kkrico/config.sh

## config.sh
oc cluster up --version=v3.9.0 --public-hostname=dframos.com --use-existing-config=true
oc adm policy add-cluster-role-to-user cluster-admin admin
nano /var/lib/origin/openshift.local.config/master/master-config.yaml

## config.yaml
admissionConfig:
  pluginConfig:
    GenericAdmissionWebhook:
      configuration:
        apiVersion: v1
        disable: false
        kind: DefaultAdmissionConfig
      location: ""
aggregatorConfig:
  proxyClientInfo:
    certFile: aggregator-front-proxy.crt
    keyFile: aggregator-front-proxy.key
apiLevels:
- v1
apiVersion: v1
auditConfig:
  auditFilePath: ""
  enabled: false
  logFormat: ""
  maximumFileRetentionDays: 0
  maximumFileSizeMegabytes: 0
  maximumRetainedFiles: 0
  policyConfiguration: null
  policyFile: ""
  webHookKubeConfig: ""
  webHookMode: ""
authConfig:
  requestHeader:
    clientCA: front-proxy-ca.crt
    clientCommonNames:
    - aggregator-front-proxy
    extraHeaderPrefixes:
    - X-Remote-Extra-
    groupHeaders:
    - X-Remote-Group
    usernameHeaders:
    - X-Remote-User
controllerConfig:
  controllers:
  - '*'
  election: null
  serviceServingCert:
    signer:
      certFile: service-signer.crt
      keyFile: service-signer.key
controllerLeaseTTL: 0
controllers: '*'
corsAllowedOrigins:
- //127\.0\.0\.1(:|$)
- //dframos\.com:8443$
- //localhost(:|$)
disabledFeatures: null
dnsConfig:
  allowRecursiveQueries: true
  bindAddress: 0.0.0.0:8053
  bindNetwork: tcp4
etcdClientInfo:
  ca: ca.crt
  certFile: master.etcd-client.crt
  keyFile: master.etcd-client.key
  urls:
  - https://127.0.0.1:4001
etcdConfig:
  address: 127.0.0.1:4001
  peerAddress: 127.0.0.1:7001
  peerServingInfo:
    bindAddress: 0.0.0.0:7001
    bindNetwork: tcp4
    certFile: etcd.server.crt
    clientCA: ca.crt
    keyFile: etcd.server.key
    namedCertificates: null
  servingInfo:
    bindAddress: 0.0.0.0:4001
    bindNetwork: tcp4
    certFile: etcd.server.crt
    clientCA: ca.crt
    keyFile: etcd.server.key
    namedCertificates: null
  storageDirectory: /var/lib/origin/openshift.local.etcd
etcdStorageConfig:
  kubernetesStoragePrefix: kubernetes.io
  kubernetesStorageVersion: v1
  openShiftStoragePrefix: openshift.io
  openShiftStorageVersion: v1
imageConfig:
  format: openshift/origin-${component}:v3.9.0
  latest: false
imagePolicyConfig:
  allowedRegistriesForImport:
  - domainName: docker.io
  - domainName: '*.docker.io'
  - domainName: '*.redhat.com'
  - domainName: gcr.io
  - domainName: quay.io
  - domainName: registry.centos.org
  - domainName: registry.redhat.io
  - domainName: '*.amazonaws.com'
  disableScheduledImport: false
  maxImagesBulkImportedPerRepository: 5
  maxScheduledImageImportsPerMinute: 60
  scheduledImageImportMinimumIntervalSeconds: 900
jenkinsPipelineConfig:
  autoProvisionEnabled: true
  parameters: null
  serviceName: jenkins
  templateName: jenkins-persistent
  templateNamespace: openshift
kind: MasterConfig
kubeletClientInfo:
  ca: ca.crt
  certFile: master.kubelet-client.crt
  keyFile: master.kubelet-client.key
  port: 10250
kubernetesMasterConfig:
  admissionConfig:
    pluginConfig: null
  apiLevels: null
  apiServerArguments:
    runtime-config:
    - apis/admissionregistration.k8s.io/v1alpha1=true
    storage-backend:
    - etcd3
    storage-media-type:
    - application/vnd.kubernetes.protobuf
  controllerArguments: null
  disabledAPIGroupVersions: {}
  masterCount: 1
  masterEndpointReconcileTTL: 15
  masterIP: 127.0.0.1
  podEvictionTimeout: 5m
  proxyClientInfo:
    certFile: master.proxy-client.crt
    keyFile: master.proxy-client.key
  schedulerArguments: null
  schedulerConfigFile: ""
  servicesNodePortRange: 30000-32767
  servicesSubnet: 172.30.0.0/16
  staticNodeNames: null
masterClients:
  externalKubernetesClientConnectionOverrides:
    acceptContentTypes: application/vnd.kubernetes.protobuf,application/json
    burst: 400
    contentType: application/vnd.kubernetes.protobuf
    qps: 200
  externalKubernetesKubeConfig: ""
  openshiftLoopbackClientConnectionOverrides:
    acceptContentTypes: application/vnd.kubernetes.protobuf,application/json
    burst: 600
    contentType: application/vnd.kubernetes.protobuf
    qps: 300
  openshiftLoopbackKubeConfig: openshift-master.kubeconfig
masterPublicURL: https://dframos.com:8443
networkConfig:
  clusterNetworkCIDR: 10.128.0.0/14
  clusterNetworks:
  - cidr: 10.128.0.0/14
    hostSubnetLength: 9
  externalIPNetworkCIDRs: null
  hostSubnetLength: 9
  ingressIPNetworkCIDR: 172.29.0.0/16
  networkPluginName: ""
  serviceNetworkCIDR: 172.30.0.0/16
oauthConfig:
  alwaysShowProviderSelection: false
  assetPublicURL: https://dframos.com:8443/console/
  grantConfig:
    method: auto
    serviceAccountMethod: prompt
  identityProviders:
  - name: htpasswd
    challenge: true
    login: true
    provider:
      apiVersion: v1
      kind: HTPasswdPasswordIdentityProvider
      file: /var/lib/origin/openshift.local.config/master/users.htpasswd
  masterCA: ca-bundle.crt
  masterPublicURL: https://dframos.com:8443
  masterURL: https://127.0.0.1:8443
  sessionConfig:
    sessionMaxAgeSeconds: 300
    sessionName: ssn
    sessionSecretsFile: ""
  templates: null
  tokenConfig:
    accessTokenMaxAgeSeconds: 86400
    authorizeTokenMaxAgeSeconds: 300
pauseControllers: false
policyConfig:
  bootstrapPolicyFile: policy.json
  openshiftInfrastructureNamespace: openshift-infra
  openshiftSharedResourcesNamespace: openshift
  userAgentMatchingConfig:
    defaultRejectionMessage: ""
    deniedClients: null
    requiredClients: null
projectConfig:
  defaultNodeSelector: ""
  projectRequestMessage: ""
  projectRequestTemplate: ""
  securityAllocator:
    mcsAllocatorRange: s0:/2
    mcsLabelsPerProject: 5
    uidAllocatorRange: 1000000000-1999999999/10000
routingConfig:
  subdomain: dframos.com
serviceAccountConfig:
  limitSecretReferences: false
  managedNames:
  - default
  - builder
  - deployer
  masterCA: ca-bundle.crt
  privateKeyFile: serviceaccounts.private.key
  publicKeyFiles:
  - serviceaccounts.public.key
servingInfo:
  bindAddress: 0.0.0.0:8443
  bindNetwork: tcp4
  certFile: master.server.crt
  clientCA: ca.crt
  keyFile: master.server.key
  maxRequestsInFlight: 1200
  namedCertificates: null
  requestTimeoutSeconds: 3600
volumeConfig:
  dynamicProvisioningEnabled: true
	oc cluster up --version=v3.9.0 --public-hostname=dframos.com --use-existing-config=true
	oc adm policy add-cluster-role-to-user cluster-admin admin
	nano /var/lib/origin/openshift.local.config/master/master-config.yaml
	admissionConfig:
	pluginConfig:
	GenericAdmissionWebhook:
	configuration:
	apiVersion: v1
	disable: false
	kind: DefaultAdmissionConfig
	location: ""
	aggregatorConfig:
	proxyClientInfo:
	certFile: aggregator-front-proxy.crt
	keyFile: aggregator-front-proxy.key
	apiLevels:
	- v1
	apiVersion: v1
	auditConfig:
	auditFilePath: ""
	enabled: false
	logFormat: ""
	maximumFileRetentionDays: 0
	maximumFileSizeMegabytes: 0
	maximumRetainedFiles: 0
	policyConfiguration: null
	policyFile: ""
	webHookKubeConfig: ""
	webHookMode: ""
	authConfig:
	requestHeader:
	clientCA: front-proxy-ca.crt
	clientCommonNames:
	- aggregator-front-proxy
	extraHeaderPrefixes:
	- X-Remote-Extra-
	groupHeaders:
	- X-Remote-Group
	usernameHeaders:
	- X-Remote-User
	controllerConfig:
	controllers:
	- '*'
	election: null
	serviceServingCert:
	signer:
	certFile: service-signer.crt
	keyFile: service-signer.key
	controllerLeaseTTL: 0
	controllers: '*'
	corsAllowedOrigins:
	- //127\.0\.0\.1(:\|$)
	- //dframos\.com:8443$
	- //localhost(:\|$)
	disabledFeatures: null
	dnsConfig:
	allowRecursiveQueries: true
	bindAddress: 0.0.0.0:8053
	bindNetwork: tcp4
	etcdClientInfo:
	ca: ca.crt
	certFile: master.etcd-client.crt
	keyFile: master.etcd-client.key
	urls:
	- https://127.0.0.1:4001
	etcdConfig:
	address: 127.0.0.1:4001
	peerAddress: 127.0.0.1:7001
	peerServingInfo:
	bindAddress: 0.0.0.0:7001
	bindNetwork: tcp4
	certFile: etcd.server.crt
	clientCA: ca.crt
	keyFile: etcd.server.key
	namedCertificates: null
	servingInfo:
	bindAddress: 0.0.0.0:4001
	bindNetwork: tcp4
	certFile: etcd.server.crt
	clientCA: ca.crt
	keyFile: etcd.server.key
	namedCertificates: null
	storageDirectory: /var/lib/origin/openshift.local.etcd
	etcdStorageConfig:
	kubernetesStoragePrefix: kubernetes.io
	kubernetesStorageVersion: v1
	openShiftStoragePrefix: openshift.io
	openShiftStorageVersion: v1
	imageConfig:
	format: openshift/origin-${component}:v3.9.0
	latest: false
	imagePolicyConfig:
	allowedRegistriesForImport:
	- domainName: docker.io
	- domainName: '*.docker.io'
	- domainName: '*.redhat.com'
	- domainName: gcr.io
	- domainName: quay.io
	- domainName: registry.centos.org
	- domainName: registry.redhat.io
	- domainName: '*.amazonaws.com'
	disableScheduledImport: false
	maxImagesBulkImportedPerRepository: 5
	maxScheduledImageImportsPerMinute: 60
	scheduledImageImportMinimumIntervalSeconds: 900
	jenkinsPipelineConfig:
	autoProvisionEnabled: true
	parameters: null
	serviceName: jenkins
	templateName: jenkins-persistent
	templateNamespace: openshift
	kind: MasterConfig
	kubeletClientInfo:
	ca: ca.crt
	certFile: master.kubelet-client.crt
	keyFile: master.kubelet-client.key
	port: 10250
	kubernetesMasterConfig:
	admissionConfig:
	pluginConfig: null
	apiLevels: null
	apiServerArguments:
	runtime-config:
	- apis/admissionregistration.k8s.io/v1alpha1=true
	storage-backend:
	- etcd3
	storage-media-type:
	- application/vnd.kubernetes.protobuf
	controllerArguments: null
	disabledAPIGroupVersions: {}
	masterCount: 1
	masterEndpointReconcileTTL: 15
	masterIP: 127.0.0.1
	podEvictionTimeout: 5m
	proxyClientInfo:
	certFile: master.proxy-client.crt
	keyFile: master.proxy-client.key
	schedulerArguments: null
	schedulerConfigFile: ""
	servicesNodePortRange: 30000-32767
	servicesSubnet: 172.30.0.0/16
	staticNodeNames: null
	masterClients:
	externalKubernetesClientConnectionOverrides:
	acceptContentTypes: application/vnd.kubernetes.protobuf,application/json
	burst: 400
	contentType: application/vnd.kubernetes.protobuf
	qps: 200
	externalKubernetesKubeConfig: ""
	openshiftLoopbackClientConnectionOverrides:
	acceptContentTypes: application/vnd.kubernetes.protobuf,application/json
	burst: 600
	contentType: application/vnd.kubernetes.protobuf
	qps: 300
	openshiftLoopbackKubeConfig: openshift-master.kubeconfig
	masterPublicURL: https://dframos.com:8443
	networkConfig:
	clusterNetworkCIDR: 10.128.0.0/14
	clusterNetworks:
	- cidr: 10.128.0.0/14
	hostSubnetLength: 9
	externalIPNetworkCIDRs: null
	hostSubnetLength: 9
	ingressIPNetworkCIDR: 172.29.0.0/16
	networkPluginName: ""
	serviceNetworkCIDR: 172.30.0.0/16
	oauthConfig:
	alwaysShowProviderSelection: false
	assetPublicURL: https://dframos.com:8443/console/
	grantConfig:
	method: auto
	serviceAccountMethod: prompt
	identityProviders:
	- name: htpasswd
	challenge: true
	login: true
	provider:
	apiVersion: v1
	kind: HTPasswdPasswordIdentityProvider
	file: /var/lib/origin/openshift.local.config/master/users.htpasswd
	masterCA: ca-bundle.crt
	masterPublicURL: https://dframos.com:8443
	masterURL: https://127.0.0.1:8443
	sessionConfig:
	sessionMaxAgeSeconds: 300
	sessionName: ssn
	sessionSecretsFile: ""
	templates: null
	tokenConfig:
	accessTokenMaxAgeSeconds: 86400
	authorizeTokenMaxAgeSeconds: 300
	pauseControllers: false
	policyConfig:
	bootstrapPolicyFile: policy.json
	openshiftInfrastructureNamespace: openshift-infra
	openshiftSharedResourcesNamespace: openshift
	userAgentMatchingConfig:
	defaultRejectionMessage: ""
	deniedClients: null
	requiredClients: null
	projectConfig:
	defaultNodeSelector: ""
	projectRequestMessage: ""
	projectRequestTemplate: ""
	securityAllocator:
	mcsAllocatorRange: s0:/2
	mcsLabelsPerProject: 5
	uidAllocatorRange: 1000000000-1999999999/10000
	routingConfig:
	subdomain: dframos.com
	serviceAccountConfig:
	limitSecretReferences: false
	managedNames:
	- default
	- builder
	- deployer
	masterCA: ca-bundle.crt
	privateKeyFile: serviceaccounts.private.key
	publicKeyFiles:
	- serviceaccounts.public.key
	servingInfo:
	bindAddress: 0.0.0.0:8443
	bindNetwork: tcp4
	certFile: master.server.crt
	clientCA: ca.crt
	keyFile: master.server.key
	maxRequestsInFlight: 1200
	namedCertificates: null
	requestTimeoutSeconds: 3600
	volumeConfig:
	dynamicProvisioningEnabled: true