibana.DOMAIN.com


#SSL
openshift_master_overwrite_named_certificates=true
openshift_master_named_certificates=[{"certfile": "/[dir]/cert.pem", "keyfile": "[dir]/privkey.pem", "names": ["okd.DOMAIN.com"], "cafile":"[dir]/ca.pem"}]

#Router SSL
#openshift_hosted_router_certificate={"certfile": "[dir]/cert.pem", "keyfile": "[dir]/privkey.pem", "cafile": "[dir]/ca.pem"}

[masters]
okd.DOMAIN.com openshift_schedulable=true containerized=false

# host group for etcd
[etcd]
okd.DOMAIN.com

[nfs]
okd.DOMAIN.com

# host group for nodes, includes region info
[nodes]
okd.DOMAIN.com openshift_node_group_name=\'node-config-master-infra\' openshift_schedulable=true
slave.DOMAIN.com openshift_node_group_name=\'node-config-compute\'