diff options
| author | Patrick Uiterwijk <puiterwijk@redhat.com> | 2017-08-22 21:12:36 +0000 |
|---|---|---|
| committer | Patrick Uiterwijk <puiterwijk@redhat.com> | 2017-08-22 21:12:36 +0000 |
| commit | a87be8843ad5fe9ab8aa4078e7d420534a8f3f7a (patch) | |
| tree | dc026c76ead7dec2dceb64d60d1b12e85a44f47a | |
| parent | 664237a7f2f6a42987c6da48a8ea4bd4c0dae384 (diff) | |
| download | ansible-a87be8843ad5fe9ab8aa4078e7d420534a8f3f7a.tar.gz ansible-a87be8843ad5fe9ab8aa4078e7d420534a8f3f7a.tar.xz ansible-a87be8843ad5fe9ab8aa4078e7d420534a8f3f7a.zip | |
Set up Openshift roles
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
| -rw-r--r-- | playbooks/groups/os-cluster.yml | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/playbooks/groups/os-cluster.yml b/playbooks/groups/os-cluster.yml index fd0f2b04e..a167f7bc4 100644 --- a/playbooks/groups/os-cluster.yml +++ b/playbooks/groups/os-cluster.yml @@ -159,3 +159,14 @@ tasks: - name: enable nrpe for monitoring (noc01) iptables: action=insert chain=INPUT destination_port=5666 protocol=tcp source=10.5.126.41 state=present jump=ACCEPT + - name: Disallow users from provisioning + command: oadm policy remove-cluster-role-from-group self-provisioner system:authenticated system:authenticated:oauth + changed_when: false + - name: Allow some users cluster admin + command: oadm policy add-cluster-role-to-user cluster-admin {{item}} + with_items: + - puiterwijk + - kevin + - codeblock + - smooge + changed_when: false |